Security Analysis Threat Models#

STRIDE Threat Model
status: valid
tags: security_analysis
contained by: wf__analyse_sec_featarch, wf__analyse_sec_comparch, wf__mr_sec_analyses, wf__vy_sec_analyses
Threat Model for sequence diagrams using STRIDE methodology
gd_guidl__threat_models_stride
Process Guideline

Note

Use the applicable threat models to ensure a structured analysis. If there are additional threat models needed, please enlarge the list of threat models.

Note

A security-relevant message shall be protected against spoofing, tampering, information disclosure, repudiation, denial of service, and elevation of privilege.

Threat Models for sequence diagrams
Table 53 Threat Models for sequence diagrams using STRIDE :header-rows: 1 :widths: 15,15,45,15#

Element

ID

Threat Mode (STRIDE Category)

Importance (can be used for prioritization)

message

MT_01_01

message is intercepted (Information Disclosure)

High

message

MT_01_02

message is tampered with (Tampering)

High

message

MT_01_03

message timing is manipulated (Tampering)

Medium

message

MT_01_04

message not received by all authorized recipients (Denial of Service)

High

message

MT_01_05

message content is modified (Tampering)

High

message

MT_01_06

message is blocked (Denial of Service)

High

message

MT_01_07

message is spoofed (Spoofing)

High

duration/time constraint

CT_01_01

timing constraint violated for attack (Tampering)

Medium

duration/time constraint

CT_01_02

timing attack enabling side-channel (Information Disclosure)

High

execution

EX_01_01

Process produces malicious result(s) (Tampering)

High

execution

EX_01_02

processing is slowed down for DoS (Denial of Service)

Medium

execution

EX_01_03

processing is accelerated to bypass checks (Tampering)

Medium

execution

EX_01_04

execution is terminated (Denial of Service)

High

execution

EX_01_05

execution flow is hijacked (Elevation of Privilege)

High

execution

EX_01_06

processing enters infinite loop (Denial of Service)

High

authentication

AU_01_01

authentication is bypassed (Spoofing)

High

authentication

AU_01_02

credentials are stolen (Information Disclosure)

High

authentication

AU_01_03

session is hijacked (Spoofing)

High

authorization

AZ_01_01

authorization is bypassed (Elevation of Privilege)

High

authorization

AZ_01_02

privileges are escalated (Elevation of Privilege)

High

authorization

AZ_01_03

access control is circumvented (Elevation of Privilege)

High

data storage

DS_01_01

data is accessed without authorization (Information Disclosure)

High

data storage

DS_01_02

data is modified without authorization (Tampering)

High

data storage

DS_01_03

data integrity is violated (Tampering)

High

logging/audit

LA_01_01

logs are deleted or modified (Repudiation)

Medium

logging/audit

LA_01_02

actions cannot be traced (Repudiation)

Medium

logging/audit

LA_01_03

sensitive data is logged (Information Disclosure)

High