3 Tampering

Tampering is the act of interfering with or modifying something with the intent to cause damage. This could be an act of vandalism; it could be disabling a security system to gain access, as shown in Figure 3.1, or it could be modifying an identity document to gain access to a facility. Tampering comes in many shapes and sizes.

In this chapter, we will cover the different tampering threats described on the cards available in the Tampering deck in the Elevation of Privilege card game. Tampering could affect your data both at rest or in transit, the software systems you use, and the software or hardware you develop. You’ll see that these threats are often caused by design flaws relating to access control, missing integrity checks, ...

Get Threat Modeling Gameplay with EoP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Modeling Gameplay with EoP by Brett Crawley

3

Tampering

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly