{ "version": "2.2.0", "summary": { "title": "My Premium Dealership",

1. {
2. "version": "2.2.0",
3. "summary": {
4. "title": "My Premium Dealership",
5. "owner": "Jr. Security Engineer",
6. "description": "\"My Premium Dealership\" is a B2C application with a micro-service architecture that allows users to request mechanic services for their vehicle.",
7. "id": 0
8. },
9. "detail": {
10. "contributors": [
11. {
12. "name": "Iman (Infra)"
13. },
14. {
15. "name": "Devon (Development)"
16. },
17. {
18. "name": "Suzy (Security)"
19. },
20. {
21. "name": "Greta (GRC)"
22. },
23. {
24. "name": "Sal (Stakeholder)"
25. }
26. ],
27. "diagrams": [
28. {
29. "id": 0,
30. "title": "mypremiumdealership.com",
31. "diagramType": "STRIDE",
32. "placeholder": "New STRIDE diagram description",
33. "thumbnail": "./public/content/images/thumbnail.stride.jpg",
34. "version": "2.2.0",
35. "cells": [
36. {
37. "position": {
38. "x": 40,
39. "y": 245
40. },
41. "size": {
42. "width": 112.5,
43. "height": 60
44. },
45. "attrs": {
46. "text": {
47. "text": "User"
48. },
49. "body": {
50. "stroke": "#333333",
51. "strokeWidth": 1.5,
52. "strokeDasharray": null
53. }
54. },
55. "visible": true,
56. "shape": "actor",
57. "zIndex": 2,
58. "id": "97f211c4-cd4b-411e-8479-e60cf7ff21c6",
59. "data": {
60. "type": "tm.Actor",
61. "name": "User",
62. "description": "",
63. "outOfScope": false,
64. "reasonOutOfScope": "",
65. "hasOpenThreats": false,
66. "providesAuthentication": false,
67. "threats": []
68. }
69. },
70. {
71. "position": {
72. "x": 471.25,
73. "y": 220
74. },
75. "size": {
76. "width": 210,
77. "height": 110
78. },
79. "attrs": {
80. "text": {
81. "text": "Microservices"
82. },
83. "body": {
84. "stroke": "#333333",
85. "strokeWidth": 1.5,
86. "strokeDasharray": null
87. }
88. },
89. "visible": true,
90. "shape": "process",
91. "zIndex": 3,
92. "id": "783896f5-bc14-4502-865b-11df83d84492",
93. "data": {
94. "type": "tm.Process",
95. "name": "Microservices",
96. "description": "",
97. "outOfScope": false,
98. "reasonOutOfScope": "",
99. "hasOpenThreats": false,
100. "handlesCardPayment": false,
101. "handlesGoodsOrServices": false,
102. "isWebApplication": false,
103. "privilegeLevel": "",
104. "threats": []
105. }
106. },
107. {
108. "shape": "flow",
109. "attrs": {
110. "line": {
111. "stroke": "#333333",
112. "targetMarker": {
113. "name": "block"
114. },
115. "sourceMarker": {
116. "name": "block"
117. },
118. "strokeDasharray": null
119. }
120. },
121. "width": 200,
122. "height": 100,
123. "zIndex": 10,
124. "connector": "smooth",
125. "data": {
126. "type": "tm.Flow",
127. "name": "Web Traffic\n",
128. "description": "",
129. "outOfScope": false,
130. "reasonOutOfScope": "",
131. "hasOpenThreats": false,
132. "isBidirectional": true,
133. "isEncrypted": false,
134. "isPublicNetwork": false,
135. "protocol": "",
136. "threats": []
137. },
138. "id": "8ce4fe50-f0f7-448c-9945-2f8c85079374",
139. "labels": [
140. "Web Traffic\n"
141. ],
142. "source": {
143. "cell": "97f211c4-cd4b-411e-8479-e60cf7ff21c6"
144. },
145. "target": {
146. "cell": "9eb5724a-c842-41c7-b1f2-1b695d8ac41c"
147. }
148. },
149. {
150. "position": {
151. "x": 290,
152. "y": 210
153. },
154. "size": {
155. "width": 140,
156. "height": 130
157. },
158. "attrs": {
159. "text": {
160. "text": "Web Client"
161. },
162. "body": {
163. "stroke": "#333333",
164. "strokeWidth": 1.5,
165. "strokeDasharray": null
166. }
167. },
168. "visible": true,
169. "shape": "process",
170. "zIndex": 11,
171. "id": "9eb5724a-c842-41c7-b1f2-1b695d8ac41c",
172. "data": {
173. "type": "tm.Process",
174. "name": "Web Client",
175. "description": "",
176. "outOfScope": false,
177. "reasonOutOfScope": "",
178. "hasOpenThreats": false,
179. "handlesCardPayment": false,
180. "handlesGoodsOrServices": false,
181. "isWebApplication": false,
182. "privilegeLevel": "",
183. "threats": []
184. }
185. },
186. {
187. "position": {
188. "x": 770,
189. "y": 245
190. },
191. "size": {
192. "width": 120,
193. "height": 60
194. },
195. "attrs": {
196. "text": {
197. "text": "PostgreSQL"
198. },
199. "topLine": {
200. "strokeWidth": 1.5,
201. "strokeDasharray": null
202. },
203. "bottomLine": {
204. "strokeWidth": 1.5,
205. "strokeDasharray": null
206. }
207. },
208. "visible": true,
209. "shape": "store",
210. "zIndex": 12,
211. "id": "f3b93565-510d-4b23-9726-2e0e233e7e2c",
212. "data": {
213. "type": "tm.Store",
214. "name": "PostgreSQL",
215. "description": "",
216. "outOfScope": false,
217. "reasonOutOfScope": "",
218. "hasOpenThreats": false,
219. "isALog": false,
220. "isEncrypted": false,
221. "isSigned": false,
222. "storesCredentials": false,
223. "storesInventory": false,
224. "threats": []
225. }
226. },
227. {
228. "position": {
229. "x": 358.75,
230. "y": -100
231. },
232. "size": {
233. "width": 112.5,
234. "height": 60
235. },
236. "attrs": {
237. "text": {
238. "text": "Level 0 DFD"
239. }
240. },
241. "visible": true,
242. "shape": "td-text-block",
243. "zIndex": 16,
244. "id": "b2cdbfd5-8d17-42a2-94a1-5cd7d4f42712",
245. "data": {
246. "type": "tm.Text",
247. "name": "Level 0 DFD",
248. "hasOpenThreats": false
249. }
250. }
251. ],
252. "description": "DFD-based threat model, grouping multiple processes"
253. }
254. ],
255. "diagramTop": 4,
256. "reviewer": "Sr. Security Engineer",
257. "threatTop": 15
258. }
259. }