Contextualisation of Data Flow Diagrams for security analysis

Shamal Faily; Riccardo Scandariato; Adam Shostack; Laurens; Sion; Duncan Ki-Aries

arXiv:2006.04098·cs.CR·June 9, 2020

Contextualisation of Data Flow Diagrams for security analysis

Shamal Faily, Riccardo Scandariato, Adam Shostack, Laurens, Sion, Duncan Ki-Aries

PDF

TL;DR

This paper introduces a method to analyze tainted data flows in design-level Data Flow Diagrams by integrating them with other models, enhancing security reasoning without complicating the diagrams.

Contribution

It proposes a novel approach for contextualizing DFDs with additional models to improve security analysis of data flows.

Findings

01

Tainted data flows were successfully identified without modifying DFDs.

02

The approach enhances reasoning about security in system design.

03

Pilot study demonstrates practical applicability.

Abstract

Data flow diagrams (DFDs) are popular for sketching systems for subsequent threat modelling. Their limited semantics make reasoning about them difficult, but enriching them endangers their simplicity and subsequent ease of take up. We present an approach for reasoning about tainted data flows in design-level DFDs by putting them in context with other complementary usability and requirements models. We illustrate our approach using a pilot study, where tainted data flows were identified without any augmentations to either the DFD or its complementary models.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.