Trustworthy Smart Band: Security Requirements Analysis with Threat Modeling
Trustworthy Smart Band: Security Requirements Analysis with Threat Modeling
- 주제(키워드) Smart Band , Security Requirements , Threat Modeling
- 발행기관 고려대학교 정보보호대학원
- 지도교수 김휘강
- 발행년도 2019
- 학위수여년월 2019. 2
- 유형 Text
- 학위구분 석사
- 학과 정보보호대학원 정보보호학과
- 원문페이지 38 p
- 실제URI http://www.dcollection.net/handler/korea/000000083501
- UCI I804:11009-000000083501
- DOI 10.23186/korea.000000083501.11009.0000821
- 본문언어 영어
- 제출원본 000045978964
초록/요약
As smart bands make life more convenient and provide a positive lifestyle, many people are now using them. Since smart bands deal with private information, security design and implementation for smart band system become necessary. To make a trustworthy smart band, we must derive the security requirements of the system first, and then design the system satisfying the security requirements. In this paper, we apply threat modeling techniques such as Data Flow Diagram, STRIDE, and Attack Tree to the smart band system to identify threats and derive security requirements accordingly. Through threat modeling, we found the vulnerabilities of the smart band system and successfully exploited smart bands with them. To defend against these threats, we propose security measures and verify that they are secure by using Scyther which is a tool for automatic veri cation of security protocol.
more목차
1 Introduction 1
2 Preliminaries 4
2.1 Security of smart band 4
2.2 Data Flow Diagrams (DFD) 5
2.3 STRIDE 6
2.4 Scyther 8
3 Threat Modeling 9
3.1 Data Flow Diagram of Smart Band System 10
3.2 STRIDE Threat Analysis 11
3.3 Attack Tree 13
4 Security Requirements and Security Measures 17
4.1 Security Requirements 17
4.2 Security Measures 18
5 Conclusion 28
