Threat DF.A.HPDODF-V.6.1

URI: DF.A.HPDODF-V.6.1

Description: Process Process cannot encrypt output Data for transmission to FlowsTo: the flow of output data Data from Process to FlowsTo should be encrypted, but Process has no means to encrypt the data before sending it.

Threat Type: Secondary Threat

Matching Pattern:

MP-HPDODF-V

Finds a Host running a Process that creates (possibly from user input) a Data Flow not encrypted with keys from a vault, to send to a destination process, plus the associated Data and Data Output assets, and optionally the Process and Host managers.

DF.X.PDFV.6

Flow of Data from FlowsFrom to Process is encrypted: which means the inflowing copy of the data is not available for unencrypted access.

DF.X.PDF-V.6

Flow of Data from FlowsFrom to Process is encrypted: which means the inflowing copy of the data is not available for unencrypted access.

DS.T.HPDFDAuDS.0

Data Data stored on Host cannot be updated by Process with input from FlowsFrom: process Process manages a stored copy of data Data on Host, so if a flows of updates from FlowsFrom is not available, then Process cannot update this copy of Data which will become out of date.

Hu.T.HuirPvDF.0.2

User Human affected by unavailable data Data from FlowsFrom received by Process: if the flow of data Data to Process is interrupted, that would have been displayed to user Human, they may make decisions based on the out of date information.

P.A.PuDFDI.0

Lack of incoming Data affects availability of Process: process Process depends on an incoming flow of Data from FlowsFrom, so if that is unavailable the availablity of the process will be affected.

P.T.P-uDFDI.0

Loss of availability in flow of Data to Process caused a delay in processing: since process Process uses the incoming copy of data Data but does not depend on it, if that copy is unavailable, the process can continue but will be processing out of date information.

Se.A.SePDmFF.0

Loss of availability at sensor Sensor: if the onboard data from a sensor is not available to any client, it is modelled as a loss of availability at the sensor.

(empty)

LossOfAvailability at Role_DataFlow

CSG-DataAccessKey	Process *Process* has a key for encrypting or decrypting data *Data*.
CSG-EncryptedDataProcessing	Process *Process* uses homomorphic encryption technology to perform calculations on data *Data* in an encrypted domain, allowing it to process the data without first decrypting.

Threat DF.A.HPDODF-V.6.1

MP-HPDODF-V

Triggered by Threat (2)

DF.X.PDFV.6

DF.X.PDF-V.6

Triggers Secondary Threats (5)

DS.T.HPDFDAuDS.0

Hu.T.HuirPvDF.0.2

P.A.PuDFDI.0

P.T.P-uDFDI.0

Se.A.SePDmFF.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (2)