Security Architecture and Design

Lesson 13: Threats to web and cloudRequired Readings Chapter 13, “Web and Cloud Threats”Assignment Article/paper review

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
Security Architecture and Design
Just from $13/Page
Order Essay

ISOL 536
Security Architecture and Design
Threat Modeling
Session 13a
Web Threats
Cloud Threats
• Web threats
• Cloud threats
• Reading: Chapter 13
Web Threats
• The web is software like other software
• There are specific attack classes like Cross Site
Scripting (XSS)
– In much the same way that stack smashing is a
“feature” of C or other weakly typed languages
– Threat modeling not needed to help find these
– Finding these in TM is a distraction from the
unique threats to your software
Web Site Threats
• Attack surface/Trust boundaries
• Dependencies
• Not showing outbound links
– Is Google analytics safe? (We hope so—it’s on
each page!)
• Model helps you consider
each part &
Google Analytics
Web hosting
Textbook web site
Browser Threats
• Mostly the job of a small number of browser
• Your job when writing a plugin
– Manage security & privacy
• Literature reviews & careful checking of
browser API guidance
Cloud Threats
• New insiders
– At the cloud provider — How do they compare to
other IT outsourcing?
• New trust boundary (update your diagram)
– Co-tennants as threats
• Compliance threats
– Regulation: what needs to be compliant?
– Audit & logging: what’s logged where and how?
– Can your controls migrate?
Cloud Threats (2)
• Legal
– In US, subpoena rules change if you give your data
to others (“3rd party doctrine”)
• May affect privacy expectations
• Forensic
– Can you get the hard drives, etc for analysis?
• Integrity
– Creation and management of virtual machines
• To threat model web sites, focus on
dependencies and unique functionality
• Cloud: focus on trust boundaries

Purchase answer to see full

Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages

Order your essay today and save 15% with the discount code ESSAYHELP