Threat DF.A.CSDF-VdDA2.6

URI: DF.A.CSDF-VdDA2.6

Description: Inconsistent encryption of Data flowing from Service to Client: processes Client and Service exchange data Data in encrypted form but uses a key to encrypt or decrypt between transfer and processing, so they need a secure way to also share the cryptographic key used.

Threat Type: Primary Threat

Matching Pattern:

MP-CSDF-VdDA2

Finds two process participating in a data flow not encrypted with keys from a vault.

(empty)

CSG-DistinctProcessAccessKeys

LossOfAvailability at Role_DataAsset

CSG-SharedKeyManagement

Processes Client and Service have secure access to a shared key used to encrypt and decrypt data Data for transfer via file or network.

Threat DF.A.CSDF-VdDA2.6

MP-CSDF-VdDA2

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (1)

Misbehaviour Sets (1)

Control Strategies (1)