Mobile Application Threat Modeling
Title Mobile Application Threat Modeling
Step 1: Describe Your Mobile Application Architecture
- Describe device-specific features used by the application, wireless transmission protocols, data transmission media, interaction with hardware components, and other applications.
- Identify the needs and requirements for application security, computing security, and device management and security.
- Describe the operational environment and use cases.
- Identify the operating system security and enclave/computing environment security concerns, if there are any.
Step 2: Define the Requirements for Your Mobile Application
In Step 2, you will define what purpose the mobile app serves from a business perspective and what data the app will store, transmit, and receive. Include a data flow diagram to showing exactly how data are handled and managed by the application. You can use fictional information or model it after a real-world application.
Step 3: Identify Threats and Threat Agents
Now that you have identified the mobile app’s requirements, you will define its threats. In Section 3 of the report, you will:
- Identify possible threats to the mobile application
- Identify the threat agents
- Outline the process for defining what threats apply to your mobile application
Step 4: Identify Methods of Attack
In this step and in Section 4 of the report, you will identify different methods an attacker can use to reach the data. These data can be sensitive information to the device or something sensitive to the app itself.
Step 5: Analyze Mobile Application Threats
Step 6: Consider Controls
You have identified the methods of attack, and now you will discuss the controls to prevent attacks.
Answer Preview For Mobile Application Threat Modeling
Access the full answer containing 2444 words by clicking the below purchase button