You can create some of your own additional assumptions, as long as they are fully explained (For example, a faculty member needs to see all student grades but a student should only see their own grade.)įaculty and administrative staff have access to the applications from both internal workstations and remote systems using a VPN connection students will not be using a VPN for their remote access, but must use an encrypted channel (SSL/TLS) – you can decide how this is implemented The SSO system is used by Faculty, Administration, and Students to access the following University systems:ĭifferent roles require different permissions. You are to do this in the Microsoft Threat Modeling tool. Your CIO has asked you to draft a threat model for the university Single Sign-On (SSO) system. You are a security analysts at a large university. In this assignment, you will use the Microsoft Threat Modeling Tool (TMT-2016).
0 Comments
Leave a Reply. |