{"title":"Analysis of Threats for Web of Things (WoT) System","authors":"Jasmina Kulović, Sabina Baraković, J. Husić","doi":"10.2478/bhee-2020-0009","DOIUrl":null,"url":null,"abstract":"Abstract The Web of Things (WoT) emerges from applying Web technologies to the Internet of Things (IoT) to access information and services of physical objects. These systems are likely to characterize the future of digital environment and they put certain security issues in the story. In order to help detect potential threats to WoT-system that is being built and designed, it is advisory to implement a threat modelling process. Threat modelling is an engineering technique that can be used to identify threats, attacks, vulnerabilities and appropriate countermeasures in the context of a particular application and is a process best implemented at the system design stage. In this paper, we will analyse the threats for WoT-based door management system by using Microsoft Threat Modeling Tool (MTMT) in order to identify potential threats for this system in design phase. Obtained results justified the use of threat modelling in the design phase given that we have identified in total 89 threats, with Elevation of privilege and Denial of Service (DoS) being the most prominent ones. Those threats are characterized as high and medium risk ones.","PeriodicalId":236883,"journal":{"name":"B&H Electrical Engineering","volume":"122 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"B&H Electrical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2478/bhee-2020-0009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Abstract The Web of Things (WoT) emerges from applying Web technologies to the Internet of Things (IoT) to access information and services of physical objects. These systems are likely to characterize the future of digital environment and they put certain security issues in the story. In order to help detect potential threats to WoT-system that is being built and designed, it is advisory to implement a threat modelling process. Threat modelling is an engineering technique that can be used to identify threats, attacks, vulnerabilities and appropriate countermeasures in the context of a particular application and is a process best implemented at the system design stage. In this paper, we will analyse the threats for WoT-based door management system by using Microsoft Threat Modeling Tool (MTMT) in order to identify potential threats for this system in design phase. Obtained results justified the use of threat modelling in the design phase given that we have identified in total 89 threats, with Elevation of privilege and Denial of Service (DoS) being the most prominent ones. Those threats are characterized as high and medium risk ones.
物联网(Web of Things, WoT)是将Web技术应用于物联网(IoT),以获取物理对象的信息和服务而产生的。这些系统很可能是未来数字环境的特征,它们带来了一定的安全问题。为了帮助检测正在构建和设计的wot系统的潜在威胁,建议实施威胁建模过程。威胁建模是一种工程技术,可用于在特定应用程序的上下文中识别威胁、攻击、漏洞和适当的对策,是在系统设计阶段最好实现的过程。本文将利用微软威胁建模工具(MTMT)对基于物联网的门管理系统进行威胁分析,以便在系统设计阶段识别潜在的威胁。获得的结果证明在设计阶段使用威胁建模是合理的,因为我们已经确定了总共89种威胁,其中特权提升和拒绝服务(DoS)是最突出的威胁。这些威胁被定性为高风险和中等风险。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
