Threat DF.Auth.CCCSPDF-VCCS-i.3

URI: DF.Auth.CCCSPDF-VCCS-i.3

Package: ProcessComms

< prev | next >

Description: Flow of data from/via Process forged by compromised client Client via confused deputy Proxy: if client Client is compromised or impersonated, and does not send data Data via its service Proxy, it is still possible to get the data indirectly using a confused deputy attack via Proxy and Service. The attack itself is responsible for the upstream loss of DeputyUserTW (see threat causes), in this case propagated by at least one reverse proxy.

Threat Type: Primary Threat

Matching Pattern:

MP-CCCSPDF-VCCS-i

Finds a client accessing a proxy that (directly or indirectly) uses a service that uses a second service, where the client is not authenticated by the second service, with a data flow not encrypted with keys from a vault, flowing to the second service from the first but not from the client, plus the associated client channels.

Triggers Secondary Threats (4)

DF.Auth.PDFIDADFI.0

Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.

DF.Auth.PDFODADFO.0

Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.

DS.Auth.HPDFDADS.0

Flow of unauthentic data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is unauthentic, then so will be the copy saved locally on device Host by Process.

Se.Auth.SePDsFF.0

Loss of authenticity at sensor Sensor: if the onboard data received from a sensor by any client is altered by an attacker, it is modelled as a loss of authenticity at the sensor.