Security Architecture and Design: STRIDE Model Report

Verified

Added on 2020/03/28

AI Summary

This report provides an analysis of the STRIDE model within the context of security architecture and design, specifically focusing on its application to the Elevation of Privilege game. The STRIDE model, an acronym for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege, is a critical framework for identifying and mitigating security threats. The report details each threat category, explaining their nature and potential impact on systems. It emphasizes the importance of the STRIDE model in minimizing security issues, especially in dynamic testing and data protection. The report also references the game Elevation of Privilege, illustrating how the model can be applied to assess and improve the game's security aspects. The report highlights the importance of understanding these threats to enhance system reliability and prevent unauthorized access and data breaches. The report provides a comprehensive overview of the STRIDE model, its application, and its significance in modern security practices, supported by references to relevant research and publications.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: SECURITY ARCHITECTURE AND DESIGN
Security Architecture and Design: STRIDE Model
Name of the student:
Name of the university:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1SECURITY ARCHITECTURE AND DESIGN
About the game
Elevation of Privilege is a card game that is designed by Adam Shostack but the experts
are not at all aware of the security aspects. In order to engage the users with support and non
threatening models, utilization of the game props are required to be utilized properly. The game
is designed for 3 to 5 players it means that not more tha5 players can play the game accordingly.
The EoP game is consists of 84 cards, including 2 instruction cards, 1 play and strategy flowchart
card, 74 playing cards, 6 reference cards, and an ‘about’ card. Six different suits are associated t
the game such as Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service,
and Elevation of Privilege. The STRIDE model is used for modeling the threat. Each of the suits
are consists of different card numbers like the genera play cards starting from 2 and end up to 10,
jack, queen, king ad ace. The tempering card starts with 3 as repetition of cards can be avoided
but due to lack of enough hints this is not possible.
Application: The stride Threat Model
Security modeling is referred to as one of the most effective and efficient thing that is
strictly required to be considered for minimizing the security issues that affects the normal flow
of any system. For fuzzing technique or for any other dynamic testing STRIDE security model is
very much important. In order to theft confidential data from the server or storage different
attackers use different kind of attack mechanisms. Based on the threats and their side effects
those are required to be differentiated in different names or categories. The STRIDE model is
the derived acronym for different six threats such as spoofing, tempering, repudiation, non-

2SECURITY ARCHITECTURE AND DESIGN
repudiation, and information disclosure, denial of services and Elevation of Privilege (EOP). The
six threat categories are elaborated below:
Spoofing identity: Spoofing is an attacking approach where the hackers illegally access
the authenticated user’s information such as password and user name to fulfill their unethical
requirements.
Temper with information or data: Data tempering is referred to as a malicious data
modification approach. In this case, unauthenticated changes are made in the database or
information storage without taking permission from the storage owner. Basically, during the time
of data update or data alteration and data transfer phase, this kind of attacks took place y the
hackers. While data is transferred from one computer to another the network even also might get
attacked.
Repudiation: The repudiation threat is associated with those users who deny performing
the required actions for data modification and access. This kind of threats took place by the users
within the system through illegal operation of the users. In order to prohibit the operation no
such actionable forces are available in the market.
Non-Repudiation: It is referred to as a system ability that allows the system to
counter repudiation threat. The consumers who are buying products might have to sign in to the
system for getting receipt. With the receipt the seller will get a proof to ensure that they have
bought the product.
Information disclosure: In this case the unauthorized users get opportunities to access
data from the server. In this threat the users who are authorized to access data from the server
can access data from the storage but at the same time the users who have o permission can also

3SECURITY ARCHITECTURE AND DESIGN
access information unethically.
Denial of Service: Due to lack of system reliability and availability DOS attack
might took place in a system. The DOS attacks deny the services for the validate users. If the
web server becomes temporarily unavailable to the users then, the users will fail to protect the
information from the external attackers. By improving the reliability and availability of the
system the server could keep secured from the external attacker.
Elevation of privilege: In this type of threats the unprivileged users get
opportunity to access information from the server. Through this approach they do get sufficient
chances to destroy an entire system. In order to keep the information secured from the external
attackers proper defense mechanism.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4SECURITY ARCHITECTURE AND DESIGN
References
Dauer, P., Khondoker, R., Marx, R. & Bayarou, K., (2015), June. Security Analysis of Software
Defined Networking Applications for Monitoring and Measurement: sFlow and BigTap. In The
10th International Conference on Future Internet (pp. 51-56). ACM.
Georgescu, M., Hazeyama, H., Okuda, T., Kadobayashi, Y. &Yamaguchi, S., (2016), February.
The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies.
In ICISSP (pp. 243-254).
Marback, A., Do, H., He, K., Kondamarri, S. & Xu, D., (2013). A threat model‐based approach
to security testing. Software: Practice and Experience, 43(2), pp.241-258.
Scandariato, R., Wuyts, K. & Joosen, W., (2015). A descriptive study of Microsoft’s threat
modeling technique. Requirements Engineering, 20(2), pp.163-180.
Xin, T. & Xiaofang, B., (2014). Online Banking Security Analysis based on STRIDE Threat
Model. International Journal of Security and Its Applications, 8(2), pp.271-282.