WEBVTT 1 00:00:00.000 --> 00:00:00.833 In this lesson, 2 00:00:00.833 --> 00:00:03.030 we will learn about the spoofing, 3 00:00:03.030 --> 00:00:06.780 tampering, repudiation, information disclosure, 4 00:00:06.780 --> 00:00:10.200 denial of service, and elevation of privilege, 5 00:00:10.200 --> 00:00:12.480 or STRIDE framework. 6 00:00:12.480 --> 00:00:15.480 The STRIDE framework is used to identify 7 00:00:15.480 --> 00:00:18.330 and categorize potential security threats 8 00:00:18.330 --> 00:00:22.080 across six categories, spoofing, tampering, 9 00:00:22.080 --> 00:00:24.990 repudiation, information disclosure, 10 00:00:24.990 --> 00:00:28.200 denial of service, and elevation of privilege. 11 00:00:28.200 --> 00:00:29.730 Each of these categories 12 00:00:29.730 --> 00:00:32.430 represents a different type of threat. 13 00:00:32.430 --> 00:00:35.813 Spoofing involves impersonating another entity. 14 00:00:35.813 --> 00:00:40.350 Tampering refers to unauthorized modification of data. 15 00:00:40.350 --> 00:00:43.530 Repudiation deals with denying actions 16 00:00:43.530 --> 00:00:45.690 after they have been performed. 17 00:00:45.690 --> 00:00:47.550 Information disclosure 18 00:00:47.550 --> 00:00:50.790 is the unauthorized release of sensitive data. 19 00:00:50.790 --> 00:00:54.510 Denial of service disrupts system availability. 20 00:00:54.510 --> 00:00:57.360 And elevation of privilege occurs 21 00:00:57.360 --> 00:01:00.930 when a user gains higher access rights than intended. 22 00:01:00.930 --> 00:01:03.480 The STRIDE framework is commonly used 23 00:01:03.480 --> 00:01:06.450 during the design phase of software development 24 00:01:06.450 --> 00:01:09.090 to evaluate security vulnerabilities 25 00:01:09.090 --> 00:01:11.610 by examining how each threat category 26 00:01:11.610 --> 00:01:13.710 could be exploited in a system. 27 00:01:13.710 --> 00:01:16.770 Let's learn more about the STRIDE framework. 28 00:01:16.770 --> 00:01:19.980 STRIDE framework is a threat-modeling tool 29 00:01:19.980 --> 00:01:22.590 that helps identify and categorize 30 00:01:22.590 --> 00:01:25.380 potential security threats in a system 31 00:01:25.380 --> 00:01:28.350 focusing on six key threat types, 32 00:01:28.350 --> 00:01:31.140 spoofing, tampering, repudiation, 33 00:01:31.140 --> 00:01:34.377 information disclosure, denial of service, 34 00:01:34.377 --> 00:01:36.360 and elevation of privilege, 35 00:01:36.360 --> 00:01:37.890 where each category 36 00:01:37.890 --> 00:01:41.220 represents a different kind of risk to consider. 37 00:01:41.220 --> 00:01:44.820 Let's define each of these six key threat types 38 00:01:44.820 --> 00:01:46.410 in further detail. 39 00:01:46.410 --> 00:01:50.010 Spoofing is the act of impersonating another user 40 00:01:50.010 --> 00:01:53.370 or system to gain unauthorized access. 41 00:01:53.370 --> 00:01:56.850 Tampering refers to the unauthorized modifications 42 00:01:56.850 --> 00:02:00.900 of data or processes often to alter outcomes 43 00:02:00.900 --> 00:02:03.180 or inject harmful information. 44 00:02:03.180 --> 00:02:06.050 Repudiation involves denying actions 45 00:02:06.050 --> 00:02:08.280 after they've been performed, 46 00:02:08.280 --> 00:02:11.880 posing challenges in establishing accountability. 47 00:02:11.880 --> 00:02:15.450 Information disclosure is the unauthorized release 48 00:02:15.450 --> 00:02:17.280 of sensitive information, 49 00:02:17.280 --> 00:02:19.650 such as data leaks or breaches. 50 00:02:19.650 --> 00:02:22.680 Denial of service focuses on attacks 51 00:02:22.680 --> 00:02:24.990 that disrupt system availability, 52 00:02:24.990 --> 00:02:29.370 causing the system to be unusable for legitimate users. 53 00:02:29.370 --> 00:02:32.160 And, finally, elevation of privilege 54 00:02:32.160 --> 00:02:35.100 is when an attacker gains higher access rights 55 00:02:35.100 --> 00:02:36.840 than they should have, 56 00:02:36.840 --> 00:02:38.820 potentially giving them control 57 00:02:38.820 --> 00:02:41.250 over sensitive areas of a system. 58 00:02:41.250 --> 00:02:43.530 Together, these six categories 59 00:02:43.530 --> 00:02:45.750 cover a broad range of threats, 60 00:02:45.750 --> 00:02:49.980 offering a comprehensive structure to evaluate security 61 00:02:49.980 --> 00:02:53.160 and a structure that can serve as a useful guide 62 00:02:53.160 --> 00:02:56.820 for teams in designing secure software systems. 63 00:02:56.820 --> 00:03:00.660 Now let's walk through how to the STRIDE framework 64 00:03:00.660 --> 00:03:03.510 in the design phase of software development. 65 00:03:03.510 --> 00:03:06.900 Imagine you are developing a web application 66 00:03:06.900 --> 00:03:10.740 and want to identify security risks early on. 67 00:03:10.740 --> 00:03:14.010 Start by considering each STRIDE category. 68 00:03:14.010 --> 00:03:16.590 For spoofing, evaluate if the system 69 00:03:16.590 --> 00:03:19.650 could be vulnerable to user impersonation. 70 00:03:19.650 --> 00:03:21.720 In this case, you may decide 71 00:03:21.720 --> 00:03:24.120 to add multifactor authentication 72 00:03:24.120 --> 00:03:26.160 to verify users' identities 73 00:03:26.160 --> 00:03:28.710 to minimize the risk of spoofing. 74 00:03:28.710 --> 00:03:32.910 Next, for tampering, examine the data inputs. 75 00:03:32.910 --> 00:03:35.610 Weak input validation might allow 76 00:03:35.610 --> 00:03:38.280 unauthorized data modifications, 77 00:03:38.280 --> 00:03:42.750 so you could implement integrity checks to prevent this. 78 00:03:42.750 --> 00:03:46.500 For repudiation, think about if and how users 79 00:03:46.500 --> 00:03:49.800 could deny their actions within the application, 80 00:03:49.800 --> 00:03:53.040 this might lead to implementing secure logging 81 00:03:53.040 --> 00:03:56.250 to record and verify user actions. 82 00:03:56.250 --> 00:03:59.820 Next, when assessing information disclosure, 83 00:03:59.820 --> 00:04:03.780 consider any sensitive data handled by the application. 84 00:04:03.780 --> 00:04:05.370 To protect this data, 85 00:04:05.370 --> 00:04:09.780 you might ensure it's encrypted both in transit and at rest, 86 00:04:09.780 --> 00:04:11.970 reducing exposure risk. 87 00:04:11.970 --> 00:04:14.040 Then, with denial of service, 88 00:04:14.040 --> 00:04:17.370 evaluate if any part of the application code 89 00:04:17.370 --> 00:04:20.580 could be overwhelmed by excessive requests. 90 00:04:20.580 --> 00:04:23.010 If so, you could set up rate limiting 91 00:04:23.010 --> 00:04:24.810 to prevent a single user 92 00:04:24.810 --> 00:04:28.710 from monopolizing resources maintaining availability. 93 00:04:28.710 --> 00:04:31.320 And, finally, for elevation of privilege, 94 00:04:31.320 --> 00:04:33.900 check if any functions or permissions 95 00:04:33.900 --> 00:04:37.500 could be misused to gain unauthorized access. 96 00:04:37.500 --> 00:04:41.340 If so, you might enforce role-based access controls 97 00:04:41.340 --> 00:04:44.610 to limit actions based on user permissions, 98 00:04:44.610 --> 00:04:48.300 keeping users within their intended access levels. 99 00:04:48.300 --> 00:04:52.440 So by applying STRIDE during the design phase, 100 00:04:52.440 --> 00:04:55.530 you can proactively identify and address 101 00:04:55.530 --> 00:04:58.020 each category of potential threats, 102 00:04:58.020 --> 00:05:02.130 creating a more secure application right from the start. 103 00:05:02.130 --> 00:05:05.820 So remember, STRIDE framework is a security tool 104 00:05:05.820 --> 00:05:09.450 that identifies and categorizes potential threats 105 00:05:09.450 --> 00:05:13.050 into six areas, spoofing, tampering, 106 00:05:13.050 --> 00:05:16.140 repudiation, information disclosure, 107 00:05:16.140 --> 00:05:19.800 denial of service, and elevation of privilege. 108 00:05:19.800 --> 00:05:23.460 Each category highlights a unique type of risk 109 00:05:23.460 --> 00:05:26.730 from impersonation and data modification 110 00:05:26.730 --> 00:05:30.480 to unauthorized access and denial of service. 111 00:05:30.480 --> 00:05:33.870 Specifically, spoofing involves impersonating 112 00:05:33.870 --> 00:05:36.330 a legitimate user or system, 113 00:05:36.330 --> 00:05:40.110 while tampering deals with unauthorized data changes. 114 00:05:40.110 --> 00:05:44.790 Next, repudiation concerns users denying their actions, 115 00:05:44.790 --> 00:05:46.470 while information disclosure 116 00:05:46.470 --> 00:05:48.990 involves exposing sensitive data. 117 00:05:48.990 --> 00:05:53.040 Then, denial of service affects system availability, 118 00:05:53.040 --> 00:05:55.800 and, finally, elevation of privilege 119 00:05:55.800 --> 00:05:59.070 grants unauthorized high-level access. 120 00:05:59.070 --> 00:06:02.490 So if used during software design, 121 00:06:02.490 --> 00:06:06.930 STRIDE can help teams anticipate and address vulnerabilities 122 00:06:06.930 --> 00:06:10.233 enhancing security from the ground up.