Security design follows a threat model that is developed based on what is known about the system/application design and architecture. Based on the following scenario, utilize STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) to identify possible threats against the system.
Scenario:
You have been asked to design a Web-based User Feedback System. Users will be required to register in the system prior to first-time use. Users can then log in using the self-selected username and password. Users will be able to enter feedback comments and then log off the system.
(Uploaded image)
Deliverables:
For this assignment, you are to:
Create a report addressing each component of STRIDE based on the given scenario.
Your report should be 4–5 pages, not including the cover and reference pages, and formatted to Saudi Electronic University academic writing standards and APA style guidelines, citing references as appropriate.
It is strongly encouraged that you submit all assignments to the TurnItIn Originality Check prior to submitting it to your instructor for grading. If you are unsure how to submit an assignment to the Originality Check tool, review the TurnItIn Originality Check—Student Guide.