204
Spoofing Identity Tampering with Data Repudiation Information Disclosure Denial of Service Elevation of Privilege
Physical personAttack alters data so that wrong data is supplied to a
critical monitoring system.Human Users might use
unattended electronic
devices without leaving a
digital trace.A service critical for user's
safety is disabled.Subject's privacyUser's identity is spoofed. Attacker gleans knowledge
of user private parameters.User is involved in
transactions with a
malicious peer.Attacker gleans knowledge
of user's location.CommunicationchannelAlteration of the invocation
of a service.Jamming wireless
communication channels
leads to local denial-of-
service attacks that can be
repudiated (no digital
traces).Attacker gains knowledge of
sensitive exchange data.Attacker disrupts
communications.Wrong authorisation
information propagating
from one server to another.Alteration of the return
value upon service
invocation.Leaf devicesLoss or theft of physical
device used for
authentication.Attacker gains control of an
actuator.Disclosure of device-
configuration information.Attacker physically disables
local leaf device.
Attacker alters leaf-device
content so that a user will
eventually be redirected to
a malicious content.Device identification may
divulge sensitive
information, or may be
linked so that it exhibit
information about usage
patterns,Attacker physically disables
remote leaf device.
Attacker changes the
association between a
Virtual Entity and the
corresponding Physical
Attacker prevents proper
communication to an