- What are we guarding against? Who are the adversaries? What do we say what we can do?**
**
THIS BOOK OFFERS
-
Definition of Components
-
Personas: Users, Developers and Adversaries
-
Adversaries and Privelege Positions
-
Assets and Vulnerabilities
-
What PT DO NOT Do
-
Mitigation Techniques
-
How to Test and Verify
-
Example case from PT Implementor
-
Useful materials, training and teaching tools
OUR GOALS FOR YOU
-
Generate some kind of documents that are a companion to the spec
-
Help people design PT's with the appropriate threat model in mind?
-
Assist apps/systems using PT properly communicate the capabilities to their trainers and users
-
Better understanding of threats to inform specification development, research
-
Improved guidance for new PT developers
WHAT WE WANT TO PROVIDE
-
Initial documentation posted to Github
-
Best practices to feed into testing, rating, evaluation of quality
-
"Training for trainers" documentation to understand what threats PTS are meant to address
GitBook allows you to organize your book into chapters, each chapter is stored in a separate file like this one.