Cyber Security
Student ID:
Word count: 2005 words
�Executive Summary
This report studies the threat modelling and risk assessment framework for the eCommerce
business model. As this report demonstrates, handling customer data, payment processing, and
maintaining system integrity comes with increased risks of cyber threats This paper considers
and uses both the STRIDE and DREAD frameworks to outline and classify significant cyber
threats. The risk management measures from the report adopt NIST and OSI industry standards
to outline tactical measures to bolster security and safeguard critical resources. The following
model indicates practical security solutions to ensure strong data security, service credibility,
and, thus, customer trust within the framework of eCommerce.
Table of Content
2
� s
1. Introduction..................................................................................................................................4
2. Business Model and Use Cases...................................................................................................4
3. Key Components and Steps of Threat Modeling.........................................................................5
4. Risk Assessment..........................................................................................................................6
4.1 Assets.....................................................................................................................................6
4.2 Risk Identification.................................................................................................................6
4.3 Risk Evaluation......................................................................................................................7
5. Mitigation Strategies....................................................................................................................7
5.1 Policy and Control Measures.................................................................................................8
5.2 Risk Matrix............................................................................................................................8
5.3 Compliance Table..................................................................................................................9
6. Implementation Plan....................................................................................................................9
7. Conclusion.................................................................................................................................10
References......................................................................................................................................11
3
�1. Introduction
Today’s complex eCommerce environment consists of multiple and growing threats which
indicate the importance of strong security to protect personal data and prevent unauthorized
access. This paper provides a cumulative cybersecurity plan that is relevant to a targeted
eCommerce platform explaining how threat identification and risk analysis can offer anticipatory
solutions to probable risks.
The report organization contains the initial discussion on the business model and then goes into
detail on threat modelling elements that define principal menace. Risk management also
undergoes a detailed analysis in STRIDE and DREAD models where risks are thoroughly
assessed and grouped by threats with the highest impact. This is followed by proposing
mitigation strategies, to improve the effectiveness of the model conforming to industry standards.
Last but not least; the implementation plan shows how aspects of security shall be incorporated
into the business hence reflecting on the multi-layered security strategy. This structured model
strengthens the cybersecurity that is required in protecting the eCommerce platforms amidst
today’s high risk in the digital world.
2. Business Model and Use Cases
The highlighted eCommerce business model aims at a web platform established for product
catalogues, purchasing and account administration. The main application areas within this model
define significant security requirements such as user identity, data and secure transactions.
In the user authentication use case, there is strict control on the persons allowed to access the
application, and extra measures such as MFA are always considered. Implementation of data
handling involves rigorous encryption and storage of all customer information such as payment
information to maintain a high level of data confidentiality (Hassan, 2021). Last, transaction
processing employs ways of protocol transmission that protect the payment information while in
transit and shield it from interception or alteration.
Every use case is accompanied by different security issues which is why a structured threat
model is needed to understand the risks and protect the resources. Threat modelling prevents data
4
�breaches and helps provide a safe environment for customers, increases their confidence, and
protects the platform’s reliability (Saeed, 2023).
3. Key Components and Steps of Threat Modeling
Threat modelling is the most relevant to determine and minimize the security threats in the frame
of an eCommerce platform. This report employs the STRIDE framework, which categorizes
threats into six types: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of
Service, and Elevation of Privilege, categorised by AIchae the vulnerabilities that the system
poses.
● Spoofing: This threat involves impostor impersonation of actual end users of the
systems. The key control, that should be mentioned, is a multi-factor authentication that
improves the methods of users’ identification to avoid access by unauthorized persons.
● Tampering: Here, the attackers are in a position of polluting the database by altering the
information it holds in a let’s say unadmirable manner. The use of cryptography through
encryption of data at rest and data in transit as well as through hashing is enabled as
countering mechanisms against data integrity threats.
● Repudiation: This threat occurs when actions cannot be traced or audited. The key
feature of logging and audit trails is, that significant transactions can be traced and denial
of accountability can be avoided.
● Information Disclosure: This type of threat results in a data breach Since the threats
entail unauthorized data access. To secure private information access control policies can
also be enhanced by end-to-end encryption and enable only the authorized user to access
the data.
● Denial of Service (DoS): The purpose of a DoS attack is to deny access to the
commodity that is being serviced. It has to have firewall protection, limit the traffic rate
and filter specific traffic to help the system avoid overly aggressive malicious traffic.
5
� ● Elevation of Privilege: This threat happens when an attacker becomes privileged. RBAC
and access audits are also entitled to prevent privilege escalation, at least when some of
the privileges are identified.
Figure 1. STRID Methodologies
(Source: [Link], 2024)
The DREAD model extends STRIDE by providing a severity score by estimating damage,
reproducibility, exploitability, affected users, and discoverability (Sanfilippo, et al., 2020). With
the help of STRIDE and DREAD frameworks, risks are prioritized and the primary threats that
threaten the eCommerce platform are addressed and controlled through security that is
implemented.
4. Risk Assessment
4.1 Assets
Therefore, the eCommerce business model has several important assets, which are fundamental
for the maintenance of safe and efficient business. Such assets consist of customer information,
transaction information, and system architecture that underpins the operation of share platforms
6
�(Ameen, et al., 2021). Customer information can include personal information about customers,
which we call personally identifiable information or PII, that includes customer names,
addresses, and payment information, for instance, that ought to be well protected from
unauthorized users. Transaction data contains crucial information like buyer behaviour and
payment summary of purchases and hence their accuracy is vital to the business (Sulaimon and
Owamoyo, 2024). The backend systems include compulsory business features such as data
storage servers and payment gateways inclusive of all transactional and processing aspects
within the platform.
4.2 Risk Identification
The process of risk assessment of the identified assets in this case is done systematically using
the STRIDE framework to categorize concrete threats within each category. For customer
information, there are two main threats, namely spoofing whereby the unauthorized person may
access the system using the identity of an authorized person, and information leakage whereby
information that is deemed sensitive may be revealed by a person who does not have the right to
do so (Abuabed, et al., 2023). All of them expose the studied system to high risks of privacy
violation and unauthorized access to PII. Transaction data is susceptible to tampering threats,
whereby the attackers seek to change records as would undermine the platform’s financial
authenticity and accuracy. The backend systems face threats like Denial of Service (DoS) kind of
threat that has the potential to affect the platform’s availability, thus the quality of user
experience and can lead to reputational losses (Ali, et al., 2022). Treating these threats
systematically and categorising them is the enlisted concept of STRIDE that enables a vulnerable
analysis of the situation and offers a general outline of security flaws.
7
�4.3 Risk Evaluation
Figure 2. DREAD model
(Source: [Link], 2024)
To make the mitigation efforts effective, the DREAD model assesses each threat identified based
on its damage potential, reproducibility, exploitability, users impacted and discoverability.
Information disclosure is considered rather critical because having a PII leak might cost the
company penalties and loss of customer trust (Kim, et al., 2022). Spoofing is also given priority
because, on eCommerce platforms, attackers can leverage stolen credentials as a means of
getting into user accounts. Denial of Service attacks on back-end systems are especially lethal
because they threaten availability, usability and accessibility for a large population of users
leading to lost revenue and loss of clientele (Di Maio, et al., 2023). The DREAD model assigns
each of the threats with a score, which in turn helps the business prioritize given vulnerabilities
in a way that enables timely prevention measures to be implemented, hence improving the
overall security of the business platform (Voruganti, 2021). This combined approach helps in so
8
�far as it underpins a structured, resource-oriented prioritization and contributes to a proactive
approach to cyber risks.
5. Mitigation Strategies
5.1 Policy and Control Measures
Some of the major recommendations regarding the above-mentioned primary security risks
proposed in this report include the following critical mitigation measures: The main solution for
spoofing is to include multi-factor authentication (MFA), as it can include an additional factor
for a user’s identity. Another way of supporting MFA is to set up stricter password standards for
credentialed workers: adapting complexity rules and using password expiration notifications to
ensure password protection (Sinigaglia, et al., 2020). Combined, these factors form a model of
protection where many barriers are added in parallel, greatly decreasing the chance of an attack.
Concerning tampering threats, there is the highest encryption of 256-bit AES applied not only to
stored data but also to the data being transferred. Moreover, cryptographic hashing of certain
data gives the ability to businesses to identify any forms of alteration due to its tamper-evident
feature (Setiawan, 2021). Through this method of encryption and hashing the integrity of the data
is maintained throughout the platform.
To reduce some of the risks related to the disclosure of certain information, system access
controls are implemented, which provide the necessary data only to specific users who are
indeed permitted to receive it based on the principle of least privilege (Ajiga, et al., 2024). In
addition, data is even secured through end-to-end encryption hence; the data to be secured cannot
be tampered with along the process. A DLP system extends the layers of protection through
system monitoring of the movement of data, the identification of unauthorized transfers, and the
prevention of such malicious actions, especially concerning sensitive data (Yadav and Gupta,
2023).
DoS threats are addressed by blocking the offending traffic through firewalls as well as rate
limiting the amount of traffic that can get to the system at any given time. Moreover, the
9
�availability of cloud resources means that the platform does not face the problem of having its
resources overloaded during periods of high traffic, which threatens its availability at large
(Ortega-Fernandez and Liberati, 2023). Altogether the measures strengthen the platform’s
readiness to counter DoS attacks.
5.2 Risk Matrix
A risk matrix is a way of assigning and ranking risks in terms of their probability and
consequence, to determine which risks to prioritise most in security protection. For instance,
priority risks that may affect user’s confidence and data including information disclosure and
spoofing risks are prioritized for intervention (Ganin, et al., 2020). The other risks are treated
with low-risk priority according to potential impact and managed within business requirement
provisions.
5.3 Compliance Table
Adhering to industry standards, NIST and OSI models help in achieving best practices of
encryption and access of the system, which helps in maintaining the Confidentiality, Integrity
and Availability of the system. In addition to maintaining compliance with these standards, they
reinforce the eCommerce platform’s security, and thus, provide stakeholders, and customers with
confidence.
6. Implementation Plan
As part of the implementation plan, the solutions mentioned are incorporated into the
eCommerce platform focusing on controls at key points. A data flow diagram indicates critical
security points: MFA during login, data Encryption and Firewalls at the edges of the network.
Dwe
10
�uring the customer login stage, MFA greatly limits identity, thereby reducing the likelihood of an
account being accessed by an unauthorized individual, or by an authorized individual with
malicious intent. Most data can be encrypted and as such, data requires encryption both at the
time of storage as well as when it is in the prIocess of transfer to avoid leakage of information
(Muhammad, et al., 2022). RBAC brings still more rigidity to rule implementation by preventing
most employees from having any contact with important data, thus limiting the risk of leakage.
Regarding network perimeter security, firewalls and rate limiting are implemented to mitigate
DoS attacks to ensure maximum availability and performance of the service under high load.
Also, the layered approach to the customer log-in process and Multi-Factor Authentication, and
continuous monitoring meant that any attempt by unauthorized persons to gain access was foiled
immediately (Kumar and Somani 2022). Such an approach offers manifold protection to the
different layers of the platform and guarantees the effective safety of users and the purity of the
eCommerce business’s processes.
7. Conclusion
This paper discusses threat modelling as applied to the context of a selected and fairly detailed
eCommerce platform. The model identifies the threats systematically, and there are specific
frameworks, such as STRIDE and DREAD, which help to mitigate the risks and select the most
effective means to achieve this goal thus making the platform more secure against cyber threats
for the identified vulnerabilities. This model has incorporated the best industry standards such as
NIST and OSI that guarantee optimal security, functionality, and accessibility of the data. This
systematic process not only minimizes the possible security issues but secures and stabilizes
customer trust in the eCommerce business.
11
�References
Saeed, S., 2023. A customer-centric view of E-commerce security and privacy. Applied
Sciences, 13(2), p.1020.
Hassan, F., 2021. Boosting E-commerce Security: Implementing Multi-Factor Authentication
(MFA) and Advanced Cyber Forensics.
Sanfilippo, J., Abegaz, T., Payne, B. and Salimi, A., 2020. Stride-based threat modeling for
mysql databases. In Proceedings of the Future Technologies Conference (FTC) 2019: Volume 2
(pp. 368-378). Springer International Publishing.
Ameen, N., Tarhini, A., Shah, M.H., Madichie, N., Paul, J. and Choudrie, J., 2021. Keeping
customers' data secure: A cross-cultural study of cybersecurity compliance among the Gen-
Mobile workforce. Computers in Human Behavior, 114, p.106531.
Sulaimon, H.A. and Owamoyo, N., 2024. Design and implementation of secured e-commerce
digital learning for the educational system in Nigeria. Faculty of Natural and Applied Sciences
Journal of Mathematics, and Science Education, 5(4), pp.23-32.
Abuabed, Z., Alsadeh, A. and Taweel, A., 2023. STRIDE threat model-based framework for
assessing the vulnerabilities of modern vehicles. Computers & Security, 133, p.103391.
Ali, M.H., Jaber, M.M., Abd, S.K., Rehman, A., Awan, M.J., Damaševičius, R. and Bahaj, S.A.,
2022. Threat analysis and distributed denial of service (DDoS) attack recognition in the internet
of things (IoT). Electronics, 11(3), p.494.
Kim, K.H., Kim, K. and Kim, H.K., 2022. STRIDE‐based threat modeling and DREAD
evaluation for the distributed control system in the oil refinery. ETRI Journal, 44(6), pp.991-
1003.
12
�Di Maio, F., Marchetti, S. and Zio, E., 2023. Robust multi-objective optimization of safety
barriers performance parameters for NaTech scenarios risk assessment and management.
Reliability Engineering & System Safety, 235, p.109245.
Voruganti, K.K., 2021. Enhancing Cloud Security Posture through Threat Modeling and Risk
Assessment Migration. Journal of Technological Innovations, 2(3).
Sinigaglia, F., Carbone, R., Costa, G. and Zannone, N., 2020. A survey on multi-factor
authentication for online banking in the wild. Computers & Security, 95, p.101745.
Setiawan, F.B., 2021, October. Securing data communication through MQTT protocol with
AES-256 encryption algorithm CBC mode on ESP32-based smart homes. In 2021 International
Conference on Computer System, Information Technology, and Electrical Engineering
(COSITE) (pp. 166-170). IEEE.
Yadav, I. and Gupta, H., 2023, December. Designing Data Loss Prevention System for The
Enhancement of Data Integrity in Cyberspace. In 2023 5th International Conference on
Advances in Computing, Communication Control and Networking (ICAC3N) (pp. 1361-1365).
IEEE.
Ajiga, D., Okeleke, P.A., Folorunsho, S.O. and Ezeigweneme, C., 2024. Designing cybersecurity
measures for enterprise software applications to protect data integrity.
Ortega-Fernandez, I. and Liberati, F., 2023. A review of denial of service attack and mitigation
in the smart grid using reinforcement learning. Energies, 16(2), p.635.
Ganin, A.A., Quach, P., Panwar, M., Collier, Z.A., Keisler, J.M., Marchese, D. and Linkov, I.,
2020. Multicriteria decision framework for cybersecurity risk assessment and management. Risk
Analysis, 40(1), pp.183-199.
13
�Muhammad, T., Munir, M.T., Munir, M.Z. and Zafar, M.W., 2022. Integrative cybersecurity:
merging zero trust, layered defense, and global standards for a resilient digital future.
International Journal of Computer Science and Technology, 6(4), pp.99-135.
Kumar, A. and Somani, G., 2022. Security Infrastructure for Cyber Attack Targeted Networks
and Services. In Recent Advancements in ICT Infrastructure and Applications (pp. 209-229).
Singapore: Springer Nature Singapore.
Online:
[Link]
[Link]
14
