Threat DF.C.AC-iDF-VCS.3.2

URI: DF.C.AC-iDF-VCS.3.2

Description: Imposter posing as service Service intercepts flow of Data from FlowsFrom and FlowsTo sent by Client: if an attacker can impersonate service Service, they can intercept content in the flow of data Data between FlowsFrom and FlowsTo via the service and its client Client.

Threat Type: Primary Threat

Matching Pattern:

MP-AC-iDF-VCS

Finds a data flow not encrypted with keys from a vault, that goes via a client and thence a service, plus any data fields, and the related auth channel, where the client and service have a trust relationship w.r.t. the data flow (i.e., they are not intermediaries in an end-to-end relationship).

(empty)

Co.C.CoPD.0

Data leakage at controller Controller: if the control input data for a controller leaks, it is modelled as a loss of confidentiality for the controller.

Se.C.SePD.0

Data leakage at sensor Sensor: if the onboard data at a sensor leaks, it is modelled as a loss of confidentiality at the sensor.

(empty)

LossOfConfidentiality at Role_Data

LossOfConfidentiality at Role_DataField

LossOfConfidentiality at Role_DataFlow

CSG-DataFlowEncryption

The data Data flowing between processes FlowsFrom and FlowsTo is encrypted by the two processes (i.e. not relying on transport level encryption).

Threat DF.C.AC-iDF-VCS.3.2

MP-AC-iDF-VCS

Triggered by Threat (0)

Triggers Secondary Threats (2)

Co.C.CoPD.0

Se.C.SePD.0

Triggered By Control Strategy (0)

Misbehaviour Sets (3)

Control Strategies (1)