Mobile application Threat Modeling

Introduction
Describe Your Mobile Application Architecture
a) Describe device-specific features used by the application, wireless transmission protocols, data transmission media, interaction with hardware components, and other applications.
b) Identify the needs and requirements for application security, computing security, and device management and security.
c) Describe the operational environment and use cases.
d) Identify the operating system security and enclave/computing environment security concerns, if there are any.
Include an overview of topics such as mobile platform security, mobile protocols and security, mobile security vulnerabilities, and related technologies and their security, in your report.
Include the Mobile Application considerations that are relevant to your mobile application
What is the design of the architecture (network infrastructure, web services, trust boundaries, third-party APIs, etc.)?


What are the common hardware components?
What are the authentication specifics?
What should or shouldn’t the app do?
Define the Requirements for Your Mobile Application
What is the business function of the app?
What data does the application store/process (provide data flow diagram)?
The diagram outlines network, device file system, and application data flow
How are data transmitted between third-party APIs and app(s)?
Will there be remote access and connectivity? Read this resource about mobile VPN security, and include any of these security issues in your report.
Are there different data-handling requirements between different mobile platforms? (iOS/Android/Blackberry/Windows/J2ME)
Does the app use cloud storage APIs (e.g., Dropbox, Google Drive, iCloud, Lookout) for device data backups
Is there specific business logic built into the app to process data?
What does the data give you (or an attacker) access to? Think about data at rest and data in motion as they relate to your app.
Do stored credentials provide authentication?
Do stored keys allow attackers to break crypto functions (data integrity)?
Are third-party data being stored and/or transmitted?
What are the privacy requirements of user data? Consider, for example, a unique device identifier (UDID) or geolocation being transmitted to a third party.
Are there user privacy-specific regulatory requirements to meet?
How do other data on the device affect the app? Consider, for example, authentication credentials shared between apps.
Compare between jailbroken (i.e., a device with hacked or bypassed digital rights software) and non-jailbroken devices.
How do the differences affect app data? This can also relate to threat agent identification.
Identify Threats and Threat Agents
Identify possible threats to the mobile application and Threat agents
Outline the process for defining what threats apply to your mobile application
Does personal data intermingle with corporate data?
Identify Methods of Attack
Provide senior management an understanding of the possible methods of attack of your app.
Controls
What are the controls to prevent an attack? Conduct independent research, then define these controls by platform (e.g., Apple iOS, Android, Windows Mobile, BlackBerry).
What are the controls to detect an attack? Define these controls by platform.
What are the controls to mitigate/minimize the impact of an attack? Define these controls by platform.
What are the privacy controls (i.e., controls to protect users’ private information)? An example of this would be a security prompt for users to access an address book or geolocation.
Conclusion

 

a) Describe device-specific features used by the application, wireless transmission protocols, data transmission media, interaction with hardware components, and other applications.
b) Identify the needs and requirements for application security, computing security, and device management and security.
c) Describe the operational environment and use cases.
d) Identify the operating system security and enclave/computing environment security concerns, if there are any.
Include an overview of topics such as mobile platform security, mobile protocols and security, mobile security vulnerabilities, and related technologies and their security, in your report.
Include the Mobile Application considerations that are relevant to your mobile application
What is the design of the architecture (network infrastructure, web services, trust boundaries, third-party APIs, etc.)?
What are the common hardware components?
What are the authentication specifics?
What should or shouldn’t the app do?

Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our Guarantees

As the best, my homework help website in the world, Writersabc.com strives to deliver only high-quality finished papers to all customers. We value impeccable quality and guarantee that we will deliver on that promise more than anything else. We will deliver!
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.

Money-Back Guarantee

Have you received your finished paper but are not satisfied with what our writer submitted? You can initiate our money-back guarantee to get your money back with no strings attached.

Read more

Zero-Plagiarism Guarantee

Writersabc.com is the best my homework help website in the world. At WritersABC, we have a team of certified, tried, and tested writers who work around the clock to ensure that you receive only high-quality, 100% original finished papers.

Read more

Free-Revision Policy

At WritersABC, we guarantee all our customers of the best essay writing service in the writing industry. And that’s precisely what we strive to deliver. As such, we encourage all our customers to utilize our unlimited free-revision policy if you aren’t satisfied with your paper. Don’t accept any paper until you are 100% satisfied with it.

Read more

Privacy Policy

We value the trust that our clients accord us and respect every customers’ rights to personal data protection. We will never share, sell, or rent any information that we collect from you with any third parties. Both your personal and financial information is safe with us.

Read more

Fair-Cooperation Guarantee

We have only gotten this far with the help of our loyal customers and a team of dedicated experts. As the best, my homework help website, WritersABC implores customers to help make our writers’ work easier. Visit our fair-cooperation guarantee for more information on the same.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency