Threat DS.Auth.HPsACdpDS-V.1

URI: DS.Auth.HPsACdpDS-V.1

Description: Use of Process to alter Data on Host: someone with the rights of Process on its host device Host can exploit the rights of Process to process and update the locally stored copy of Data.

Threat Type: Primary Threat

Matching Pattern:

MP-HPsACdpDS-V

Finds a host running a Process with write/delete access (crudd) to a locally stored data copy not controlled by a key vault, which it also processes, plus the data access asset representing the data deserialization, the access contexts for the process on this host, any data fields included in the stored data, and optionally the host manager.

(empty)

DF.Auth.HPDSDADF.0

Service Process serves an unauthentic stored copy of data Data to FlowsTo: if the locally stored copy of Data on Host served by Process is unauthentic, so will the flow of Data served to FlowsTo.

Co.M.CoPDS.0

Loss of control due to compromised input at controller Controller: if the onboard data received by the onboard control process at a controller is not authentic, the attacker can assume control, which is represented as loss of control over the controller.

(empty)

LossOfAuthenticity at Role_Data

LossOfAuthenticity at Role_DataCopy

LossOfAuthenticity at Role_DataField

CSG-EncryptedDataProcessing

Process Process uses homomorphic encryption technology to perform calculations on data Data in an encrypted domain, allowing it to process the data without first decrypting.

Threat DS.Auth.HPsACdpDS-V.1

MP-HPsACdpDS-V

Triggered by Threat (0)

Triggers Secondary Threats (2)

DF.Auth.HPDSDADF.0

Co.M.CoPDS.0

Triggered By Control Strategy (0)

Misbehaviour Sets (3)

Control Strategies (1)