Octotrike.org
Home Docs Tools Papers Talks Contact
¤ ToorCon 2007 Presentation
Privilege-Centric Security Analysis

From the conference website:

Brenda will present a simple, uniform model for expressing both intended behavior and security problems in terms of privilege. The model, which is a work in progress for the Trike development team, applies at any point during the development process, from requirements to a deployed implementation. This model could be used to automatically combine simple attacks with intended system behavior to achieve more complicated attack goals, replacing the effort-intensive tree-based portion of traditional threat modeling techniques.

Slides

Privilege-Centric Security Analysis



Octopus

News

31 Jul 2012
Brenda Larcom will be presenting a half-day tutorial on using the current Trike spreadsheet to write security objectives at IEEE RE 2012, September 25 in Chicago, IL.

1 Jul 2012
First official spreadsheet release, 1.5.06.

1 Jul 2012
New SVN and web site organization to support parallel development of the standalone and spreadsheet tools.

Thanks

SourceForge.net Logo

Copyright © 2004-2008 Brenda Larcom, Eleanor Saitta, and Stephanie Smith. Copyright © 2009-2012 Brenda Larcom and Eleanor Saitta. All rights reserved.