all right. Now, I had mentioned use and misuse cases so many times. We have great ideas in this application. Could do a B, C or needs to do a B. C. We're gonna implement this control in that control. But what we failed to do is play that that
plan out several degrees, right? So, yeah, we we know that we want,
ah, strong access control. But the flip side of that might be that we don't allow
users that should be authorized the proper access. Right. So what I'm saying is, when we add controls or we're considering controls, we've got to think about both the good and the bad. All right, so in this instance, you just say, Well, flow chart of use and misuse.
This isn't necessarily an official format. You have tohave, but what we're looking at, okay, It's our first function. We're gonna enter our user name and password, which should give us user authentication.
force might threaten that spoofing and so on. So what we're doing is we're going through this chart were kind of saying All right, what are some things that we can do
in order to mitigate the risks that come up from the misuse of our functions,
Another type of threat modeling were specifically one I know they're gonna ask about or I know would be very desirable to ask about is the threat model cult stride. All right in stride stands for S T R I d e stands for spoofing tampering, repudiation,
denial of service. An escalation of privilege showed the first letter of each of those s t r I D.
So we're gonna spend some time talking about stride now, the first of strides spoofing
So how do we mitigate impersonation? We have strong authentication, and this says authentication, but I'm gonna add to that strong authentication, multi factor authentication. We're no longer in the world where password based authentication is good enough, right? We need strong authentication.
All right. The tea and stride is for tampering modification. So hashes integrity checks some check some. Some mechanism to guarantee that your audit long, for instance, hasn't been modified.
Our repudiation so repudiation. I love this. The solution to repudiation is non repudiation.
I'll give you that. But when we say non repudiation, we want to ensure that the that the um the individual can't dispute having sent a message nor the contents of a message, right? So if it's an email, I can't say, Oh, I didn't send that. It must have been smooth
or I also can't say, Oh, I sent that. But that's not what the contents were. Must have been modified. So if you really think about repudiation, it's a combination
off authenticity and integrity together.
All right, so we have information disclosure neck. Oh, sorry, repudiation, we said. Non repudiation. But non repudiation comes to us through the use of digital signatures and digital signatures air based on the use of public key cryptography.
Asymmetric cryptography. So that's how we provide repudiation or, rather, non repudiation. Our information disclosure is a confidentiality breach, So encryption is a good solution.
Denial of service. That's an availability issue. So high redundancy and then escalation of privileges where eyes kelly hinder hand user find a way to add additional rights and permissions to my account. So account review having strong processes for authentication as well as
So a very common type of threat modeling stride, definitely worth knowing and knowing these are the threats to our application and just some high level mitigation strategy