Applying A Threat Model 1 : Microsoft STRIDE

Threat Assessment is the process of examining a design architecture from a high level to identify any security risks and plan suitable mitigations.

In this case, we are protecting the confidentiality, integrity and availability of our data.

What is STRIDE?

• One of the many approaches but each has its own shared concepts.
• Open-source and we'll documented as part of Microsoft's Secure Development approaches.
• Microsoft developed threat assessment methodology.

STRIDE

S - Spoofing T - Tampering R - Repudiation I - Information Disclosure D - Denial of service E - Escalation

Is STRIDE the right tool for you?

Advantages

• Simple framework that can be easy to remember .
• No license fees or external costs.
• Relatively non-technical.
• Free tools available for modelling.

Disadvantages

• Aimed more at traditional software architectures.
• Tools are often very Microsoft centric and may be a time sink.
• Doesn't consider likelihood or impact as part of the assessments.

Now, we break down STRIDE into it's independent definition.

• Spoofing - is the act of pretending to be another user, device or system and emulating traffic they might send or actions they might take.
• Tampering - is the unauthorized or malicious modification of data.
• Repudiation - is the ability to conduct an action within a system and deny ownership of that action.
• Information Disclosure - is a loss of data confidentiality as a result of unauthorized disclosure of information.
• Denial of Service - is the process of interacting with a system or service in such a way that it is unable to provide service or functionality to others.
• Escalation of privilege - is the process of gaining access to systems, data or functionality that exceed your assigned privileges.