AA03 Data Breach By Remote Service
| Context | Cloud application uses a remote service |
| Problem | Data breach (information disclosure) by the remote service |
| Solution | Replace the remote service by a local one; Apply data encryption; |
| References | |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_ExternalService |
| Aggr. role | ns:role_Server |
| STRIDE | ns:STRIDE_Information_Disclosure |
| Threat | ns:threat_txMessageSecrecyViolation; ns:threat_txTrafficAnalysisAndSniffing; ns:threat_txOutputInformationDisclosure; ns:threat_txDataInference |