Systems and methods for automated threat model generation from third party diagram files

US 10,713,366 B2
Filed: 08/15/2019
Issued: 07/14/2020
Est. Priority Date: 05/17/2017
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A threat modeling method, comprising:

providing one or more databases, the one or more databases comprising;

a plurality of threat model components stored therein; and

a plurality of threats stored therein, wherein each of the threats is associated with at least one of the threat model components through the one or more databases;

providing one or more mapping files communicatively coupled with the one or more databases, the one or more mapping files correlating the threat model components with visual diagram components of a third party software application (hereinafter “

third party diagram components”

); and

in response to receiving one or more user inputs, using one or more user interfaces displayed on one or more computing devices communicatively coupled with the one or more databases;

using the one or more computing devices, reading a data file generated by the third party software application, the data file comprising a subset of the third party diagram components, the data file defining one or more relationships between the subset of third party diagram components;

determining using the one or more computing devices, for the subset of third party diagram components, correlated threat model components as defined in the one or more mapping files;

displaying on the one or more user interfaces a relational diagram of one of a system, an application, and a process, using visual representations of the threat model components correlated with the subset of third party diagram components, the relational diagram defining a threat model; and

generating, using the one or more computing devices, and displaying, on the one or more user interfaces, a threat report displaying each threat that is associated through the one or more databases with one of the threat model components included in the threat model.

View all claims

1 Assignment

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

Threat modeling systems include one or more computing devices communicatively coupled with one or more databases, the database(s) including threat model components and threats associated with one another. One or more mapping files coupled with the database(s) correlate the threat model components with visual diagram components of a third party software application. An import interface initiates reading of a third party generated data file by the computing device(s), the data file including a subset of the third party diagram components and relationships between the subset. An interface receiving input initiates a determination of threat model components correlated with the subset. A diagram interface displays a relational diagram using visual representations of threat model components correlated with the subset, the relational diagram defining a threat model. A threat report interface includes a threat report displaying each threat that is associated with one of the threat model components of the threat model.

35 Citations

View as Search Results

20 Claims

1. A threat modeling method, comprising:
- providing one or more databases, the one or more databases comprising;
  
  a plurality of threat model components stored therein; and
  
  a plurality of threats stored therein, wherein each of the threats is associated with at least one of the threat model components through the one or more databases;
  
  providing one or more mapping files communicatively coupled with the one or more databases, the one or more mapping files correlating the threat model components with visual diagram components of a third party software application (hereinafter “
  
  third party diagram components”
  
  ); and
  
  in response to receiving one or more user inputs, using one or more user interfaces displayed on one or more computing devices communicatively coupled with the one or more databases;
  
  using the one or more computing devices, reading a data file generated by the third party software application, the data file comprising a subset of the third party diagram components, the data file defining one or more relationships between the subset of third party diagram components;
  
  determining using the one or more computing devices, for the subset of third party diagram components, correlated threat model components as defined in the one or more mapping files;
  
  displaying on the one or more user interfaces a relational diagram of one of a system, an application, and a process, using visual representations of the threat model components correlated with the subset of third party diagram components, the relational diagram defining a threat model; and
  
  generating, using the one or more computing devices, and displaying, on the one or more user interfaces, a threat report displaying each threat that is associated through the one or more databases with one of the threat model components included in the threat model.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the one or more mapping files are not stored in the one or more databases but are stored on the one or more computing devices.
  - 3. The method of claim 1, wherein the one or more mapping files comprise one or more tables stored within the one or more databases.
  - 4. The method of claim 1, wherein the data file comprises one of a VSD file, a VSDX file, a TMT file, an XML file, a JSON file, a PNG file, and a JPEG file.
  - 5. The method of claim 1, wherein determining, for the subset of third party diagram components, correlated threat model components, comprises first determining whether a user-defined name for one of the subset of third party diagram components has a match in the one or more mapping files and, if no match is found, then determining whether a default title for the third party diagram component, as defined by the third party software application, has a match in the one or more mapping files.
  - 6. The method of claim 5, further comprising, if no match is found for the default title, matching the third party diagram component with a placeholder component and displaying the placeholder component on the relational diagram to indicate that no match was found.
  - 7. The method of claim 1, further comprising determining, for the one or more relationships defined by the data file, correlated threat model components as defined in the one or more mapping files.

8. A threat modeling system, comprising:
- one or more computing devices communicatively coupled with one or more databases, the one or more databases comprising;
  
  a plurality of threat model components stored therein; and
  
  a plurality of threats stored therein, wherein each of the threats is associated with at least one of the threat model components through the one or more databases;
  
  one or more mapping files communicatively coupled with the one or more databases, the one or more mapping files correlating the threat model components with visual diagram components of a third party software application (hereinafter “
  
  third party diagram components”
  
  );
  
  an import interface displayed on one of the one or more computing devices, the import interface configured to, in response to receiving user input, initiate reading of a data file by one of the one or more computing devices, the data file generated by the third party software application, the data file comprising a subset of the third party diagram components, the data file defining one or more relationships between the subset of third party diagram components;
  
  an interface configured to, in response to receiving user input, initiate a determination of which threat model components are correlated with the subset of third party diagram components in the one or more mapping files;
  
  a diagram interface, displayed on the one or more computing devices, displaying a relational diagram of one of a system, an application, and a process, using visual representations of the threat model components correlated with the subset of third party diagram components, the relational diagram defining a threat model; and
  
  a threat report interface, displayed on the one or more computing devices, including a threat report displaying each threat that is associated through the one or more databases with one of the threat model components included in the threat model.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The system of claim 8, wherein the one or more mapping files are not stored in the one or more databases but are stored on the one or more computing devices.
  - 10. The system of claim 8, wherein the one or more mapping files comprise one or more tables stored within the one or more databases.
  - 11. The system of claim 8, wherein the data file comprises one of a VSD file, a VSDX file, a TMT File, an XML file, a JSON file, a PNG file, and a JPEG file.
  - 12. The system of claim 8, wherein the one or more mapping files includes a file correlating user-defined names of the third party diagram components with the threat model components.
  - 13. The system of claim 8, wherein the one or more mapping files includes a file correlating default titles of the third party diagram components with the threat model components.
  - 14. The system of claim 8, wherein, for each of the subset of third party diagram components for which no correlated threat model component is found in the one or more mapping files, the diagram interface displays a placeholder component indicative of a match not being found.
  - 15. The system of claim 8, further comprising one or more mapping interfaces displayed on the one or more computing devices and configured to, in response to receiving user input, modify the one or more mapping files.

16. A threat modeling system, comprising:
- one or more computing devices communicatively coupled with one or more databases, the one or more databases comprising;
  
  a plurality of threat model components stored therein; and
  
  a plurality of threats stored therein, wherein each of the threats is associated with at least one of the threat model components through the one or more databases;
  
  one or more mapping files communicatively coupled with the one or more databases, the one or more mapping files correlating the threat model components with visual diagram components of a third party software application (hereinafter “
  
  third party diagram components”
  
  );
  
  an import interface displayed on one of the one or more computing devices, the import interface configured to, in response to receiving user input, initiate reading of a data file by the one or more computing devices, the data file comprising a subset of the third party diagram components, the data file defining one or more relationships between the subset of third party diagram components;
  
  an interface configured to, in response to receiving user input, initiate a determination of which threat model components are correlated with the subset of third party diagram components in the one or more mapping files;
  
  a diagram interface, displayed on the one or more computing devices, displaying a relational diagram of a computing network, using visual representations of the threat model components correlated with the subset of third party diagram components, the relational diagram defining a threat model; and
  
  a threat report interface, displayed on the one or more computing devices, including a threat report displaying each threat that is associated through the one or more databases with one of the threat model components included in the threat model.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the one or more mapping files are not stored in the one or more databases but are stored on the one or more computing devices.
  - 18. The system of claim 16, wherein the one or more mapping files comprise one or more tables stored within the one or more databases.
  - 19. The system of claim 16, wherein the one or more mapping files includes a file correlating user-defined names of the third party diagram components with the threat model components.
  - 20. The system of claim 16, wherein the one or more mapping files includes a file correlating default titles of the third party diagram components with the threat model components.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
ThreatModeler Software Inc.
Original Assignee
ThreatModeler Software Inc.
Inventors
Agarwal, Anurag
Primary Examiner(s)
Parsons, Theodore C

Application Number

US16/542,263
Publication Number

US 20190370477A1
Time in Patent Office

334 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/212   with details for data model...

G06F 16/2282   Tablespace storage structur...

G06F 16/248   Presentation of query results

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/033   Test or assess software

G06F 9/451   Execution arrangements for ...

Systems and methods for automated threat model generation from third party diagram files

First Claim

1 Assignment

Litigations

1 Petition

Accused Products

Abstract

35 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for automated threat model generation from third party diagram files

First Claim

1 Assignment

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links