Threat DF.Auth.ACDF-VSC-i.3.1

URI: DF.Auth.ACDF-VSC-i.3.1

Description: Flow of data Data from FlowsFrom to FlowsTo altered by compromised service Service: if an attacker can compromise service Service, they can they can inject fake data via messages to Client.

Threat Type: Primary Threat

Matching Pattern:

MP-ACDF-VSC-i

Finds a data flow not encrypted with keys from a vault, that goes via a service and thence a client, and the related channel and any data fields, where the connection is direct and not via any credential-sharing intermediaries.

(empty)

DF.Auth.PDFIDADFI.0

Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Flow of unauthentic data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is unauthentic, then so will be the copy saved locally on device Host by Process.

Se.Auth.SePDsFF.0

Loss of authenticity at sensor Sensor: if the onboard data received from a sensor by any client is altered by an attacker, it is modelled as a loss of authenticity at the sensor.

(empty)

LossOfAuthenticity at Role_Data

LossOfAuthenticity at Role_DataField

LossOfAuthenticity at Role_DataFlow

CSG-DataFlowIntegrityProtection

Makes it possible to check that a copy of Data flowing from FlowsFrom to FlowsTo has not been accidentially or deliberately altered by an intermediary or in transit.

Threat DF.Auth.ACDF-VSC-i.3.1

MP-ACDF-VSC-i

Triggered by Threat (0)

Triggers Secondary Threats (4)

DF.Auth.PDFIDADFI.0

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Se.Auth.SePDsFF.0

Triggered By Control Strategy (0)

Misbehaviour Sets (3)

Control Strategies (1)