|

 
|
| | Name : | Matt Bishop | Organization : | University of California Davis | Post Date : | 9/30/2005 |
| Section : | 20.1.5 | Page no. : | | Line no.: | | Comment : | Using the above procedure [suggested in the Threat Modeling section of the author's document attached to a previous comment] — providing this partial tree, requiring modeling,
requiring annotations, inspection of all these by the ITA— would force the vendor to create countermeasures
for a host of threats.
Using the current procedure, attack paths that are relevant to systems unimagined by the standards, and thus not explicitly mentioned, are never inspected by the ITA. | |
|
|