Dataflow

Purpose

A Dataflow object is used to represent communication between a client and a service.

Connections

Object

Connection

Description

Function

Client

Communication

An association to Client shows which client is connected to the Dataflow. The Client is the initiator of the communication contained in the Dataflow.

Association to Client is mandatory.

Service

Communication

The other end of the communication is connected to a service.

Association to Service is mandatory.

Keystore

Authentication

A connection to a Keystore object denotes that the key to decrypt the Dataflow is stored in the Keystore.

A missing connection to a Keystore prevents the Attacker from bypassing the encryption and authentication on the Dataflow through a Keystore.

Protocol

Protocol Status

An association to a Protocol object adds attributes describing the protection level of the protocol used by the dataflow.

Association to Protocol is mandatory.

Datastore

Communication

An association to a Datastore object represents the data the Dataflow may contain. If a Service is connected to a Datastore, the corresponding Dataflow should also be connected to the Datastore.

An association to Datastore has no direct impact on the Dataflow. However, it can allow attack to the Datastore through the dataflow.

Network

Communication

An association to a network denotes communication with all other assets on the network.

A missing network association can help prevent Access and DenialOfService.

Router

Communication

An association to a Router object tells what router is allowing the dataflow to travel from one network to another network. Additionally, if the Router has associations to a NIDS and/or IPS, then these defenses will also protect the Dataflow (given that it is not encrypted).

A missing Router association prevents data from passing through the router when the Router is connected to a Firewall.

Firewall

Permission

Connect a Firewall to a Dataflow to denote that the Dataflow is allowed to traverse the Firewall's Router

Can prevent Forwarding.

IPS

Protection

A connection to an IPS denotes that the IPS is actively trying to prevent intrusions via the connected Dataflows (given that it is not encrypted).

A missing IPS will reduce the time needed to attack through the Dataflow.

Existence

Attack Steps and Defenses

Attack Step

Description

Leads to

Access

The possibility to access the Dataflow (encrypted or not).

Dataflow: ManInTheMiddle
Dataflow: Eavesdrop
Dataflow: Replay
Dataflow: DenialOfService

Denial of Service

The possibility to block the service this application is supposed to provide.

Nothing.

Eavesdrop

The possibility to listen to and read the Dataflow.

Datastore: Read

ManInTheMiddle

The possibility to trick the endpoints of the Dataflow to communicate with another endpoint.

Datastore: Read
Datastore: Write
Dataflow Respond
Dataflow: Request

Replay

The possibility to repeat the dataflow content without the Client or Server noticing.

Datastore: Write
Datastore: Delete

Request

The possibility to initiate the Dataflow.

Service: Connect

Respond

The possibility to reply to a client request.

Client: UserAccess

Defense

Description

Impact

Default

No defenses

Defenses to a Dataflow are held in the Protocol object.

n/a

n/a


What’s Next