Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Threat Modeling Gameplay with EoP
  • Table Of Contents Toc
Threat Modeling Gameplay with EoP

Threat Modeling Gameplay with EoP

By : Brett Crawley
4.9 (7)
Buy this Book
close
close
Threat Modeling Gameplay with EoP

Threat Modeling Gameplay with EoP

4.9 (7)
By: Brett Crawley
Buy this Book

Overview of this book

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay. Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems. By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.
Table of Contents (18 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Chapter 1: Game Play
Icon
Chapter 1: Game Play
Icon
What you’ll need to play the EoP game
Icon
Who should participate?
Icon
How to play EoP
Icon
Summary
2
Chapter 2: Spoofing
Icon
Chapter 2: Spoofing
Icon
2. of Spoofing
Icon
3. of Spoofing
Icon
4. of Spoofing
Icon
5. of Spoofing
Icon
6. of Spoofing
Icon
7. of Spoofing I
Icon
7. of Spoofing II
Icon
8. of Spoofing
Icon
9. of Spoofing I
Icon
9. of Spoofing II
Icon
10. of Spoofing
Icon
Jack of Spoofing
Icon
Queen of Spoofing I
Icon
Queen of Spoofing II
Icon
King of Spoofing I
Icon
King of Spoofing II
Icon
Ace of Spoofing I
Icon
Ace of Spoofing II
Icon
Ace of Spoofing III
Icon
Ace of Spoofing IV
Icon
E. of Spoofing
Icon
Summary
Icon
References
3
Chapter 3: Tampering
Icon
Chapter 3: Tampering
Icon
2. of Tampering (2022 deck) I
Icon
2. of Tampering (2022 deck) II
Icon
2. of Tampering (2022 deck) III
Icon
2. of Tampering (2022 deck) IV
Icon
3. of Tampering
Icon
4. of Tampering I
Icon
4. of Tampering II
Icon
5. of Tampering I
Icon
5. of Tampering II
Icon
6. of Tampering
Icon
7. of Tampering I
Icon
7. of Tampering II
Icon
8. of Tampering
Icon
9. of Tampering I
Icon
9. of Tampering II
Icon
10. of Tampering I
Icon
10. of Tampering II
Icon
Jack of Tampering
Icon
Queen of Tampering
Icon
King of Tampering I
Icon
King of Tampering II
Icon
Ace of Tampering I
Icon
Ace of Tampering II
Icon
E of Tampering I
Icon
E of Tampering II
Icon
Summary
4
Chapter 4: Repudiation
Icon
Chapter 4: Repudiation
Icon
The importance of repudiation and its role in security
Icon
2. of Repudiation
Icon
3. of Repudiation
Icon
4. of Repudiation
Icon
5. of Repudiation
Icon
6. of Repudiation I
Icon
6. of Repudiation II
Icon
7. of Repudiation
Icon
8. of Repudiation
Icon
9. of Repudiation
Icon
10. of Repudiation
Icon
Jack of Repudiation
Icon
Queen of Repudiation I
Icon
Queen of Repudiation II
Icon
King of Repudiation I
Icon
King of Repudiation II
Icon
King of Repudiation III
Icon
Ace of Repudiation
Icon
E. of Repudiation
Icon
F. of Repudiation
Icon
G. of Repudiation
Icon
H. of Repudiation I
Icon
H. of Repudiation II
Icon
Summary
5
Chapter 5: Information Disclosure
Icon
Chapter 5: Information Disclosure
Icon
Understanding password management, key management, and cryptography
Icon
2. of Information Disclosure
Icon
3. of Information Disclosure I
Icon
3. of Information Disclosure II
Icon
4. of Information Disclosure
Icon
5. of Information Disclosure
Icon
6. of Information Disclosure
Icon
7. of Information Disclosure
Icon
8. of Information Disclosure I
Icon
8. of Information Disclosure II
Icon
9. of Information Disclosure I
Icon
9. of Information Disclosure II
Icon
10. of Information Disclosure
Icon
Jack of Information Disclosure
Icon
Queen of Information Disclosure
Icon
King of Information Disclosure
Icon
Ace of Information Disclosure I
Icon
Ace of Information Disclosure II
Icon
E of Information Disclosure
Icon
F of Information Disclosure
Icon
Summary
6
Chapter 6: Denial of Service
Icon
Chapter 6: Denial of Service
Icon
2. of Denial of Service I
Icon
2. of Denial of Service II
Icon
3. of Denial of Service I
Icon
3. of Denial of Service II
Icon
3. of Denial of Service (alternative 2022 deck)
Icon
4. of Denial of Service
Icon
4. of Denial of Service (alternative 2022 deck)
Icon
5. of Denial of Service I
Icon
5. of Denial of Service II
Icon
5. of Denial of Service (alternative 2022 deck)
Icon
6. of Denial of Service I
Icon
6. of Denial of Service II
Icon
7. of Denial of Service
Icon
8. of Denial of Service
Icon
9. of Denial of Service
Icon
10. of Denial of Service
Icon
Jack of Denial of Service I
Icon
Jack of Denial of Service II
Icon
Queen of Denial of Service I
Icon
Queen of Denial of Service II
Icon
King of Denial of Service
Icon
Ace of Denial of Service
Icon
E of Denial of Service
Icon
Summary
7
Chapter 7: Elevation of Privilege
Icon
Chapter 7: Elevation of Privilege
Icon
Some important concepts
Icon
2. of Elevation of Privilege (2022 deck)
Icon
3. of Elevation of Privilege (2022 deck) I
Icon
3. of Elevation of Privilege (2022 deck) II
Icon
4. of Elevation of Privilege (2022 deck)
Icon
5. of Elevation of Privilege I
Icon
5. of Elevation of Privilege II
Icon
6. of Elevation of Privilege
Icon
7. of Elevation of Privilege
Icon
8. of Elevation of Privilege
Icon
9. of Elevation of Privilege
Icon
10. of Elevation of Privilege
Icon
Jack of Elevation of Privilege
Icon
Queen of Elevation of Privilege I
Icon
Queen of Elevation of Privilege II
Icon
King of Elevation of Privilege I
Icon
King of Elevation of Privilege II
Icon
Ace of Elevation of Privilege
Icon
Summary
8
Chapter 8: Privacy
chevron up
Icon
Chapter 8: Privacy
Icon
References used in the chapter
Icon
2 of Privacy
Icon
3 of Privacy
Icon
4. of Privacy
Icon
5. of Privacy
Icon
6. of Privacy
Icon
7. of Privacy
Icon
8. of Privacy
Icon
9. of Privacy
Icon
10. of Privacy
Icon
Jack of Privacy
Icon
Queen of Privacy
Icon
King of Privacy
Icon
Ace of Privacy
Icon
Summary
9
Chapter 9: Transfer
Icon
Chapter 9: Transfer
Icon
References used in the chapter
Icon
2. of Transfer I
Icon
2. of Transfer II
Icon
3. of Transfer
Icon
4. of Transfer
Icon
5. of Transfer
Icon
6. of Transfer
Icon
7. of Transfer
Icon
8. of Transfer I
Icon
8. of Transfer II
Icon
8. of Transfer III
Icon
9. of Transfer
Icon
Ace of Transfer
Icon
Summary
10
Chapter 10: Retention/Removal
Icon
Chapter 10: Retention/Removal
Icon
2. of Retention/Removal
Icon
3. of Retention/Removal I
Icon
3. of Retention/Removal II
Icon
4. of Retention/Removal
Icon
5. of Retention/Removal
Icon
6. of Retention/Removal
Icon
7. of Retention/Removal
Icon
8. of Retention/Removal
Icon
9. of Retention/Removal
Icon
10. of Retention/Removal
Icon
Jack of Retention/Removal
Icon
Ace of Retention/Removal
Icon
Summary
11
Chapter 11: Inference
Icon
Chapter 11: Inference
Icon
2. of Inference
Icon
3. of Inference
Icon
4. of Inference
Icon
5. of Inference
Icon
6. of Inference
Icon
7. of Inference
Icon
8. of Inference
Icon
9. of Inference
Icon
10. of Inference
Icon
Ace of Inference
Icon
Summary
12
Chapter 12: Minimization
Icon
Chapter 12: Minimization
Icon
2. of minimization
Icon
3. of minimization
Icon
4. of minimization
Icon
5. of minimization
Icon
6. of minimization
Icon
Ace of minimization
Icon
Summary
13
Glossary
Icon
Glossary
14
Further Reading
Icon
Books and papers
Icon
Games
15
Licenses for third party content
Icon
CAPEC:
Icon
CWE:
16
Index
Icon
Index
Icon
Why subscribe?
17
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Privacy

Data privacy is about having sovereignty over your personal data and how that data is used. The Organization for Economic Co-Operation and Development (OECD) in 2013 defined eight principles of data privacy on which the General Data Protection Regulation (GDPR) was later based in 2016. Although GDPR only has seven principles (listed as follows), its documentation is noticeably similar to the OECD document:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability

There were some important additions to GDPR, such as the right to be forgotten and that the personal data of European citizens should not be transferred to a country where there is weaker protection of it.

Figure 8.1: Personal information being shared without your consent

In this chapter, we will cover the threats described on the cards from the Privacy...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Threat Modeling Gameplay with EoP
End of Section 8
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon