Information

Purpose

The Information object is representing a set of information that is particularly interesting to analyze. An Information object is optional but enables taking replication aspects like backups and high availability solutions into account.

Connections

Data

An Information object can be connected to one or several Data objects. The available connection types are InfoContainment and Replica.

InfoContainment

When an Information object is connected to a Data object using InfoContainment, it is representing that the Information is present in the Data object.

Which Identities and Applications have which access to the Information is defined by the objects connected to the Data object in question and the connection types to it.

12061206

The Customer Records are located in the Database.

Replica

When an Information object is connected to a Data object using InfoContainment, it is representing that the Information is present in multiple locations (Data objects).

This is used to represent backups and high availability solutions.

In order to succeed with Write or Deny on an Information object, the attacker need to succeed with Write or Deny on all Data objects connected as Replica.

12721272

Database with backup. Succeeding with Write required succeeding with Write on all Replicas.

Properties

AttackSteps

Attack step nameAttack step purpose
AttemptAccessPrerequisite attack step to the other attack steps.
DeleteDeleting information. If multiple Data objects are connected as Replica, all replicas need to be deleted to succeed with deleting Information.
DenyDenying the information. See above.
ReadReading information. Not related to replicas. Reading one data location (replica) provides Read on the Information.
WriteWriting/altering the information. See above.

Defenses

Defense nameDefense purpose
No defenses applies to Information.Defense mechanisms are defined in Application/Data/Identity object connected to the Data objects where the Information is present.