A Construction Method for Grade Protection System Based on STRIDE Threat Modeling
Autor: | Zhao Dan, Zhou Zhenliu, Wang Hongjiang |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2024 |
Předmět: | |
Zdroj: | Applied Mathematics and Nonlinear Sciences, Vol 9, Iss 1 (2024) |
Druh dokumentu: | article |
ISSN: | 2444-8656 2024-1488 |
DOI: | 10.2478/amns-2024-1488 |
Popis: | In recent years, against the backdrop of the national high attention to cybersecurity, the implementation of grade protection systems has been vigorously carried out in various industries within the Internet+ environment. However, the construction of grade protection systems has gradually revealed several issues: network product providers have a weak security awareness and lack of secure development experiences, leading to systems often failing to meet their grade protection requirements; Grade protection evaluation is complex and tedious, consuming a significant amount of time and labor costs. To address the issues above, this paper proposes a construction method for grade protection systems based on STRIDE threat modeling: by establishing the correspondence between threats and grade protection requirements, threats are eliminated during the system development process while implementing the content of grade protection requirements; through the security verification of threat elimination, materials for grade protection evaluation are accumulated, and work reuse is leveraged to alleviate the workload of grade protection evaluation. Implementing this method can effectively promote the construction of grade protection systems. |
Databáze: | Directory of Open Access Journals |
Externí odkaz: |