stride 模型

1.伪装身份（Spoofing identity），对应安全认证（鉴权）
2.篡改数据（Tampering with data），对应数据完整性
3.抵赖（Repudiation），对应不可抵赖性
4.信息泄露（Information disclosure），对应机密性
5.拒绝服务（Denial of service），对应可用性
6.提升权限（Elevation of privilege），对应授权
————————————————

STRIDE (security)

From Wikipedia, the free encyclopedia

Jump to navigationJump to search

STRIDE is a model of threats developed by Praerit Garg and Loren Kohnfelder at Microsoft[1] for identifying computer security threats.[2] It provides a mnemonic for security threats in six categories.[3]

The threats are:

• Spoofing
• Tampering
• Repudiation
• Information disclosure (privacy breach or data leak)
• Denial of service
• Elevation of privilege[4]

The STRIDE was initially created as part of the process of threat modeling. STRIDE is a model of threats, used to help reason and find threats to a system. It is used in conjunction with a model of the target system that can be constructed in parallel. This includes a full breakdown of processes, data stores, data flows and trust boundaries.[5]

Today it is often used by security experts to help answer the question "what can go wrong in this system we're working on?"

Each threat is a violation of a desirable property for a system:

Threat	Desired property
Spoofing	Authenticity
Tampering	Integrity
Repudiation	Non-repudiability
Information disclosure	Confidentiality
Denial of Service	Availability
Elevation of Privilege	Authorization

 

Contents

• 1Notes on the threats
• 2See also
• 3References
• 4External links

Notes on the threats[edit]

Repudiation is unusual because it's a threat when viewed from a security perspective, and a desirable property of some privacy systems, for example, Goldberg's "Off the Record" messaging system. This is a useful demonstration of the tension that security design analysis must some