The Elevation of Privilege Threat Modeling Card Deck
I created Elevation of Privilege while at Microsoft. I'm creating this repository to have a single location for bugfixes, encourage more derivative work, and all the other goodness that a git repository can bring. At https://www.microsoft.com/en-us/download/details.aspx?id=20303, Microsoft released these under a CC-BY-3.0 license; all these files are maintained under the same license.
Elevation of Privilege (EoP) is the easy way to get started threat modeling. It is designed to make threat modeling easy and accessible for developers and architects. Threat modeling is a core security practice during the design phase of the Microsoft Security Development Lifecycle (SDL). The EoP card game helps examine possible threats to software and computer system. This game is licensed under the Creative Commons Attribution 3.0 United States License. Native files of the game are made available to allow editing, localization, and printing of the game. To view the full content of this license, visit http://creativecommons.org/licenses/by/3.0/us/
There are a set of variants which I track on the threat modeling book website, https://www.threatmodelingbook.com/resources including both German and Japanese translations, online versions, an Alexa skill, and places you can obtain professionally printed cards.
Notes and clarifications
The most complete source of information on the cards is Appendix D of Threat Modeling: Designing for Security. Even if you don't have a copy of the book, you can often see the appendix via Amazon or Google "look inside" features.
- The Queen of Information Disclosure differs from the King because with the Queen, messages may be encrypted, even if the channel is not.
There are two independently created privacy variants:
- https://blog.logmeininc.com/privacy-by-design-can-be-entertaining/ (Mark Vinkovits)
- https://github.com/F-Secure/elevation-of-privacy (Marko Hämäläinen, Laura Noukka, Hiski Ruhanen, Ilona Varis, Antti Vähä-Sipilä)