Datastore

Purpose

The Datastore object represents logical storage of data. It is up to the modeler to decide if the Datastore shall represent a file system, a database (or part of it), a directory or some other amount of data we are interested in modeling.

Connections

Datastore and Neighboring Objects
Datastore and Neighboring Objects

 

The reason that five Datastore objects are depicted above is that there are restrictions in \sCAD\ on how many different objects each Datastore object is allowed to be connected to.

ObjectConnectionDescriptionFunction
HostDatabase ExecutionDatabase Execution & Represents a database, directory or any data located on or accessible data through the Host.A Host connected to a Datastore can cause Read and Write access to the Datastore from the Host.
ClientDatabase ExecutionDenotes information storage that is reachable by the Client e.g. a cache or files on the file system where the Client has the appropriate rights.A Client connected to a Datastore can cause Read and Write access to the Datastore from the Client.
ServiceDatabase ExecutionDenotes information storage that is reachable by the Service e.g. a database.A Service connected to a Datastore can cause Read and Write access to the Datastore from the Service.
Web ApplicationWebApplicationA connection to a Web Application denotes that the Datastore is available to the Web Application.A connected Web Application can cause Read and Write access through SQLinjections.
KeystoreAuthenticationA connection to a Keystore object denotes that the key to decrypt the Datastore is stored in the Keystore.A missing connection to a Keystore prevents Read access to an encrypted Datastore through a Keystore.
DataflowCommunicationAn association to a Dataflow object represents the data the Dataflow may contain. If a Service is connected to a Datastore, the corresponding Dataflow should also be connected to the Datastore.An association to a Dataflow can allow an attack to the Datastore through the Dataflow.

When connecting a Keystore to a Datastore, it is required that the Datastore is encrypted, i.e. the Encrypted defense of the Datastore needs to be set to On. The following message is a reminder of that;

Keystore to Datastore Encryption Warning Message
Keystore to Datastore Encryption Warning Message

 

Datastore objects can only be connected to one other object each. This means that if you have a Host and a Service connected, and you try to connect them to the same Datastore, you will get the following message saying that this is not allowed.

Datastore can not be Connected to Several Objects
Datastore can not be Connected to Several Objects

 

When you want to make the above connection, what you are probably trying to model is that the Service running on the Host has access to the Host’s local storage. This is of course true, but in this case we recommend you to model one Datastore representing the Host’s local storage and one Datastore representing the actual data (directories) the Service has access to and is making available to remote users.

Also, sharing Datastores between hosts and services is not allowed/supported.

Datastore can not be Shared
Datastore can not be Shared

Attack Steps and Defenses

Datastore Attack Steps and Defenses
Datastore Attack Steps and Defenses

 

Attack StepDescriptionLeads to
DeleteThe possibility to delete data from the Datastore.Nothing.
ReadThe possibility to read the data in the Datastore.Nothing.
WriteThe possibility to add data to the Datastore.Nothing.

 

DefenseDescriptionImpactDefault
EncryptedWhether the data in the Datastore is encrypted or not.An Encrypted Datastore can help mitigate ManInTheMiddle attacks.Off