Threat P.O.CCDFSFS.0

URI: P.O.CCDFSFS.0

Package: ProcessComms

< prev | next >

Description: Excessive demand of data Data requested via Client overloads Service: if a request for an excessive amount of data Data reaches the data source Service, it may overload Service.

Threat Type: Secondary Threat

Matching Pattern:

P.O.CCDFSFS.0
MP-CCDFSFS

Finds a data flow to/via a client from a service, and the associated client channel, data and the first data step, plus optionally the managers of the service and the source of the data flow. The source of the flow is matched twice, so it can be referred to by either role name.

        (empty)

        (empty)

CSG-AutoSuspendExcessiveClientAccess

Access to service Service by client Client may be automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-AutoSuspendExcessiveClientAccess-Implementation-Runtime

Access to service Service by client Client has been automatically disabled to prevent the service forwarding excessive requests or becoming overloaded itself. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires Service to be managed by a suitable adaptation framework. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.

CSG-SuspendExcessiveClientAccess

Change from: Access to service Service by client Client may be temporarily disabled by the process manager ServiceManager to prevent the service forwarding excessive requests or becoming overloaded itself, at the cost of some reduction in availability. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it also triggers other threats representing side effects of the policy change, based on how likely it is that the contingency plan will need to be activated.

CSG-SuspendExcessiveClientAccess-Implementation-Runtime

Access to service Service by client Client is disabled by the process manager ServiceManager to prevent the service forwarding excessive requests or becoming overloaded itself. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal the process manager ServiceManager. The Disable Client Access control should be deselected if and when access by Client to Service has been enabled once again.