行业研究公司研究宏观策略财报招股书会议纪要稀土低空经济 DeepSeek AIGC 智能驾驶大模型

2025-云威胁建模2.0

信息技术2025-11-26CSA GCRD***

AI智能总结

云威胁建模 v2.0

核心观点：云计算和人工智能 (AI) 的快速发展给安全带来了新的挑战，传统的安全实践已无法完全应对。云威胁建模作为一种结构化的方法，能够帮助组织识别、评估和缓解云环境和 AI 系统中的潜在安全威胁，从而加强安全态势，实现安全设计。

关键数据和研究结论：

云计算和 AI 引入了新的威胁向量，如对抗性输入、模型窃取、数据污染和推理泄露等，需要更新建模方法来应对。
云环境中的抽象层、共同责任边界、服务弹性和云服务提供商 (CSP) 服务的差异性，进一步增加了传统建模技术的复杂性。
云威胁建模与传统的威胁建模目的相似，但具有额外的好处，例如促进云安全采用、帮助选择最安全的云服务、部署和多云租户模型配置。
云威胁建模的模型组件与传统的威胁建模相同，但描述或包括独特的云功能，如共享服务、多云租户和云环境变化的快速节奏。
云威胁建模考虑的威胁是独特的，例如 AWS EC2 实例元数据账户劫持、Imperva 数据泄露、GCP 服务账户滥用和 Azure 管理身份升级等。
云威胁建模的产物与传统威胁建模相似，但具有动态性，能够提供对服务、身份和数据流的实时洞察。
建议将云威胁建模与安全开发生命周期 (SDL) 集成，并使用现代工具，如威胁建模平台、自动化管道和 AI 辅助工具，以提高效率和可扩展性。
威胁建模方法（手动、自动化和 AI 辅助）不是相互排斥的，而是互补的。每种方法都有其独特的优势，应根据组织的具体情况进行选择。
威胁建模输入方法的多样性可以提高建模的准确性，建议结合代码、图表、调查和对话界面等多种输入类型。
持续威胁建模对于有效的安全至关重要，它确保了防御措施与不断变化的系统、基础设施和对手技术保持一致。

建议：组织应将云威胁建模纳入其安全实践，并开始或改进其云威胁建模实践，以应对当今和未来的安全挑战。

Acknowledgments Lead Authors Reviewers Srija Reddy AllamVictor ChinRob DoyonAnkit GuptaSachindra NarayanNikunj NagaliaNelson Augusto Pillajo Casillas Vic HargraveMichael RozaJon-Michael C. BrookAlexander Stone GetsinGustavo Arreaza Contributors Ann IzraChinaza Obidike CSA Global Staff Hillary BaronAlex Kaluza Graphic Design Stephen LumpeStephen Smith Table of Contents Acknowledgments...............................................................................................................................................3Table of Contents................................................................................................................................................4Introduction..........................................................................................................................................................6Purpose................................................................................................................................................................ 7Target Audience.................................................................................................................................................. 7Key Takeaways..................................................................................................................................................... 7Threat Modeling Frameworks............................................................................................................................8General-Purpose Frameworks................................................................................................................... 9AI-Specific Frameworks.............................................................................................................................. 9Examples of Frameworks........................................................................................................................... 10Framework Selection Guidance................................................................................................................12Integration with the Secure Development Lifecycle (SDL)................................................................. 12Compliance and Regulatory Alignment................................................................................................... 13Core Threat Modeling Activities......................................................................................................................14Cloud Threat Modeling.................................................................................................................................... 22Cloud Orientation...................................................................................................................................... 22Is the Purpose of Cloud Threat Modeling Different?........................................................................... 22Are the Model Components of Cloud Threat Modeling Different?................................................... 23 Appendix 1: Threat Modeling Reporting Guidance....................................................................................... 51Appendix 2: Metrics and Maturity Models for Cloud Threat Modeling.................................................... 52Key Performance Metrics (KPIs)..............................................................................................................52Cloud Threat Modeling Maturity Model................................................................................................. 53 Introduction Businesses everywhere embraced cloud technologies, paving the way for new business models andaccelerating innovation. Artificial intelligence (AI) innovation contributes to the challenges andopportunities of navigating evolving security threats while adopting diverse cloud offerings. At the same Securing system design early helps identify vulnerabilities and attack vectors before they can beexploited, enabling proactive risk management. This effort supports feature prioritization and targetedsecurity investments.Threat modelingis widely recognized as a cornerstone of secure software Threat modeling is a structured approach to identifying and evaluating potential security threats to asystem, application, or process. It enables organizations to proactively mitigate risks and strengthen their Security practices, including threat modeling, were primarily developed for static, on-premises systems.Yet the rapid adoption of cloud computing and AI has introduced architectural changes, dynamicbehaviors, and attack surfaces that these legacy approaches do not fully address. As a result, existing AI systems introduce new threat vectors, such as adversarial inputs, model theft, data poisoning, andinference leakage, that are not typically covered in conventional threat models. In cloud-hosted AIenvironments, these threats may arise through compromised storage feeding tra

点击免费查看完整报告