Threat DF.C.AC-iDF-VSC.3.2

The sending of data Data from FlowsFrom to FlowsTo can be can be automatically disabled to prevent leaking of data. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

The sending of data Data from FlowsFrom to FlowsTo has been automatically disabled to prevent leaking of data. This strategy represents activation of a contingency plan at runtime, and can be enabled to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires FlowsFrom to be managed by a suitable adaptation framework. The Disabled Data Flow control should be deselected if and when the flow of data is enabled once again.

Access to service Service by client Client may be automatically disabled to prevent authenticated attacks by compromised clients, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

Access to service Service by client Client has been automatically disabled to prevent authenticated attacks by compromised clients. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires Service to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.

The data Data flowing between processes FlowsFrom and FlowsTo is encrypted by the two processes (i.e. not relying on transport level encryption).

The flow of data Data from FlowsFrom to FlowsTo can be temporarily blocked by the manager ProcessManager of sending process FlowsFrom to prevent leaking of data. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

The sending of data Data from FlowsFrom to FlowsTo has been disabled by the manager ProcessManager of FlowsFrom to prevent leaking of data. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user ProcessManager who is responsible for managing process FlowsFrom. The Disabled Data Flow control should be deselected only when the flow of data is enabled again.

Access to service Service by client Client may be temporarily disabled by the process manager ServiceManager to prevent authenticated attacks by compromised or impersonated clients, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it also triggers other threats representing side effects of the policy change, based on how likely it is that the contingency plan will need to be activated.

Access to service Service by client Client is disabled by the process manager ServiceManager to prevent authenticated attacks by compromised clients. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal the process manager ServiceManager. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.