Repudiation - not claiming responsibility for an action taken
Repudiation occurs when someone, with or without malicious intent, takes an action but claims otherwise.
Examples include:
- Denying the modification of logs containing sensitive actions.
- Using someone else's account to avoid getting caught.
- Claiming not to have deleted database records.
Note
System logs are a goldmine for an attacker, not just to manipulate, but also to gather data about users, environment, and weaknesses.
Elements and interactions at risk from repudiation attacks
Element
Name | Shape | Definition |
---|---|---|
Process | Activity that modifies or redirects input to an output | |
External entity | Process, data store, or even full-fledged applications outside your control | |
Data store | Permanent or temporary data storage |
Interaction
Name | Interaction | Definition |
---|---|---|
Process <-> Process | A task sends or receives data to or from another task | |
Process <-> External Entity | A task sends or receives data to or from a user | |
Process <-> Data Store | A task sends or receives data to or from a data store |
How to prevent repudiation
Non-repudiation ensures each action can be traced back to its origin by creating and protecting security logs.
Common security controls to reduce or eliminate risk
- Strong authentication
- Secure logging and monitoring
- Digital signatures
- Secure timestamps
- Trusted third parties
Tip
Good question to ask: Can I tie every action to an identity?