Threat CC.AuS.CRoS.3

URI: CC.AuS.CRoS.3

Description: Spoofing of service Service to Client at subnet LogicalSubnet: an attacker with control of a logical subnet on the path between client Client and service Service can divert messages for Service so they go to a fake version of the service under their control.

Threat Type: Primary Threat

Matching Pattern:

MP-CRoS

Finds a Service and its Host, a Client Channel from a legitimate Client and its Host, and a Logical Subnet used by at least one path from the client, plus the Client Path for that Client from this Subnet, and optionally the service manager and client user.

(empty)

ServiceImpersonation at Role_ClientChannel

ServiceImpersonation at Role_IndirectChannel

CSG-ServiceAuthN-X509

The client Client authenticates the service Service using an asymmetric cryptographic challenge against a public key registered to the service operator through a trusted means such as X509.

Threat CC.AuS.CRoS.3

MP-CRoS

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (2)

Control Strategies (1)