Threat Modeling

Also known as: Security Threat Modeling, STRIDE

A structured engineering practice for identifying, categorising, and mitigating security and privacy threats in a system before they are exploited. The widely used STRIDE framework (Microsoft) covers six classes — Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege — and is frequently paired with a data-flow diagram that exposes trust boundaries. For accessibility practitioners, threat modeling matters when designing health, identity, or assistive-technology systems whose failure modes can harm users who may have fewer fallback options.

Category: Security · Research Methods · System Design

Related: Privacy · HIPAA · GDPR

Sources

https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats