This content is part of the Essential Guide: Mobile development guide: Testing, requirements and security
Problem solve Get help with specific problems with your technologies, process and projects.

Threat modeling: Crucial early step in software development cycle

Security expert Dan Cornell explains why the practice of threat modeling early in the software development cycle is crucial for mobile developers.

What is the single most important application security best practice for mobile developers?

Dan Cornell

Dan Cornell

Mobile application developers looking to create secure applications should seriously consider incorporating threat modeling into the software development cycle. This best practice can help them identify potential security weaknesses and vulnerabilities early in the process, during the architecture and design stage. At this point, vulnerabilities are comparatively easy to fix. Waiting to address them later in the development process, or after deployment, makes them considerably more expensive to remediate.

At a high level, building a threat model involves getting the development team to break the system down into its component parts and looking at where decisions are made, how data flows through the application, where data is stored in the application and where there are trust boundaries that should be maintained. Based on this understanding, decisions can be made to move processing or restrict data flows to avoid introducing potential security weaknesses into the system.

There are a number of specific methodologies for threat modeling. The important thing is for development teams to look at the architecture of the application they are building to proactively look for problems before committing to a specific implementation approach.

Non-trivial mobile apps are actually systems of applications that communicate among themselves, as well as with external systems.

The reason this practice is so valuable for mobile applications is that most non-trivial mobile apps are actually systems of applications that communicate among themselves as well as with external systems. This complexity can lead to architecture and design problems with serious security implications. In addition, mobile applications have to run on devices that might be controlled by a malicious user and that might have malicious applications installed on them. In complicated systems like this, understanding where decisions are made, what sensitive data is moved and stored, and how the pieces fit together is critical to creating a secure system.

For example, a mobile application might consist of the code that runs on the user device (of course), as well as the supporting Web services deployed by the app developer to allow access to back-end user account information. In addition, the mobile app might communicate with third-party applications like Facebook or Twitter for some of its functionality. All of this communication is going to be done over potentially untrusted Wi-Fi or telecom carrier networks.

When building this system, developers need to be careful not to store sensitive information on the device, lest it be disclosed if a legitimate user were to lose their device. In addition, any sensitive data communicated between the mobile app and the server should be encrypted so that malicious observers cannot intercept or change the data en route. Also, sensitive algorithms shouldn't be run on the mobile device because they could be discovered by attackers who reverse-engineer the application binaries.

All security concerns could be easily identified by a threat modeling session, and it is far easier to address these issues at the design stage of the software development cycle rather than after the app is deployed in production. The best scenario is have app developers and designers to think about security early in the development lifecycle.

Let us know what you think and follow us on Twitter @SoftwareTestTT.

Next Steps

How to improve application development cycle using the cloud

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.