Please see the attachements for textbook and assignment format where you need to complete it by reading the text book for Thread modelling .On page 27 in your textbook, there is a checklist for “Di

ISOL-536 Security Architecture & Design


Dr. Sherri Brinson

Dept. of Information Technology &

School of Computer and Information Sciences

University of the Cumberlands 


Summer Main 2019 – Week #3 Assignment

[ Madan Mohan Reddy Enukonda ]

On page 27 in your textbook, there is a checklist for “Diving in and Threat Modeling”. But before you can do that, you have to fully understand what the checklist is asking you to do. After each checklist item, provide your own definition of what you think the question means.

  1. Can we tell a story without changing the diagram?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  1. Can we tell that story without using words such as “sometimes” or “also?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  2. Can we look at the diagram and see exactly where the software will make a security decision? Explain what this question means to you? And then provide your answer to the question.
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  3. Does the diagram show all the trust boundaries, such as where different accounts interact? Do you cover all UIDs, all application roles, and all network interface?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  4. Does the diagram reflect the current or planned reality of the software?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  1. Can we see where all the data goes and who uses it?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not.

  2. Do we see the processes that move data from one data store to another?
    Assignment: Explain what this question means to you? And then provide your answer to the question of why or why not