STRIDE (security)

From Wikipedia, the free encyclopedia

STRIDE is a computer security threat modeling practice which attempts to categorize potential security threats by matching them to six categories.

The threat categories are:

Spoofing of user identity
Tampering
Repudiation
Information disclosure (privacy breach)
Denial of Service (D.o.S.)
Elevation of privilege

The STRIDE name comes from the initials of the six threat categories listed.

The methodology consists in decomposing a solution or system in reasonably sized modules and analyzing each module individually for the different threat types defined.

[edit] External links

Uncover Security Design Flaws Using The STRIDE Approach

This computer science-related article is a stub. You can help Wikipedia by expanding it.

Categories: Computer security | Computer science stubs

Views

Interaction

Search

This page was last modified 00:14, 1 May 2008 by Anonymous user(s) of Wikipedia. Based on work by Wikipedia user(s) Eric Burnett, RainbowCrane, Brianhe, CobaltBlue, LeeNapier, Alaibot and Herbys.
All text is available under the terms of the GNU Free Documentation License. (See Copyrights for details.)
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a U.S. registered 501(c)(3) tax-deductible nonprofit charity.
About Wikipedia
Disclaimers