Threat DF.O.CCDS2TC.0

URI: DF.O.CCDS2TC.0

Package: ProcessComms

< prev | next >

Description: Excessive demand for data Data via Client propagates via Service: if the flow of data Data requested by Client from Service is excessive, then Service will forward the request for an excessive amount of data to StepFrom.

Threat Type: Secondary Threat

Matching Pattern:

DF.O.CCDS2TC.0
MP-CCDS2TC

Finds a data flowing to/via a client via a service, plus the associated client channel and the data steps to the client and to the service, and optionally the manager of the service and of the data flow source process.

DF.O.CCDS2TC.0
DF.IS.PDFFA.8

Flow of Data from FlowsFrom to FlowsTo is in service: if process FlowsFrom is in service and able to access the data, and all the steps in the chain of processes between FlowsFrom and FlowsTo are in service, then the flow of Data from FlowsFrom to FlowsTo will be in service and potentially subject to attack, unless disabled.
DF.O.CCDS2TC.0
DF.O.CCDFSFC.3

Compromised client Client sends excessive data Data to/via Service: if Client is the source of a flow of data Data which is sent to or via service Service, then if an attacker or malicious user can access Service as Client, they can send too much data, aiming to overload the data flow destination FlowsTo.
DF.O.CCDS2TC.0
DF.O.CCDFSTC.3

Compromised client Client requests excessive data Data from/via Service: if Client is the destination of a flow of data Data which is sent from or via service Service, then if an attacker or malicious user can access Service as Client, they can request too much data, aiming to overload the data flow source FlowsFrom.
DF.O.CCDS2TC.0
CC.IS.CSCCmCC.8

Client channel from Client to Service is in service: here, access is via at least one proxy, so the channel is in service and subject to threats only if all its intermediate channels are in service, and it is not disabled by a policy change preventing access to Service by Client.
DF.O.CCDS2TC.0
CC.IS.CSCCSC.8

Client channel from Client to Service is in service: there is a service channel that is not out of service, so the client channel is in service and subject to threats unless disabled by a policy change preventing access to Service by Client.

        (empty)

        (empty)

CSG-AutoSuspendExcessiveClientAccess

Access to service Service by client Client may be automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-AutoSuspendExcessiveClientAccess-Implementation-Runtime

Access to service Service by client Client has been automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires Service to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.

CSG-SuspendExcessiveClientAccess

Change from: Access to service Service by client Client may be temporarily disabled by the process manager ServiceManager to prevent the service forwarding excessive requests or becoming overloaded itself, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it also triggers other threats representing side effects of the policy change, based on how likely it is that the contingency plan will need to be activated.

CSG-SuspendExcessiveClientAccess-Implementation-Runtime

Access to service Service by client Client is disabled by the process manager ServiceManager to prevent the service forwarding excessive requests or becoming overloaded itself. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal the process manager ServiceManager. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.