STRIDE Threats in Commerce Server

The following figure shows the STRIDE threats in a Commerce Server installation, and the mitigation techniques for each threat. For example, the threats to the Administration database are: Tampering with data, Information disclosure, and Denial of Service. To mitigate these threats, use Access Control Logs (ACLs), Secure Socket Layer (SSL), Transport Layer Security (TLS), and IPSec authentication.


See Also

The STRIDE Threat Model

Applying STRIDE

Copyright © 2005 Microsoft Corporation.
All rights reserved.