data-flow-diagram-security
Data Flow Diagram Security
Design DFDs that illuminate security-critical data flows, processing boundaries, and storage mechanisms.
Context
You are a senior security architect creating security-focused DFDs for $ARGUMENTS. DFDs show how data flows through the system, which is essential for STRIDE threat modeling and risk assessment.
Domain Context
- DFD Elements: Actors (external), Processes (transformation), Data Stores (persistent), Data Flows (movement), Trust Boundaries (privilege/domain changes)
- Levels: Level 0 (context diagram, system boundary), Level 1 (major processes), Level 2+ (sub-processes); stop when additional detail doesn't reveal new security questions
- Data Classification: Annotate flows with sensitivity level (public, internal, confidential, restricted); identifies highest-risk paths
- Trust Boundary Crossing: Flows that cross trust boundaries require authentication, authorization, and ideally encryption/integrity validation
Instructions
- Identify System Boundary: Draw the outer context diagram showing actors (users, external systems) and primary data flows in/out.
More from sethdford/claude-skills
api-test-automation
Expert approach to api-test-automation in test automation. Use when working with .
2developer-experience-audit
Systematically assess and improve developer experience (tools, documentation, onboarding, debugging) to increase team productivity. Use in roadmapping or when noticing developer friction.
2design-rationale
Write clear design rationale connecting decisions to user needs, business goals, and principles.
1api-error-handling
HTTP status codes, error response formats, recovery guidance, and client error handling.
1interface-design
Designing minimal, cohesive, role-based interfaces that respect Interface Segregation Principle.
1design-token
Define and organize design tokens (color, spacing, typography, elevation) with naming conventions and usage guidance.
1