Skip to main content

Table 1 How STRIDE threats are addressed in the pilot (or could be in similar scenario)

From: Orchestrating differential data access for translational research: a pilot implementation

STRIDE Threat/ Function Shibboleth/Id Federation REMS Domain Apps (BioSD, BBMRI Hub, more) Infrastructure (eg, web servers, network)
Spoofing/Authenticity Authentication HTTPS/TLS/X.509
Limit distributed attributes
Proper Software Engineering (PSE)
Limit distributed attributes
PSE
PSE - HTTPS/TLS/ X.509 - PSE
Repudiation/Accountability Authentication Logging (must be law-compliant, eg max retention time) Logging
PSE
- Logging - Logging
Info Disclosure/Confidentiality HTTPS/TLS/X.509 - Subscribed policies (no data out of Id Federation)
HTTPS/TLS/X.509
HTTPS/TLS/X.509 HTTPS/TLS/X.509
DoS/ Availability - PSE - PSE - PSE - Redundancy
- Firewalls
- PSE
Elevation of Privileges/Authorisation - Only required attributes distributed
- PSE
- Only required attributes distributed
- PSE
- PSE - PSE
  1. PSE refers to software design and testing, best practices, established methodologies, techniques and frameworks. As for the biomedical-specific risks identified by the LINDUN methodology, REMS policies help with facing all those risks, as it does the security and reliability of the pilot software components