|
What is the STRIDE model? STRIDE model is used to categorize security threats. Each letter in the STRIDE model has a meaning.
S- Spoofing Identity: - Most common form of threat. Impersonating someone by trying to use the user name and password.
T- Tampering with data:- Modifying or playing with the data maliciously in order to hamper the system.
R- Repudiation:- risk that a genuine transaction will be disowned by one of the participants
I- Information disclosure: - An attacker gains access without valid authentication
D- Denial of Service: - An attempt to deny any illegal attempt to access the system
E- Escalation of privileges: - an unprivileged user gains an access to the system
|
