STRIDE model: Difference between revisions
m Updating link after a site reorganization. |
m PhotographyEdits moved page STRIDE (security) to STRIDE model: Remove unnecessary parentheses/disambiguator |
||
(14 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
{{Short description|Model for identifying computer security threats}} |
|||
'''STRIDE''' is a model for identifying [[computer security]] [[Threat (computer)|threats]]<ref>{{Cite journal |last=Kohnfelder |first=Loren |last2=Garg |first2=Praerit |date=April 1, 1999 |title=The threats to our products |url=https://shostack.org/files/microsoft/The-Threats-To-Our-Products.docx |journal=Microsoft Interface |accessdate=13 April 2021}}</ref> developed by Praerit Garg and [[Loren Kohnfelder]] at [[Microsoft]].<ref>{{Cite web |last=Shostack |first=Adam |date=27 August 2009 |title="The Threats To Our Products" |url=https://cloudblogs.microsoft.com/microsoftsecure/2009/08/27/the-threats-to-our-products/ |website=Microsoft SDL Blog |publisher=Microsoft |accessdate=18 August 2018}}</ref> It provides a [[mnemonic]] for security threats in six categories.<ref>{{Cite web |title=The STRIDE Threat Model |url=https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx |website=Microsoft |publisher=Microsoft}}</ref> |
'''STRIDE''' is a model for identifying [[computer security]] [[Threat (computer)|threats]]<ref>{{Cite journal |last=Kohnfelder |first=Loren |last2=Garg |first2=Praerit |date=April 1, 1999 |title=The threats to our products |url=https://shostack.org/files/microsoft/The-Threats-To-Our-Products.docx |journal=Microsoft Interface |accessdate=13 April 2021}}</ref> developed by Praerit Garg and [[Loren Kohnfelder]] at [[Microsoft]].<ref>{{Cite web |last=Shostack |first=Adam |date=27 August 2009 |title="The Threats To Our Products" |url=https://cloudblogs.microsoft.com/microsoftsecure/2009/08/27/the-threats-to-our-products/ |website=Microsoft SDL Blog |publisher=Microsoft |accessdate=18 August 2018}}</ref> It provides a [[mnemonic]] for security threats in six categories.<ref>{{Cite web |title=The STRIDE Threat Model |url=https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx |website=Microsoft |publisher=Microsoft}}</ref> |
||
Line 18: | Line 19: | ||
{| class="wikitable" |
{| class="wikitable" |
||
|- |
|- |
||
! Threat !! Desired property |
! Threat !! Desired property !! Threat Definition |
||
|- |
|- |
||
| Spoofing || Authenticity |
| Spoofing || Authenticity || Pretending to be something or someone other than yourself |
||
|- |
|- |
||
| Tampering || Integrity |
| Tampering || Integrity || Modifying something on disk, network, memory, or elsewhere |
||
|- |
|- |
||
| Repudiation || Non-repudiability |
| Repudiation || Non-repudiability || Claiming that you didn't do something or were not responsible; can be honest or false |
||
|- |
|- |
||
| Information disclosure || Confidentiality |
| Information disclosure || Confidentiality || Someone obtaining information they are not authorized to access |
||
|- |
|- |
||
| Denial of |
| Denial of service || Availability || Exhausting resources needed to provide service |
||
|- |
|- |
||
| Elevation of |
| Elevation of privilege || Authorization || Allowing someone to do something they are not authorized to do |
||
|} |
|} |
||
Line 36: | Line 37: | ||
Repudiation is unusual because it's a threat when viewed from a security perspective, and a desirable property of some privacy systems, for example, Goldberg's "[[Off-the-Record Messaging|Off the Record]]" messaging system. This is a useful demonstration of the tension that security design analysis must sometimes grapple with. |
Repudiation is unusual because it's a threat when viewed from a security perspective, and a desirable property of some privacy systems, for example, Goldberg's "[[Off-the-Record Messaging|Off the Record]]" messaging system. This is a useful demonstration of the tension that security design analysis must sometimes grapple with. |
||
Elevation of |
Elevation of privilege is often called escalation of privilege, or privilege escalation. They are synonymous. |
||
== See also == |
== See also == |
||
* [[Attack tree]] – another approach to security threat modeling, stemming from dependency analysis |
* [[Attack tree]] – another approach to security threat modeling, stemming from dependency analysis |
||
* [[Cyber security and countermeasure]] |
* [[Cyber security and countermeasure]] |
||
* [[DREAD (risk assessment model)]] – |
* [[DREAD (risk assessment model)|DREAD]] – a classification system for security threats |
||
* [[OWASP]] – an organization devoted to improving web application security through education |
* [[OWASP]] – an organization devoted to improving web application security through education |
||
* [[Information security#Key concepts|CIA]] also known as AIC{{ |
* [[Information security#Key concepts|CIA]] also known as AIC<ref>{{Cite web| url=https://www.tripwire.com/state-of-security/security-data-protection/key-ot-cybersecurity-challenges-availability-integrity-confidentiality/ |title=Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality| access-date=2022-07-20| website=tripwire.com |language=en}}</ref><ref>{{Cite web |title=What is the CIA Triad? Definition, Explanation and Examples |url=https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA |access-date=2022-05-01 |website=WhatIs.com |language=en}}</ref> – another mnemonic for a security model to build security in IT systems |
||
==References== |
==References== |
||
Line 52: | Line 53: | ||
[[Category:Computer security]] |
[[Category:Computer security]] |
||
{{comp-sci-stub}} |
{{comp-sci-stub}} |
Latest revision as of 14:43, 26 April 2024
STRIDE is a model for identifying computer security threats[1] developed by Praerit Garg and Loren Kohnfelder at Microsoft.[2] It provides a mnemonic for security threats in six categories.[3]
The threats are:
- Spoofing
- Tampering
- Repudiation
- Information disclosure (privacy breach or data leak)
- Denial of service
- Elevation of privilege[4]
The STRIDE was initially created as part of the process of threat modeling. STRIDE is a model of threats, used to help reason and find threats to a system. It is used in conjunction with a model of the target system that can be constructed in parallel. This includes a full breakdown of processes, data stores, data flows, and trust boundaries.[5]
Today it is often used by security experts to help answer the question "what can go wrong in this system we're working on?"
Each threat is a violation of a desirable property for a system:
Threat | Desired property | Threat Definition |
---|---|---|
Spoofing | Authenticity | Pretending to be something or someone other than yourself |
Tampering | Integrity | Modifying something on disk, network, memory, or elsewhere |
Repudiation | Non-repudiability | Claiming that you didn't do something or were not responsible; can be honest or false |
Information disclosure | Confidentiality | Someone obtaining information they are not authorized to access |
Denial of service | Availability | Exhausting resources needed to provide service |
Elevation of privilege | Authorization | Allowing someone to do something they are not authorized to do |
Notes on the threats[edit]
Repudiation is unusual because it's a threat when viewed from a security perspective, and a desirable property of some privacy systems, for example, Goldberg's "Off the Record" messaging system. This is a useful demonstration of the tension that security design analysis must sometimes grapple with.
Elevation of privilege is often called escalation of privilege, or privilege escalation. They are synonymous.
See also[edit]
- Attack tree – another approach to security threat modeling, stemming from dependency analysis
- Cyber security and countermeasure
- DREAD – a classification system for security threats
- OWASP – an organization devoted to improving web application security through education
- CIA also known as AIC[6][7] – another mnemonic for a security model to build security in IT systems
References[edit]
- ^ Kohnfelder, Loren; Garg, Praerit (April 1, 1999). "The threats to our products". Microsoft Interface. Retrieved 13 April 2021.
- ^ Shostack, Adam (27 August 2009). ""The Threats To Our Products"". Microsoft SDL Blog. Microsoft. Retrieved 18 August 2018.
- ^ "The STRIDE Threat Model". Microsoft. Microsoft.
- ^ Guzman, Aaron; Gupta, Aditya (2017). IoT Penetration Testing Cookbook: Identify Vulnerabilities and Secure your Smart Devices. Packt Publishing. pp. 34–35. ISBN 978-1-78728-517-0.
- ^ Shostack, Adam (2014). Threat Modeling: Designing for Security. Wiley. pp. 61–64. ISBN 978-1118809990.
- ^ "Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality". tripwire.com. Retrieved 2022-07-20.
- ^ "What is the CIA Triad? Definition, Explanation and Examples". WhatIs.com. Retrieved 2022-05-01.