Protocol
Purpose
The Protocol object is used to represent the protection level of a Dataflow object/communication.
Object | Connection | Description |
|---|---|---|
Dataflow | Protocol Status | The defense attributes of the Protocol object has an impact on the connected Dataflow object(s). |
Attack Steps and Defenses
Attack Step | Description |
|---|---|
None | There are no attack steps associated with the Protocol object. |
Defense | Description | Impact | Default |
|---|---|---|---|
Authenticated | Cryptographic authentication should guarantee that the information provided is authentic i.e. it has not been altered or substituted. If a Protocol is Authenticated it is assumed to ensure authentication i.e. weak or broken cryptos should be modeled as not authenticated. | Reduces the probability of ManInTheMiddle. | Off |
Encrypted | Nonce is an abbreviation of number used once and can be appended to communication to ensure that old messages cannot be reused in replay attacks. The nonce in securiLang should be interpreted as a cryptographic non-predictable value. | Prevents Eavesdrop and reduces the probability of ManInTheMiddle. | Off |
Nonce | Nonce is an abbreviation of number used once and can be appended to communication to ensure that old messages cannot be reused in replay attacks. The nonce in securiLang should be interpreted as a cryptographic non-predictable value. | Prevents Replay attacks. | Off |
Updated about 1 year ago