Control Strategy AutoSuspendUnauthenticClientAccess

URI: CSG-AutoSuspendUnauthenticClientAccess

Description: Access to service Service by client Client may be automatically disabled to prevent authenticated attacks by impersonated clients, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

(empty)

CC.R.CCCS-i.1

Authenticated access as Client to service Service: anyone who has access to Service and can authenticate as Client can gain authenticated access to Service as Client.

CC.AX.CCCS.6.2

Disabling access by impersonated client Client to Service affects availability: access by client Client to service Service may be disabled to prevent access by an impersonated client, but this affects the availability of client-service connections.

AutoDataGovernance at Role_Service

SuspendUnauthenticClientAccess at Role_ClientChannel

Control Strategy AutoSuspendUnauthenticClientAccess

Mitigated Threats (0)

Blocked Threats (1)

CC.R.CCCS-i.1

Triggers Threats (1)

CC.AX.CCCS.6.2

Control Sets (2)