Threat Modelling for Active Directory

Chadwick, David W. (2004) Threat Modelling for Active Directory. In: Proceedings of Eighth Annual IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, SEP 15-18, 2004, Windermere, England. (Full text available)

Download (127kB) Preview


This paper analyses the security threats that can arise against an Active Directory server when it is included in a Web application. The approach is based on the STRIDE classification methodology. The paper also provides outline descriptions of countermeasures that can be deployed to protect against the different threats and vulnerabilities identified here.

Item Type: Conference or workshop item (Paper)
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:01 UTC
Last Modified: 06 Sep 2011 01:22 UTC
Resource URI: (The current URI for this page, for reference purposes)
  • Depositors only (login required):


Downloads per month over past year