Sara Abbaspour Asadollah, Mälardalen University Västerås, Sweden
Ensuring digital privacy is critical to protecting sensitive information and guarding against malicious actors in today's interconnected world. This paper explores the concept of digital privacy and its importance in maintaining online security. We highlight the importance of robust strategies to protect information by examining the consequences of failing to prioritize digital privacy, including identity attack scenarios in industrial applications by proposing a systematic approach to improving digital privacy. Our methodology includes creating a Data Flow Diagram (DFD) to visualize the data flow within the system and applying the STRIDE threat modeling framework to identify potential threats, with a focus on privacy related aspects. We then extract privacy-related threats and create attack vectors and scenarios to guide testers to validate system security. To validate our methodology, we plan to conduct a case study in an industrial application, an automated train control system. By analyzing the data flow and identifying potential attack scenarios, we want to demonstrate the effectiveness of our approach in real-world applications. We also want to automate the process and collaborate with more industries to ensure scalability and practical applicability.
Privacy-related threats, Cyberattack, attack vector, attack scenario, Information security, Data protection.