February 26, 2004

Browser Threat Model

All security models call for a threat model; it is one of the key inputs or factors in the construction of the security model. Secure browsing - SSL / HTTPS - lacked this critical analysis, and recent work over on the Mozilla Browser Project is calling for the rectification of this. Here's my attempt at a threat mode for secure browsing, in draft.

Comments welcome. One thing - I've not found any doco on how a threat model is written out, so I'm in the dark a bit. But, ignorance is no excuse for not trying...

Posted by iang at February 26, 2004 09:23 PM | TrackBack
Comments

Ian,

I suggest you remove Ponzi's from your threat model. Fraud involves a misrepresentation made to motivate the victim to voluntarily hand over his goods under false expectations. This is not a browser-specific threat. There is nothing in the design of a browser than can protect someone from fraud. So it doesn't really belong in your list of threats for that paper...

Ken

Posted by: Ken Griffith at February 27, 2004 11:17 AM

Thanks.... it's in the Internet general threat section, rather than the specific browser section, but you may be right regardless, as it looks out of place. I'll think about that...

Posted by: Ian Grigg at February 27, 2004 11:18 AM