Protocol

Purpose

The Protocol object is used to represent the protection level of a Dataflow object/communication.

Protocol and Neighboring Objects
Protocol and Neighboring Objects

 

ObjectConnectionDescription
DataflowProtocol StatusThe defense attributes of the Protocol object has an impact on the connected Dataflow object(s).

Attack Steps and Defenses

Protocol Attack Steps and Defenses
Protocol Attack Steps and Defenses

 

Attack StepDescription
NoneThere are no attack steps associated with the Protocol object.

 

DefenseDescriptionImpactDefault
AuthenticatedCryptographic authentication should guarantee that the information provided is authentic i.e. it has not been altered or substituted. If a Protocol is Authenticated it is assumed to ensure authentication i.e. weak or broken cryptos should be modeled as not authenticated.Reduces the probability of ManInTheMiddle.Off
EncryptedDenotes whether or not a Dataflow is Encrypted i.e. a ciphertext has been created from a plaintext. If a Protocol is Encrypted it is assumed to ensure that the ciphertext is not decrypted without authorization i.e. weak or broken cryptos should be modeled as not encrypted.Prevents Eavesdrop and reduces the probability of ManInTheMiddle.Off
NonceNonce is an abbreviation of number used once and can be appended to communication to ensure that old messages cannot be reused in replay attacks. The nonce in securiLang should be interpreted as a cryptographic non-predictable value.Prevents Replay attacks.Off