Book Image

Threat Modeling

By : Adam Shostack
Book Image

Threat Modeling

By: Adam Shostack

Overview of this book

As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is critical. This book will give you the confidence to design secure software products and systems and test their designs against threats. This book is the only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier?s Secrets and Lies and Applied Cryptography! The book starts with an introduction to threat modeling and focuses on the key new skills that you'll need to threat model and lays out a methodology that's designed for people who are new to threat modeling. Next, you?ll explore approaches to find threats and study the advantages and disadvantages of each approach. Moving ahead, you?ll manage threats and learn about the activities involved in threat modeling. You?ll also focus on threat modeling of specific technologies and find out tricky areas and learn to address them. Towards the end, you?ll shift your attention to the future of threat modeling and its approaches in your organization. By the end of this book, you?ll be able to use threat modeling in the security development lifecycle and in the overall software and systems design processes.
Table of Contents (15 chapters)
Free Chapter
End User License Agreement

Chapter 15
Human Factors and Usability

Usable security matters because people are an important element in the security of any system. If you don't consider how people will use your system, the odds are against them using it well. The security usability community is learning to model people, the sorts of decisions you need them to make, and the sorts of scenarios in which they act. The toolbox for addressing these issues is small but growing, and the tools are not yet as prescriptive as you might like. As such, this chapter gives you (in particular the security expert) deeper background than some other chapters, and the best advice available.

Because humans are different from other elements of security, and because the models, threats, and means of addressing them are different, this chapter covers challenges of modeling human factors in terms of security, and the techniques available to address them.

The chapter starts with models of people, as they motivate everything in this chapter...