John is software designer, who is currently working on CHANSONS-KART application software which is e-business application Peter is a security testing expert who is coordinating with John for threat modelling, When these two are involved in designing the payment subsystem, what and all are the potential parameters they need to concentrate on?
Answers
Answer:
A valley is an elongated low area often running between hills or mountains, which will typically contain a river or stream running from one end to the other. Most valleys are formed by erosion of the land surface by rivers or streams over a very long period of time.
Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified, enumerated, and mitigations can be prioritized. The purpose of threat modeling is to provide defenders with a systematic analysis of what controls or defenses need to be included, given the nature of the system, the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker. Threat modeling answers questions like “Where am I most vulnerable to attack?”, “What are the most relevant threats?”, and “What do I need to do to safeguard against these threats?”.
Conceptually, most people incorporate some form of threat modeling in their daily life and don't even realize it. Commuters use threat modeling to consider what might go wrong during the morning drive to work and to take preemptive action to avoid possible accidents. Children engage in threat modeling when determining the best path toward an intended goal while avoiding the playground bully. In a more formal sense, threat modeling has been used to prioritize military defensive preparations since antiquity.