Threat Modeling in Pervasive Computing Paradigm

Abstract

This paper presents the threat modeling approach for pervasive environment's security. In pervasive computing, a user might be part of various security domains at any particular instant of time having various authentication mechanisms and different privileges in different security domains. A number of threat modeling approaches and methods have been defined in literature and are in use. However, because of the nature of the pervasive computing and ubiquitous networks, these approaches do not handle the inherent security problems and perspective of pervasive computing. The paper examines in detail the threat modeling and analysis approaches being developed at Microsoft and other methods used for threat modeling. The paper present a novel approach for addressing the threat modeling in pervasive computing and presents the model for threat modeling and risk analysis in pervasive environment.