2

I have a threat model with a Cloud Storage entity an Managed Application which accesses it. Here is the diagram:

simple threat model

The Microsoft Threat Modeling Tool says in the report that:

Cloud Storage may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Cloud Storage. Consider using a standard authentication mechanism to identify the destination data store.

Why is that? In an HTTPS connection the destination is always authenticated (see element properties) What setting should I modify to get rid of this threat?

EDIT: here are all the properties of the two elements: Managed application properties Cloud storage properties

Gabor Herman
  • 71
  • 1
  • 4
  • It looks like you've selected the channel which is marked as authenticated, but the warning is coming from the Cloud Storage element. The CS element probably has it's own authenticated flag. – Steve Mar 23 '17 at 14:26
  • Thanks for the hint, but unfortunately it has no authenticated flag. Question updated with all properties for all elements. – Gabor Herman Mar 23 '17 at 14:32
  • I just tried it and it looks like it's one of the required reviews. This sort of makes sense because its a generic storage type (you say HTTPS, yet its connecting to SQL), so you must explicitly define how its mitigated in the threat notes. – Steve Mar 23 '17 at 14:43
  • Which you do by setting Status = Mitigated. – Steve Mar 23 '17 at 14:44
  • Thx again. Same thing happens btw if I use "Binary" instead of "HTTPS", even if I set both source and destination to authenticated. – Gabor Herman Mar 23 '17 at 14:47

0 Answers0