Project Abstract

There is an increase in the number of internet users, consequently, so do the risk associated with cybercrime. This necessitates the development of applications that prioritise user safety from the beginning. This project is inspired by this threat and as a result attempts to tackle this issue by developing a social media application that contains e-commerce features while aiming to reduce the number of vulnerabilities present using a strategic design process. The research question that will be addressed is the efficacy of third-party applications like the Microsoft Threat Modelling Tool (MTMT) will have in detecting security threats as well as making the act of addressing these issues also easier. Specifically: Can MTMT significantly improve the security of web applications? This project will work with frameworks such as Laravel while prioritising the use of a Software Development Life Cycle like SCRUM to iteratively construct the application. The MTMT thread model will also be used in conjunction during design to visualize any threats and proposed mitigation strategies. Laravel provides a strong ecosystem to base the application on, while MTMT provides accessible format to visualize threats. Preliminary findings were that the threat assessment identified 185 distinct vulnerabilities, which were later mitigated through the implementation of multi-factor authentication, role-based access control. The research will therefore provide a framework that incorporates threat modelling tools into real-world applications. Showcasing the importance of incorporating secure development strategies during all stages of development but most importantly design.

Keywords: Cyber Security, Threat Modelling Tools, Secure Web Applications

 Conference Details

Session: B

Location: Sir Stanley Clarke Auditorium at 13:30 15:30

Markers: Markus Roggenbach, Nicholas Micallef

Course: BSc Computer Science 3yr FT

Future Plans: I’m looking for work