Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Threat Modeling Gameplay with EoP

You're reading from   Threat Modeling Gameplay with EoP A reference manual for spotting threats in software architecture

Arrow left icon
Product type Paperback
Published in Aug 2024
Publisher Packt
ISBN-13 9781804618974
Length 256 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Brett Crawley Brett Crawley
Author Profile Icon Brett Crawley
Brett Crawley
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Chapter 1: Game Play 2. Chapter 2: Spoofing FREE CHAPTER 3. Chapter 3: Tampering 4. Chapter 4: Repudiation 5. Chapter 5: Information Disclosure 6. Chapter 6: Denial of Service 7. Chapter 7: Elevation of Privilege 8. Chapter 8: Privacy 9. Chapter 9: Transfer 10. Chapter 10: Retention/Removal 11. Chapter 11: Inference 12. Chapter 12: Minimization 13. Glossary
14. Further Reading 15. Licenses for third party content 16. Index 17. Other Books You May Enjoy

Game Play

In this chapter, I’m going to walk you through what you need to play Elevation of Privilege (EoP) to threat model your software design. We are going to talk about how the participants should be selected to get the best results from threat modeling and why participants should have different roles in the project. Last but not least, we will see how to play the game and understand what’s the end goal of playing the game – finding out as many threats as possible. However, before we get started with all these, I would like to begin with a couple of words on what threat modeling is, as well as when you should threat model and why.

Threat modeling is a process to identify threats to and design flaws in the system you are designing. A threat is something that could go wrong in the system you are designing; it may be open to attack, it may be subject to some failure, or it may be open to human error. A mitigation is a safeguard or protection you can put in place to protect against a threat or at least reduce the risk a threat poses. So, when we threat model, we are looking for what could go wrong, how we can improve the system to stop that from happening, and finally, deciding whether we’re happy that even if the worst happened, it wouldn’t be all that bad because we’ve done a pretty good job.

When should we start? You should be able to begin threat modeling from the moment you are able to draw what your system will do and what parts it is made up of. Threat modeling is not a one-off exercise; it should be performed continually as your system evolves and it should be performed during the design phase of each version, and if the design changes during development, the process should be repeated to reflect those changes. Now, let’s look at why it should be performed so early in the software development life cycle (SDLC).

When you build a house, it’s built on foundations, and it could be extremely complicated if you need to change those foundations halfway through construction. Design flaws are usually very difficult and costly to remediate once a project is underway.

Implementation flaws, on the other hand, are not necessarily difficult to fix after the fact. Using the housing analogy again, fixing an error in the foundations may mean tearing down parts of a construction and starting again from the foundations, whereas using a faulty or weak lock in a door is simple to fix because doors are designed to support standard lock fittings, you can just change the component.

So, we can conclude that it is always a wise choice to threat model early as it’s an upfront investment that pays dividends.

Threat modeling can be used as a process for finding or eliciting security flaws in the design of a software system, although you could threat model any system. EoP is a category of threat and it is from this that the EoP card game for threat modeling takes its name. The EoP game was invented to facilitate threat modeling in teams as it prompts the participants with types of threats too.

As such, we will be covering the following main topics in the chapter:

  • What you’ll need to play the EoP game
  • Who should participate?
  • How to play EoP

By the end of the chapter, you will be familiar with the EoP card game, you will know where you can find useful resources to facilitate threat modeling with the game both remotely and in a single location, and you’ll know who to invite.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime