• xThreat Vector: Information Disclosure
AC-2(12)Account Monitoring for Atypical Usage   STRIDE-LM
AC-3Access Enforcement STRIDE-LM
(3)Mandatory Access Control    STRIDE-LM
(5)Security-relevant Information    STRIDE-LM
(9)Controlled Release    STRIDE-LM
AC-4Information Flow Enforcement  STRIDE-LM
(1)Object Security and Privacy Attributes    STRIDE-LM
(2)Processing Domains    STRIDE-LM
(3)Dynamic Information Flow Control    STRIDE-LM
(4)Flow Control of Encrypted Information   STRIDE-LM
(5)Embedded Data Types    STRIDE-LM
(6)Metadata    STRIDE-LM
(7)One-way Flow Mechanisms    STRIDE-LM
(8)Security and Privacy Policy Filters    STRIDE-LM
(9)Human Reviews    STRIDE-LM
(12)Data Type Identifiers    STRIDE-LM
(13)Decomposition into Policy-relevant Subcomponents    STRIDE-LM
(14)Security or Privacy Policy Filter Constraints    STRIDE-LM
(15)Detection of Unsanctioned Information    STRIDE-LM
(17)Domain Authentication    STRIDE-LM
(19)Validation of Metadata    STRIDE-LM
(20)Approved Solutions    STRIDE-LM
(21)Physical or Logical Separation of Information Flows    STRIDE-LM
(22)Access Only    STRIDE-LM
(23)Modify Non-releasable Information    STRIDE-LM
(24)Internal Normalized Format    STRIDE-LM
(25)Data Sanitization    STRIDE-LM
(26)Audit Filtering Actions    STRIDE-LM
(27)Redundant/independent Filtering Mechanisms    STRIDE-LM
(28)Linear Filter Pipelines    STRIDE-LM
(29)Filter Orchestration Engines    STRIDE-LM
(30)Filter Mechanisms Using Multiple Processes    STRIDE-LM
(31)Failed Content Transfer Prevention    STRIDE-LM
(32)Process Requirements for Information Transfer    STRIDE-LM
AC-11(1)Pattern-hiding Displays  STRIDE-LM
AC-17(2)Protection of Confidentiality and Integrity Using Encryption  STRIDE-LM
(6)Protection of Mechanism Information    STRIDE-LM
AC-18(1)Authentication and Encryption  STRIDE-LM
AC-19(4)Restrictions for Classified Information    STRIDE-LM
(5)Full Device or Container-based Encryption  STRIDE-LM
AC-20Use of External Systems STRIDE-LM
(1)Limits on Authorized Use  STRIDE-LM
(2)Portable Storage Devices - Restricted Use  STRIDE-LM
(3)Non-organizationally Owned Systems - Restricted Use    STRIDE-LM
(4)Network Accessible Storage Devices - Prohibited Use    STRIDE-LM
(5)Portable Storage Devices - Prohibited Use    STRIDE-LM
AC-23Data Mining Protection    STRIDE-LM
AU-6Audit Record Review, Analysis, and Reporting STRIDE-LM
(3)Correlate Audit Record Repositories  STRIDE-LM
(5)Integrated Analysis of Audit Records   STRIDE-LM