Alan Freedman -- The Computer Language Company - Computer Desktop Encyclopedia
Computer Desktop Encyclopedia
Longest-Running Tech Reference on the Planet

A CDE Definition

You'll love The Computer Desktop Encyclopedia (CDE) for Tech Term of the Day (TTOD)

LOOK UP ANOTHER TERM


STRIDE

(Spoofing, Tampering, Repudiation, Information, Denial, Elevation) An acronym for remembering six areas of risk in technology. For an excellent example of applying STRIDE to Web applications, visit the keepers of the Open Web Application Security Project (OWASP) at www.owasp.com.

Spoofing Identities
A user should not be able to assume the identity of, or mask the attributes of, someone else. Using a public key infrastructure (PKI) and digital signatures is a way of preventing spoofing.

Tampering With Data
The integrity of data should be preserved at all times. Encryption, independent verification and input, process and output validation are some of the tools that can be used.

Repudiate a Transaction
A valid transaction should not be subject to rejection. Good audit trails and signing a message with date and time are examples of preventative methods.

Information Disclosure
Information should not fall into unauthorized hands. Data loss prevention (DLP) techniques are used to strengthen corporate confidentiality. See DLP.

Denial of Service
A server or an application should not be vulnerable to being put out of service. Redundant and/or backup systems are datacenter architectures that can be used.

Elevation of Privilege
An unauthorized user should not be allowed administrator rights. Refusing to share passwords or tokens can reduce this risk. See access control.



Personal Use Only

Before/After Your Search Term
BeforeAfter
Streamlinestring
STREAMSstring handling
street viewstring literal
Streettalkstring theory
Streisand effectstringy
stress testingStringy Floppy
STRETCHstripe
stretch bltstriped volume
stretchable siliconstriping
stretchingstroke

Terms By Topic
Click any of the following categories for a list of fundamental terms.
Computer Words You Gotta KnowSystem design
Job categoriesUnix/Linux
Interesting stuffPersonal computers
InternetIndustrial Automation/Process Control
Communications & networkingAssociations/Standards organizations
HistoryDesktop publishing
Audio/VideoGraphics
MainframesSecurity
ProgrammingHealthcare IT
System design