DIAGRAMS · MODELING · THREAT

📐 Modelling systems - visual examples

Seven data and system modelling methods with diagrams. Examples are fictional, intended for teaching.

Diagram of enthusiasm and relationship

ERD - Library Domain (Member · Loan · Book)

ERD - Library domain Member, Loan, Book entities with cardinalities. MEMBER PK member_id full_name : varchar email : varchar joined_on : date status : enum LOAN PK loan_id FK member_id loaned_on : date due_on : date returned_on : date? BOOK PK book_id isbn : varchar(13) title : varchar author : varchar copies_available : int LOAN_ITEM FK loan_id FK book_id · copies: int 1 : N borrows N N PK Primary Key FK Foreign Key ⋯ junction / bridge ? nullable

When to use

At the very beginning, when you have to understand what things (enthities) are in the system and how they are connected to each other - even before creating tables.

Related Standard

Chen ERD (1976), Crow's Foot notation, IDEF1X. Data dictionary is often entered.

Restrictions

Do not show any final tables or business laws. Many to many links should always be divided by an intermediate table.

Objective class diagram

UML Class - Vehicle Hierarchy

UML Class - Vehicle hierarchy Abstract Vehicle with Car and Truck subclasses showing visibility and inheritance. «abstract» Vehicle - vin: String - year: int # mileage: double + start(): bool Car - seatCount: int - bodyStyle: enum + openSunroof() + engageCruise() Truck - payloadKg: int - axleCount: int + loadCargo(int) + tilt(bool) extends extends ▷ tukšs trīsstūris = mantošana - privāts # aizsargāts + publisks «abstract» = nevar instancēt

When to use

Designing an object-oriented code - to see classes, their fields, methods and succession even before writing.

Related Standard

OMG UML 2.5.1. Also includes sequence, state, activity and employment charts.

Safety Note

private/protected is not a security wall - the code can bypass them (e.g. Java reflection). Real security limits are individual processes or services.

Transformation of a three-layer data model

Conceptual → Logical → Physical (Inventory)

Three-Layer Modeling Conceptual, logical and physical models side-by-side. CONCEPTUAL Biznesa skats - bez tehnikas Warehouse Shelf Item holds Tikai entītijas. Nav datu tipu. Nav atslēgu. Biznesa valoda. LOGICAL Strukturēts - bez konkrēta DB Item PK item_id : int sku : string(40) description : text weight_g : int ShelfPlacement PK placement_id : int FK shelf_id, item_id quantity : int Atslēgas + tipi definēti. Bez konkrēta dzinēja. Der jebkurai RDBMS. PHYSICAL Konkrēts SQL - PostgreSQL CREATE TABLE items ( id SERIAL PRIMARY KEY, sku VARCHAR(40) UNIQUE NOT NULL, description TEXT, weight_g INT CHECK (weight_g > 0), created_at TIMESTAMPTZ DEFAULT now() ); CREATE INDEX idx_sku ON items(sku); Dzinēja-specifisks SQL. Indeksi, constraints, tipi.

When to use

To gradually get from the business view to the ready database scheme. Each layer is designed for another reader - business, architect, DBA.

Related Standard

ANSI/SPARC three-schema architecture (1975). Nowadays: dbt stagging→intermediate→mart layers follow a similar principle.

Restrictions

In small projects, the conceptual layer is often omitted - but this does not allow business logic to get stuck in the database scheme.

Data flow diagram · Level 1

DFD - Restaurant Order (with trust boundary)

DFD - Restaurant ordering Level-1 DFD with trust boundary separating customer zone and kitchen. ⟪ Trust Boundary ⟫ Customer-facing zone ⟪ Trust Boundary ⟫ Back-of-house (kitchen) Customer [External] Card Network [External] 1.0 Take Order 2.0 Charge Card 3.0 Cook Meal D1: Orders (queue) order total + card authorize approval ticket External Process Data Store Trust boundary

When to use

To see how data flows between people and systems and where they are stored. This is the basis for the modelling of threats.

Related Standard

Yourdon/DeMarco notation. Nowadays - Microsoft Thread Modeling Tool, OWASP pytm, draw.io DFD template.

Safety Note

Each boundary of trust is the place where you have to check who you are (authentication) that you are (authorization) and whether the data is valid (validation). STRIDE starts from it.

Relation normalisation · Unnormalized → 3NF

Normalization - Movie Rentals

Normalization - Movie rentals Unnormalized table normalized to 1NF and then 3NF. ❌ Unnormalized rental_id | renter | movies 1 | Alice | Matrix, Inception, Dune 2 | Bob | Heat, Drive 3 | Alice | Tenet ⚠ Multivalues vienā šūnā ⚠ Īrnieka vārds dublēts 1NF 1NF - Atomiskas vērtības rental_id | movie_id | renter | movie_title 1 | M1 | Alice | Matrix 1 | M2 | Alice | Inception 1 | M3 | Alice | Dune 2 | M4 | Bob | Heat 2 | M5 | Bob | Drive ⚠ 'renter' atkarīgs tikai no rental_id (partial dep.) ↓ Sadalīt atsevišķās tabulās (2NF + 3NF) rentals PK rental_id: int FK renter_id: int rented_at: datetime ✓ Nav partial dep. renters PK renter_id: int name: varchar email: varchar ✓ Nav transitive dep. rental_items PK id: int FK rental_id, movie_id late_fee: decimal ✓ Atomisks, bez dublētiem movies PK movie_id: int title: varchar year: int ✓ Viena atbildība Katra tabula = viens skaidrs mērķis - nav dublētu datu, nav update/insert/delete anomāliju

When to use

In systems where data are frequently changed and duplication leads to errors (OLTP). Data warehouses (OLAP) often do the opposite - deliberately duplicated due to speed.

Related Standard

Cod, 1NF1:6NF (1970+). Boyce-Coded Normal Form (BCNF) - stricter than 3NF. Practically stop at 3NF/BCNF.

Restrictions

Too much normalisation = much JOIN = slower system. In practice start with 3NF and denormalize only if measurements require it.

C4 architecture model · Level 2 (Container)

C4 Container - Weather Forest Platform

C4 Container - Weather Platform Container view of synthetic weather platform with web app, API, time-series DB, external sensors. Public User [Person] «System: Weather Forecast Platform» Web Dashboard [Browser SPA] Forecast charts, station map Forecast API [REST service] Aggregations, model predictions Time-series DB [TSDB] Readings, historical forecasts Sensor Network [Field stations] «external» Satellite Imagery [Provider API] «external» uses [HTTPS] JSON/REST read/write MQTT HTTPS poll C4 Levels: Context → Container → Component → Code | ⋯ = external system outside our boundary

When to use

To describe the system architecture at a high level. The level of the Container indicates the separate parts to be launched - services, databases, external systems.

Related Standard

Simon Brown, c4model.com. arc42 frame (sec. 5 = Building Block View) is often used instead of C4 levels.

Safety Note

The system boundary is the first place to record how authentication takes place, where TLS ends and where audit logs are stored in the system.

Three modeling · Microsoft, 1999

STRIDE - Per-element Three Categories

STRIDE - Threat modeling DFD elements annotated with applicable STRIDE threat categories. User [External Entity] S · R Auth Service [Process] S T R I D E creds T · I · D User Table (argon2 hash) [Data Store] T · R · I · D STRIDE kategorijas: S Spoofing - uzdošanās par citu (account takeover, sertifikātu viltošana) T Tampering - datu izmaiņa (DB ieraksts, MITM injekcija) R Repudiation - darbības noliegšana (nepilnīgs audita žurnāls) I Information disclosure - datu noplūde (TLS trūkums, error stack traces) D Denial of service - pieejamības zaudēšana E Elevation of privilege - RCE, IDOR, role bypass
DFD Element S T R I D E
External Facility (user, system outside the border) ----
Process (services, lambdas, microservice)
Data Store (DB, files, S3 basket) --
Data Flow (HTTP/TCP, queue, IPC) ---

When to use

After DFD - pass through each element and check which six types of threat (STRIDE) fits it. Every threat found shall be recorded as to how to mitigate it.

Related Standard

Microsoft Three Modeling Tool, OWASP pytm. MITRE ATT&CK adds real tactics. PASTA, LINDDUN - other approaches.

Safety Note

STRIDE does not cover business logic errors, crypto weaknesses or supply chain. It is therefore often combined with OWASP Top 10 and MITRE ATT&CK.