Elevation of Privilege is a card game that is designed by Adam Shostack but the experts are not at all aware of the security aspects. In order to engage the users with support and non threatening models, utilization of the game props are required to be utilized properly. The game is designed for 3 to 5 players it means that not more tha5 players can play the game accordingly. The EoP game is consists of 84 cards, including 2 instruction cards, 1 play and strategy flowchart card, 74 playing cards, 6 reference cards, and an ‘about’ card. Six different suits are associated t the game such as Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
The STRIDE model is used for modeling the threat. Each of the suits are consists of different card numbers like the genera play cards starting from 2 and end up to 10, jack, queen, king ad ace. The tempering card starts with 3 as repetition of cards can be avoided but due to lack of enough hints this is not possible.
Application: The stride Threat Model
Security modeling is referred to as one of the most effective and efficient thing that is strictly required to be considered for minimizing the security issues that affects the normal flow of any system. For fuzzing technique or for any other dynamic testing STRIDE security model is very much important. In order to theft confidential data from the server or storage different attackers use different kind of attack mechanisms. Based on the threats and their side effects those are required to be differentiated in different names or categories. The STRIDE model is the derived acronym for different six threats such as spoofing, tempering, repudiation, non- repudiation, and information disclosure, denial of services and Elevation of Privilege (EOP). The six threat categories are elaborated below:
Spoofing identity: Spoofing is an attacking approach where the hackers illegally access the authenticated user’s information such as password and user name to fulfill their unethical requirements.
Temper with information or data: Data tempering is referred to as a malicious data modification approach. In this case, unauthenticated changes are made in the database or information storage without taking permission from the storage owner. Basically, during the time of data update or data alteration and data transfer phase, this kind of attacks took place y the hackers. While data is transferred from one computer to another the network even also might get attacked.
Repudiation: The repudiation threat is associated with those users who deny performing the required actions for data modification and access. This kind of threats took place by the users within the system through illegal operation of the users. In order to prohibit the operation no such actionable forces are available in the market. Non-Repudiation: It is referred to as a system ability that allows the system to counter repudiation threat. The consumers who are buying products might have to sign in to the system for getting receipt. With the receipt the seller will get a proof to ensure that they have bought the product.
Information disclosure: In this case the unauthorized users get opportunities to access data from the server. In this threat the users who are authorized to access data from the server can access data from the storage but at the same time the users who have o permission can also access information unethically. Denial of Service: Due to lack of system reliability and availability DOS attack might took place in a system.
The DOS attacks deny the services for the validate users. If the web server becomes temporarily unavailable to the users then, the users will fail to protect the information from the external attackers. By improving the reliability and availability of the system the server could keep secured from the external attacker. Elevation of privilege: In this type of threats the unprivileged users get opportunity to access information from the server. Through this approach they do get sufficient chances to destroy an entire system. In order to keep the information secured from the external attackers proper defense mechanism.
References
Dauer, P., Khondoker, R., Marx, R. & Bayarou, K., (2015), June. Security Analysis of Software Defined Networking Applications for Monitoring and Measurement: sFlow and BigTap. In The 10th International Conference on Future Internet (pp. 51-56). ACM.
Georgescu, M., Hazeyama, H., Okuda, T., Kadobayashi, Y. &Yamaguchi, S., (2016), February. The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies. In ICISSP (pp. 243-254).
Marback, A., Do, H., He, K., Kondamarri, S. & Xu, D., (2013). A threat model?based approach to security testing. Software: Practice and Experience, 43(2), pp.241-258.
Scandariato, R., Wuyts, K. & Joosen, W., (2015). A descriptive study of Microsoft’s threat modeling technique. Requirements Engineering, 20(2), pp.163-180.
Xin, T. & Xiaofang, B., (2014). Online Banking Security Analysis based on STRIDE Threat Model. International Journal of Security and Its Applications, 8(2), pp.271-282.
