• xThreat Vector: Information Disclosure
IDNameBaselinesPriorityThreats
LowModerateHigh
AC-2(12)Account Monitoring / Atypical Usage  
  • P1
STRIDE-LM
AC-3Access Enforcement
  • P1
STRIDE-LM
(3)Mandatory Access Control   
  • P1
STRIDE-LM
(5)Security-Relevant Information   
  • P1
STRIDE-LM
(9)Controlled Release   
  • P1
STRIDE-LM
AC-4Information Flow Enforcement 
  • P1
STRIDE-LM
(1)Object Security Attributes   
  • P1
STRIDE-LM
(2)Processing Domains   
  • P1
STRIDE-LM
(3)Dynamic Information Flow Control   
  • P1
STRIDE-LM
(4)Content Check Encrypted Information   
  • P1
STRIDE-LM
(5)Embedded Data Types   
  • P1
STRIDE-LM
(6)Metadata   
  • P1
STRIDE-LM
(7)One-Way Flow Mechanisms   
  • P1
STRIDE-LM
(8)Security Policy Filters   
  • P1
STRIDE-LM
(9)Human Reviews   
  • P1
STRIDE-LM
(12)Data Type Identifiers   
  • P1
STRIDE-LM
(13)Decomposition Into Policy-Relevant Subcomponents   
  • P1
STRIDE-LM
(14)Security Policy Filter Constraints   
  • P1
STRIDE-LM
(15)Detection Of Unsanctioned Information   
  • P1
STRIDE-LM
(17)Domain Authentication   
  • P1
STRIDE-LM
(18)Security Attribute Binding   
  • P1
STRIDE-LM
(19)Validation Of Metadata   
  • P1
STRIDE-LM
(20)Approved Solutions   
  • P1
STRIDE-LM
(21)Physical / Logical Separation Of Information Flows   
  • P1
STRIDE-LM
(22)Access Only   
  • P1
STRIDE-LM
AC-11(1)Pattern-Hiding Displays 
  • P3
STRIDE-LM
AC-17(2)Protection Of Confidentiality / Integrity Using Encryption 
  • P1
STRIDE-LM
(6)Protection Of Information   
  • P1
STRIDE-LM
AC-18(1)Authentication And Encryption 
  • P1
STRIDE-LM
AC-19(4)Restrictions For Classified Information   
  • P1
STRIDE-LM
(5)Full Device / Container-Based Encryption 
  • P1
STRIDE-LM
AC-20Use Of External Information Systems
  • P1
STRIDE-LM
(1)Limits On Authorized Use 
  • P1
STRIDE-LM
(2)Portable Storage Devices 
  • P1
STRIDE-LM
(3)Non-Organizationally Owned Systems / Components / Devices   
  • P1
STRIDE-LM
(4)Network Accessible Storage Devices   
  • P1
STRIDE-LM
AC-23Data Mining Protection   
  • P0
STRIDE-LM
AU-6Audit Review, Analysis, And Reporting
  • P1
STRIDE-LM
(3)Correlate Audit Repositories 
  • P1
STRIDE-LM
(5)Integration / Scanning And Monitoring Capabilities  
  • P1
STRIDE-LM
(6)Correlation With Physical Monitoring  
  • P1
STRIDE-LM
(9)Correlation With Information From Nontechnical Sources   
  • P1
STRIDE-LM
AU-9Protection Of Audit Information
  • P1
STRIDE-LM
(4)Access By Subset Of Privileged Users 
  • P1
STRIDE-LM
AU-13Monitoring For Information Disclosure   
  • P0
STRIDE-LM
(1)Use Of Automated Tools   
  • P0
STRIDE-LM
CM-3(4)Security Representative   
  • P1
STRIDE-LM
IA-5(6)Protection Of Authenticators   
  • P1
STRIDE-LM
(7)No Embedded Unencrypted Static Authenticators   
  • P1
STRIDE-LM
IA-6Authenticator Feedback
  • P2
STRIDE-LM