Threat modeling in application security planning citizen service complaints

The mobile-based service complaint application is one way to implement good governance today. Public facilitated make complaints without going through a complicated process. Security aspects must be considered protect user privacy. security design so that no harmed by the application's users damaged in use. This study used threat modeling during planning stage of developing citizen obtain information about vulnerabilities. researcher uses process open web project (OWASP) organization has formulated as framework. researchers took steps describe information, determine and rank threats, countermeasures, mitigation. In final stage, spoofing, tampering, repudiation, disclosure, denial elevation privilege (STRIDE) methodology analyze assess mitigation actions against threats application. gets defense strategy reduce danger based on analysis results. Threat early phase software development life cycle constructive ensuring developed with adequate from beginning.