There are several techniques can be implemented to find the vulnerabilities and the threats of the system. These techniques are known as threat modelling in which it is a technique that mitigate the vulnerabilities on your system. One way to determine the threats of your system is via the STRIDE technique. STRIDE is a shorthand for:
S – Spoofing identity.
T – Tampering with data.
R – Repudiation.
I – Information disclosure.
D – Denial of service.
E – Elevation of privilege.
Spoofing identity: It allows the attacker to pose as another user or allow a rogue server to pose as a valid server.
Tampering with data: It involves malicious modification of data.
Repudiation: When the users deny performing an action (without other parties having any way to prove otherwise).
Information disclosure: Is the process of exposing the individual information to other people who are not supposed to have access to this information.
Denial of service: Denial of service (DoS) attacks, which is the process of denying the services to valid users.
Elevation of privilege: An unprivileged user gains privileged access and thereby has sufficient access to compromise or destroy the entire system
In conclusion, STRIDE technique assets the following: