 |
|
|
|
|
2006 MCS Divisional Seminars & Colloquia |
|
Microsoft's Approach to Systemantically Identifying Security Threats in a Software DesignMike Howard Microsoft |
|
| Abstract |
This talk describes the processes that Microsoft has developed in order to make software secure against outside threats. The approach involves multiple phases, including describing an application using dataflow diagrams, identifying the assets that need to be protected within an application, identifying threat types, and using threat trees to determine the security questions to be addressed in the application design phase. |
| [MCS | Research | Resources | People | Collaboration | Software | Publications | Information] | |||
|
