Chadwick, David W.
Threat Modelling for Active Directory.
In: Proceedings of Eighth Annual IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, SEP 15-18, 2004, Windermere, England.
(Full text available)
This paper analyses the security threats that can arise against an Active Directory server when it is included in a Web application. The approach is based on the STRIDE classification methodology. The paper also provides outline descriptions of countermeasures that can be deployed to protect against the different threats and vulnerabilities identified here.
- Depositors only (login required):