logo

Mobile Application Threat Modeling

Identify and describe the mobile application architecture, including device-specific features, security requirements, operational environment, and design considerations.

14 Pages3127 Words21 Views
   

Added on  2023-03-20

About This Document

This document provides an overview of mobile application threat modeling, including the architecture, design, threats, and controls. It discusses the common hardware components, authentication specifics, OS stack and security model, and requirements for mobile applications. The document also covers the methods of attack and analysis of mobile application threats, along with the controls to mitigate these threats. It concludes with a discussion on the importance of securing mobile applications and the benefits of using Intune for enterprise mobility management.

Mobile Application Threat Modeling

Identify and describe the mobile application architecture, including device-specific features, security requirements, operational environment, and design considerations.

   Added on 2023-03-20

ShareRelated Documents
Mobile Application Threat Modeling
Student’s name
Institution Affiliation(s)
Mobile Application Threat Modeling_1
Table of Contents
Mobile Application Architecture.....................................................................................................2
Design of the architecture:...........................................................................................................2
Common Hardware components..................................................................................................4
Authentication Specifics..............................................................................................................5
OS stack and security model........................................................................................................5
Requirements for Mobile Application.............................................................................................6
Threats and Threat Agents...............................................................................................................9
Methods of Attack.........................................................................................................................10
Analysis of Mobile Application Threats........................................................................................11
Controls..........................................................................................................................................11
Conclusion.....................................................................................................................................12
References......................................................................................................................................13
1
Mobile Application Threat Modeling_2
Mobile Application Architecture
In today’s work environment, there is the growing reality that executives, managers, and
staff employees are going beyond being stationary in a cubicle. There is a growing culture of
workers to have mobile access to our company’s databases and servers. Staff members from
CEOs to entry levels are now working from remote locations that could be from one to thousands
of miles away from the office or servers (Salazar & Brambilla, 2015). With the fast-pace
increase of mobile applications and the flexibility that mobile devices provide, we are excited to
introduce a product that will simultaneously increase productivity and security for our company.
The product is called Intune, a cloud-based service designed for enterprise mobility
management (EMM) by Microsoft. Intune can be installed on Android, iOS, Windows, and
macOS devices which are accessible through the Play Store (Android) and App Store (iOS). At
the present time, our staff uses both Android and iOS devices with the latest malware protection
installed. Despite the latest virus protection installed on our mobile devices, there is still the
possibility of exploits, theft, and security breaches into our database due to the increased
sophistication of cybercriminals and potential vulnerabilities (Kassas, Abdullah, Yousef, &
Wahba, 2017).
Design of the architecture:
We have a pending agreement with Sprint wireless network that will provide Data, SMS,
and Voice plans at a discount rate to support our Bring Your Own Device (BYOD) policy. The
web service we’re looking into using is Simple Object Access Protocol (SOAP). We prefer this
web service because of its flexibility to work with any application layer protocol (i.e. HTTP,
SMTP, TCP, and UDP); it can perform well in a distributed enterprise environment (Barnett,
Avazpour, Vasa, & Grundy, 2019). The web service for Intune can be located in the Azure
2
Mobile Application Threat Modeling_3
portal. A few of the features of Azure is an integrated console for our EMM and support for most
modern web browsers. Intune integrates most mobile web versions of existing websites.
Intune can be installed via Google Play Store and Apple App Store. The Azure portal will
provide cloud services that support healthcare, retail, financial services, and other large
enterprise work environments. The network protocols will connect via Virtual Private Network
(VPN); this will create a secure “private pipeline” to send and receive data. The wireless
interface to be used is 802.11ac. It provides an improved bandwidth for more flexibility and
backwards compatibility (Volk, Sterle, & Sedlar, 2015). The runtime environment (RTE) will be
operating as a Common Language Runtime (CLR) for Microsoft (Jeon & Rhew, 2012).NET
framework to support different programming languages to achieve a common goal. The OS
platforms supported includes,
a) Apple iOS 10 and later
b) Mac OS X 12.12 and later
c) Android 4.4 and later
d) Android Enterprise (Lollipop 5.0 and later work profile support)
e) Microsoft Win 10 (Home and Enterprise)
f) Microsoft Win 10 Mobile
g) Microsoft Windows 10 IoT Enterprise
3
Mobile Application Threat Modeling_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Report on Android Operating System - EECS 571
|13
|2007
|258

What is Microsoft Azure: A Comprehensive Overview
|3
|680
|176

Cloud-based Solutions for Healthcare Information Systems
|13
|3021
|103

(PDF) Advanced programming language design
|14
|4570
|66

Management Assignment - Products and Their Uses
|5
|578
|45

Implementation of Cloud Computing in VideoDev
|32
|2579
|320