The identified security threats were compared to existing threats in traditional web and mobile applications separately in order to figure out the changes when the two computing platforms come together. On applying the STRIDE threats model the following threats were identified as prominent: sensitive data exposure, weak server side controls, client side injection, and weak authentication and authorization. The STRIDE threats model has been used to identify the likely security threats to our case study. The STRIDE threats model is one among the existing threats models that is used to identify security threats that needs to be addressed in systems such as the LDC system.
There are several threat models in the literature. In addition to the processes of analysis and security specification, the methodology involves threat modeling as well. Hence the system serves as a representative of other similar setups of service delivery. The presented methodology is based on a case study Livestock Data Center (LDC) system, which is being developed and it allows both web and mobile interfaces as service delivery channels.
As an attempt to help the enterprises in dealing with the emerging security threats in the converged service delivery architecture, this paper presents a methodology for security threat analysis and security requirements specification in web/mobile applications development. As the use of web and mobile applications is becoming pervasive for service delivery and user mobility support, enterprises are now increasingly fighting against a huge number of emerging security threats which interfere with the process of service delivery.
0 kommentar(er)
