Control ClearDeputy

Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

Signifies that Service can be considered immune to a confused deputy attack that does not involve exploitation of a software vulnerability. This should be used when Service is programmed in such a way that it can only access a back-end service for specific clients. Do not use this if access to back-end services require OIDC- or OAuth-style tokens issued to the client - in that case add the OIDC/OAuth service along with the appropriate relationships from the client and to the back-end service(s).