Threat DF.Auth.AC-iDF-VSC.3.2

URI: DF.Auth.AC-iDF-VSC.3.2

Description: Imposter posing as Service injects false content into the flow of data Data from FlowsFrom to FlowsTo between Service and Client: if an attacker can impersonate service Service, they can inject false data in messages to Client.

Threat Type: Primary Threat

Matching Pattern:

MP-AC-iDF-VSC

Finds a data flow not encrypted with keys from a vault, that goes via a service and thence via a client, plus any data fields, and the related auth channel, where the client and service have a trust relationship w.r.t. the data flow (i.e., they are not intermediaries in an end-to-end relationship).

(empty)

DF.Auth.PDFIDADFI.0

Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Flow of unauthentic data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is unauthentic, then so will be the copy saved locally on device Host by Process.

Se.Auth.SePDsFF.0

Loss of authenticity at sensor Sensor: if the onboard data received from a sensor by any client is altered by an attacker, it is modelled as a loss of authenticity at the sensor.

(empty)

LossOfAuthenticity at Role_Data

LossOfAuthenticity at Role_DataField

LossOfAuthenticity at Role_DataFlow

CSG-DataFlowIntegrityProtection

Makes it possible to check that a copy of Data flowing from FlowsFrom to FlowsTo has not been accidentially or deliberately altered by an intermediary or in transit.

Threat DF.Auth.AC-iDF-VSC.3.2

MP-AC-iDF-VSC

Triggered by Threat (0)

Triggers Secondary Threats (4)

DF.Auth.PDFIDADFI.0

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Se.Auth.SePDsFF.0

Triggered By Control Strategy (0)

Misbehaviour Sets (3)

Control Strategies (1)