AC02 Public Network Access To Cloud Application
| Context | Remote user interacts with a cloud application |
| Problem | Remote user connects to the cloud application though a public network (e.g. Wi-Fi) and can be attacked by a third-party adversary |
| Solution | Apply TLS encryption and certificate for the cloud application; Apply VPN access to the cloud application |
| References | BNA-4: Man-in-the-middle attackā¦ [SECCRIT] |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_RemoteUser |
| Aggressor | su:comp_CloudApplication |
| Aggr. role | ns:role_Server |
| STRIDE | ns:STRIDE_Information_Disclosure; ns:STRIDE_Tampering |
| Threat | ns:threat_txTrafficAnalysisAndSniffing; ns:threat_txMessageSecrecyViolation; ns:threat_txSessionHijacking; ns:threat_txRoutePoisoning; ns:threat_txMessageReuse |