The Design And Implementation Of Threat Modeling Tool Based On B/S Architecture

With the rapid development of computer technology and Internet, the demand of reliability and security for software becomes higher and higher. Microsoft increased a series of security activities during each phase in the software development lifecycle based on traditional software engineering process in order to detect and remove security bugs as early as possible. Through increasing threat modeling in the design phase, software designers can obtain threats,attacks,vulnerability and mitigation measures in the application program or system. Based on the method and process of Microsoft threat modeling, the paper designed and implemented the threat modeling tools based on B/S architecture according to the mathematical modeling method of system. This paper's main work is as follows:(1) Summarize threats and threat modeling, Classify threat and threat modeling by adopting the method of STRIDE and Give the threat modeling process. Analyze the mathematic model of the system, and give the mathematical modeling method and procedure based on system.(2) According to the process of threat modeling and mathematical modeling method of system, design the mathematic model of threat modeling tool. The model show the information of input,output and the inner structure relationship through designing the whole structure and each subsystem structure. Then design the databases and the page layout of tool.(3) To implement the threat modeling tool based on B/S architecture, this paper use Apache as the server environment, use PHP as the main programming language and use MySQL as the backend database according to the mathematical model of having been designed. This tool compensate the shortage of Microsoft threat modeling tool, and the drawing software Graphviz in the tool have more advantage than Visio in Microsoft tool in cross-platform and using.(4) The threat modeling tool based on B/S architecture of having implemented will automatically decompose application program according to the assets information and the call relationship of having been set and analyze out the threat information and solving measures. Then evaluate and sort threat based on threat tree model, finally give the comprehensive report of threat information.(5) This paper give a case to illustrate the implemented tool, the result show that the tool can effectively detect and eliminate the risk in the design phase of application program or system and show the practical applicability and reliability of the tool.