Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Threat Modeling Gameplay with EoP
  • Table Of Contents Toc
Threat Modeling Gameplay with EoP

Threat Modeling Gameplay with EoP

By : Brett Crawley
4.9 (7)
Buy this Book
close
close
Threat Modeling Gameplay with EoP

Threat Modeling Gameplay with EoP

4.9 (7)
By: Brett Crawley
Buy this Book

Overview of this book

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay. Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems. By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.
Table of Contents (18 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Chapter 1: Game Play
Icon
Chapter 1: Game Play
Icon
What you’ll need to play the EoP game
Icon
Who should participate?
Icon
How to play EoP
Icon
Summary
2
Chapter 2: Spoofing
Icon
Chapter 2: Spoofing
Icon
2. of Spoofing
Icon
3. of Spoofing
Icon
4. of Spoofing
Icon
5. of Spoofing
Icon
6. of Spoofing
Icon
7. of Spoofing I
Icon
7. of Spoofing II
Icon
8. of Spoofing
Icon
9. of Spoofing I
Icon
9. of Spoofing II
Icon
10. of Spoofing
Icon
Jack of Spoofing
Icon
Queen of Spoofing I
Icon
Queen of Spoofing II
Icon
King of Spoofing I
Icon
King of Spoofing II
Icon
Ace of Spoofing I
Icon
Ace of Spoofing II
Icon
Ace of Spoofing III
Icon
Ace of Spoofing IV
Icon
E. of Spoofing
Icon
Summary
Icon
References
3
Chapter 3: Tampering
Icon
Chapter 3: Tampering
Icon
2. of Tampering (2022 deck) I
Icon
2. of Tampering (2022 deck) II
Icon
2. of Tampering (2022 deck) III
Icon
2. of Tampering (2022 deck) IV
Icon
3. of Tampering
Icon
4. of Tampering I
Icon
4. of Tampering II
Icon
5. of Tampering I
Icon
5. of Tampering II
Icon
6. of Tampering
Icon
7. of Tampering I
Icon
7. of Tampering II
Icon
8. of Tampering
Icon
9. of Tampering I
Icon
9. of Tampering II
Icon
10. of Tampering I
Icon
10. of Tampering II
Icon
Jack of Tampering
Icon
Queen of Tampering
Icon
King of Tampering I
Icon
King of Tampering II
Icon
Ace of Tampering I
Icon
Ace of Tampering II
Icon
E of Tampering I
Icon
E of Tampering II
Icon
Summary
4
Chapter 4: Repudiation
Icon
Chapter 4: Repudiation
Icon
The importance of repudiation and its role in security
Icon
2. of Repudiation
Icon
3. of Repudiation
Icon
4. of Repudiation
Icon
5. of Repudiation
Icon
6. of Repudiation I
Icon
6. of Repudiation II
Icon
7. of Repudiation
Icon
8. of Repudiation
Icon
9. of Repudiation
Icon
10. of Repudiation
Icon
Jack of Repudiation
Icon
Queen of Repudiation I
Icon
Queen of Repudiation II
Icon
King of Repudiation I
Icon
King of Repudiation II
Icon
King of Repudiation III
Icon
Ace of Repudiation
Icon
E. of Repudiation
Icon
F. of Repudiation
Icon
G. of Repudiation
Icon
H. of Repudiation I
Icon
H. of Repudiation II
Icon
Summary
5
Chapter 5: Information Disclosure
Icon
Chapter 5: Information Disclosure
Icon
Understanding password management, key management, and cryptography
Icon
2. of Information Disclosure
Icon
3. of Information Disclosure I
Icon
3. of Information Disclosure II
Icon
4. of Information Disclosure
Icon
5. of Information Disclosure
Icon
6. of Information Disclosure
Icon
7. of Information Disclosure
Icon
8. of Information Disclosure I
Icon
8. of Information Disclosure II
Icon
9. of Information Disclosure I
Icon
9. of Information Disclosure II
Icon
10. of Information Disclosure
Icon
Jack of Information Disclosure
Icon
Queen of Information Disclosure
Icon
King of Information Disclosure
Icon
Ace of Information Disclosure I
Icon
Ace of Information Disclosure II
Icon
E of Information Disclosure
Icon
F of Information Disclosure
Icon
Summary
6
Chapter 6: Denial of Service
Icon
Chapter 6: Denial of Service
Icon
2. of Denial of Service I
Icon
2. of Denial of Service II
Icon
3. of Denial of Service I
Icon
3. of Denial of Service II
Icon
3. of Denial of Service (alternative 2022 deck)
Icon
4. of Denial of Service
Icon
4. of Denial of Service (alternative 2022 deck)
Icon
5. of Denial of Service I
Icon
5. of Denial of Service II
Icon
5. of Denial of Service (alternative 2022 deck)
Icon
6. of Denial of Service I
Icon
6. of Denial of Service II
Icon
7. of Denial of Service
Icon
8. of Denial of Service
Icon
9. of Denial of Service
Icon
10. of Denial of Service
Icon
Jack of Denial of Service I
Icon
Jack of Denial of Service II
Icon
Queen of Denial of Service I
Icon
Queen of Denial of Service II
Icon
King of Denial of Service
Icon
Ace of Denial of Service
Icon
E of Denial of Service
Icon
Summary
7
Chapter 7: Elevation of Privilege
Icon
Chapter 7: Elevation of Privilege
Icon
Some important concepts
Icon
2. of Elevation of Privilege (2022 deck)
Icon
3. of Elevation of Privilege (2022 deck) I
Icon
3. of Elevation of Privilege (2022 deck) II
Icon
4. of Elevation of Privilege (2022 deck)
Icon
5. of Elevation of Privilege I
Icon
5. of Elevation of Privilege II
Icon
6. of Elevation of Privilege
Icon
7. of Elevation of Privilege
Icon
8. of Elevation of Privilege
Icon
9. of Elevation of Privilege
Icon
10. of Elevation of Privilege
Icon
Jack of Elevation of Privilege
Icon
Queen of Elevation of Privilege I
Icon
Queen of Elevation of Privilege II
Icon
King of Elevation of Privilege I
Icon
King of Elevation of Privilege II
Icon
Ace of Elevation of Privilege
Icon
Summary
8
Chapter 8: Privacy
Icon
Chapter 8: Privacy
Icon
References used in the chapter
Icon
2 of Privacy
Icon
3 of Privacy
Icon
4. of Privacy
Icon
5. of Privacy
Icon
6. of Privacy
Icon
7. of Privacy
Icon
8. of Privacy
Icon
9. of Privacy
Icon
10. of Privacy
Icon
Jack of Privacy
Icon
Queen of Privacy
Icon
King of Privacy
Icon
Ace of Privacy
Icon
Summary
9
Chapter 9: Transfer
Icon
Chapter 9: Transfer
Icon
References used in the chapter
Icon
2. of Transfer I
Icon
2. of Transfer II
Icon
3. of Transfer
Icon
4. of Transfer
Icon
5. of Transfer
Icon
6. of Transfer
Icon
7. of Transfer
Icon
8. of Transfer I
Icon
8. of Transfer II
Icon
8. of Transfer III
Icon
9. of Transfer
Icon
Ace of Transfer
Icon
Summary
10
Chapter 10: Retention/Removal
Icon
Chapter 10: Retention/Removal
Icon
2. of Retention/Removal
Icon
3. of Retention/Removal I
Icon
3. of Retention/Removal II
Icon
4. of Retention/Removal
Icon
5. of Retention/Removal
Icon
6. of Retention/Removal
Icon
7. of Retention/Removal
Icon
8. of Retention/Removal
Icon
9. of Retention/Removal
Icon
10. of Retention/Removal
Icon
Jack of Retention/Removal
Icon
Ace of Retention/Removal
Icon
Summary
11
Chapter 11: Inference
Icon
Chapter 11: Inference
Icon
2. of Inference
Icon
3. of Inference
Icon
4. of Inference
Icon
5. of Inference
Icon
6. of Inference
Icon
7. of Inference
Icon
8. of Inference
Icon
9. of Inference
Icon
10. of Inference
Icon
Ace of Inference
Icon
Summary
12
Chapter 12: Minimization
chevron up
Icon
Chapter 12: Minimization
Icon
2. of minimization
Icon
3. of minimization
Icon
4. of minimization
Icon
5. of minimization
Icon
6. of minimization
Icon
Ace of minimization
Icon
Summary
13
Glossary
Icon
Glossary
14
Further Reading
Icon
Books and papers
Icon
Games
15
Licenses for third party content
Icon
CAPEC:
Icon
CWE:
16
Index
Icon
Index
Icon
Why subscribe?
17
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Minimization

Minimization is the act of ensuring that the data being gathered is only what is needed for the purpose intended and what the subject consented to, without gathering any unnecessary additional information.

Article 5 of the GDPR, Principles relating to the processing of personal data, states in Item 1 the following: “Personal data shall be: (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’).

Figure 12.1: The fields we don’t require are redacted

In this chapter, we’re going to look at the privacy regulations that should be observed with regard to limiting data collected to only that necessary for the task at hand (minimization) by your systems.

As with the chapter on privacy in this chapter and the other TRIM chapters, the references used will be the GDPR, CCPA, CPRA, and OECD documents that have had a strong influence...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Threat Modeling Gameplay with EoP
End of Section 12
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon