What is the STRIDE Model?

The STRIDE model, short for “spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege model,” is a threat model created by Praerit Garg and Loren Kohnfelder to identify digital security threats.

The STRIDE model involves going through all of a network’s processes, data repositories, data flows, and trust boundaries to find threats. It basically answers the question: What can go wrong in a computer system?

Other interesting terms…

• What is Access Governance?
• What is Network Security?

Read More about the “STRIDE Model”

What Assurances Does the STRIDE Model Provide?

Each threat violates a desired system state, such as:

• Spoofing violates authenticity.
• Tampering violates integrity.
• Repudiation violates non-repudiability.
• Information disclosure violates confidentiality.
• Denial of service violates availability.
• Elevation of privilege violates authorization.

The STRIDE model protects a network’s authenticity, integrity, non-repudiability, confidentiality, availability, and authorization. What are these, and why are they musts for a computer?

Authenticity

Every computer requires user authentication to prevent unauthorized access to confidential data. In computing, authentication involves validating a user’s identity typically by asking for a username and password combination and verifying the authenticity of a website with a digital certificate, among others. Stricter systems even require multi-factor authentication by asking for a one-time password or personal identification number (PIN) typically sent to the user’s mobile device.

User authentication prevents spoofing, which cyber attackers often do to hack into a target system. They often steal an authorized user’s password through phishing or keylogging. Once they obtain that, they can log in to any computer that the spoofed user can access.

Integrity

Maintaining system integrity means ensuring that information stored in a computer is real, accurate, and has not been modified. That is mainly required for business transactions that prove legal exchanges between two parties.

Imagine if any of the details in a customer’s record has been tampered with. A vendor can end up charging him/her for a product/service that he/she didn’t purchase. Remediation can mean chargeback fees, issuing apologies, or even getting sued.

Non-Repudiability

No user should ever share his/her username and password with anyone. That’s because any transaction made with his/her account is his/her responsibility.

The STRIDE model ensures repudiation through end-user license agreements (EULAs) that subscribers are asked to accept during signup or registration. That makes the signatory responsible for every activity related to the use of a product/service.

Confidentiality

Every employee learns corporate secrets as they grow older in an organization. The higher up the chain you get, the more confidential data you gain access to. But it’s only natural for companies to keep proprietary information secret, especially if this has to do with their success. Coca-Cola, for example, will never reveal how Coke is made. To ensure that its secret recipe stays safe, it asks employees to sign nondisclosure agreements (NDAs) and such.

Information disclosure clauses, which are part of the STRIDE model, thus become part of employee contracts.

Availability

We all know by now that a website that goes offline for even a couple of minutes translates to lost sales and business opportunities. That’s why threat actors often launch denial-of-service (DoS) attacks on chosen targets.

Organizations that get DoSed lose an average US$1.5 million per year, making availability critical to all businesses.

Authorization

Determining a user’s access level to any system is crucial to keeping confidential information protected at all times. User access management is one way to make sure that only authorized users can view specific files, use certain computers, and see the contents of databases. Ensuring authorization via the STRIDE model lets an organization prevent elevation or escalation of privilege, which can lead to data theft or breach.

—

As we demonstrated, the STRIDE model prevents threats, specifically spoofing, tampering, repudiation, information disclosure, DoS, and elevation of privilege by making sure that any system maintains authenticity, integrity, non-repudiability, confidentiality, availability, and authorization through the use of various safeguards (i.e., cybersecurity tools and strategies).