Top Qs
Timeline
Chat
Perspective
STRIDE model
Model for identifying computer security threats From Wikipedia, the free encyclopedia
Remove ads
STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) is a threat model for identifying computer security threats.[1] STRIDE modelling anticipates threats to the target system and builds upon an overarching model of the system, which may include a full breakdown of processes, data stores, data flows, and trust boundaries.[2]
Developed by Praerit Garg and Loren Kohnfelder at Microsoft,[3][4] it provides a mnemonic for security threats in six categories.[5] Each STRIDE category corresponds to a core principle of information security: Authenticity, Integrity, Non-repudiability, Confidentiality, Availability and Authorization.
Remove ads
See also
- Attack tree – another approach to security threat modeling, stemming from dependency analysis
- DREAD – a classification system for security threats
- OWASP – an organization devoted to improving web application security through education
- CIA also known as AIC[6][7] – another mnemonic for a security model to build security in IT systems
References
External links
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads