Threat modeling begins with a clear understanding of the system in question. There are several areas to consider when trying to understand possible threats to an application. The areas of concern include the mobile application structure, the data, identifying threat agents and methods of attack, and controls to prevent attacks. The threat model should be created with an outline or checklist of items that need to be documented, reviewed, and discussed when developing a mobile application. In this project, you will create a threat model. There are seven steps, which will lead you through this project, beginning with the scenario as it might occur in the workplace, and continuing with Step 1: Describe Your Mobile Application Architecture. Most steps in this project should take no more than two hours to complete, and the project as a whole should take no more than two weeks to complete. The following are the deliverables for this project: Threat Model Report: An eight- to 10-page double-spaced Word document with citations in APA format. The report should include your findings and any recommendations for mitigating the threats found. The page count does not include figures, diagrams, tables, or citations. Step 1: Describe Your Mobile Application Architecture In your role as a cyber threat analyst, senior management has asked you to identify how a particular mobile application of your choosing conforms to mobile architecture standards. You are asked to: Describe device-specific features used by the application, wireless transmission protocols, data transmission media, interaction with hardware components, and other applications. Identify the needs and requirements for application security, computing security, and device management and security. Describe the operational environment and use cases. Identify the operating system security and enclave/computing environment security concerns, if there are any. This can be fictional or modeled after a real-world application. This will be part of your final report. Click the following links and review the topics and their resources. These resources will guide you in completing this task: network security threats threat modeling mobile architectures application security operating system security enclave/computing environment Begin by first reviewing the OWASP Mobile Security Project Testing Guide . Architecture Considerations Although mobile applications vary in function, they can be described in general as follows: wireless interfaces transmission type hardware interaction interaction with on device applications/services interaction with off device applications/services encryption protocols platforms In Section 1 of your research report, you will focus your discussion on the security threats, vulnerabilities, and mitigations of the above considerations. The following resources will continue to educate your management about mobile devices and mobile application security: mobile platform security , mobile protocols and security , mobile security vulnerabilities, and related technologies and their security. Related technologies can include the hardware and software needed to interoperate with mobile devices and mobile applications. Include an overview of these topics in your report. Use Mobile Application and Architecture Considerations to review the architectural considerations for mobile applications and architecture. Then, include those that are relevant to your mobile application in your report to senior management. Address the following questions: What is the design of the architecture (network infrastructure, web services, trust boundaries, third-party APIs, etc.)? What are the common hardware components? What are the authentication specifics? What should or shouldn’t the app do? You will include this information in your report. When you have completed the work for Section 1, describing the architecture for your app, move on to the next step, where you will define the requi…
Looking for solution of this Assignment?
WHY CHOOSE US?
We deliver quality original papers |
Our experts write quality original papers using academic databases.We dont use AI in our work. We refund your money if AI is detected |
Free revisions |
We offer our clients multiple free revisions just to ensure you get what you want. |
Discounted prices |
All our prices are discounted which makes it affordable to you. Use code FIRST15 to get your discount |
100% originality |
We deliver papers that are written from scratch to deliver 100% originality. Our papers are free from plagiarism and NO similarity.We have ZERO TOLERANCE TO USE OF AI |
On-time delivery |
We will deliver your paper on time even on short notice or short deadline, overnight essay or even an urgent essay |