Data Flow Diagram And Threat Model Analysis - pinocchio61/Architecture GitHub Wiki

Since security is a big concern in our system design, we conducted a threat model analysis when the initial design is consolidated. We have adopted the STRIDE model by following the steps below:

0. Identify the security objectives

• Ensure the data integrity, especially for the organizers' credential, voting results and voted transcriptions
• No identity spoofing in the system
• The system should be available

1. Sketch and refine the Data Flow Diagram in our system;
2. Identify the highly vulnerable components(marked red);
3. Conduct a threat analysis by listing potential threats, corresponding consequences and mitigation techniques, refer to STRIDE Analysis

This analysis helps us understand possible attacks and make intentional technical decisions in the implementation.