Enhancing Security in International Data Spaces: A STRIDE Framework Approach
The proliferation of Internet of Things (IoT) devices and big data has catalyzed the emergence of data markets. Regulatory and technological frameworks such as International Data Spaces (IDS) have been developed to facilitate secure data exchange while integrating security and data sovereignty aspec...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2024-12-01
|
| Series: | Technologies |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2227-7080/13/1/8 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832587403392450560 |
|---|---|
| author | Nikola Gavric Andrii Shalaginov Aliaksei Andrushevich Andreas Rumsch Andrew Paice |
| author_facet | Nikola Gavric Andrii Shalaginov Aliaksei Andrushevich Andreas Rumsch Andrew Paice |
| author_sort | Nikola Gavric |
| collection | DOAJ |
| description | The proliferation of Internet of Things (IoT) devices and big data has catalyzed the emergence of data markets. Regulatory and technological frameworks such as International Data Spaces (IDS) have been developed to facilitate secure data exchange while integrating security and data sovereignty aspects required by laws and regulations, such as the GDPR and NIS2. Recently, novel attack vectors have taken a toll on many enterprises, causing significant damage despite the deployed security mechanisms. Hence, it is reasonable to assume that the IDS may be just as susceptible. In this paper, we conduct a STRIDE threat analysis on IDS to assess its susceptibility to traditional and emerging cybersecurity threats. Specifically, we evaluate novel threats such as Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors in commonly used open-source software. Our analysis identifies multiple vulnerabilities, particularly at the trust boundary (TB) between users and the IDS system. These include the traditionally troublesome Denial of Service (DoS) attacks, key management weaknesses, and the mentioned novel threats. We discuss the hacking techniques, tools, and associated risks to the IDS framework, followed by targeted mitigation strategies and recommendations. This paper provides a framework for performing a STRIDE-based threat analysis of the IDS. Using the proposed methodology, we identified the most potent threats and suggested solutions, thus contributing to the development of a safer and more resilient data space architecture. |
| format | Article |
| id | doaj-art-029b9178d8a8420096f17e681eacf837 |
| institution | Kabale University |
| issn | 2227-7080 |
| language | English |
| publishDate | 2024-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Technologies |
| spelling | doaj-art-029b9178d8a8420096f17e681eacf8372025-01-24T13:50:43ZengMDPI AGTechnologies2227-70802024-12-01131810.3390/technologies13010008Enhancing Security in International Data Spaces: A STRIDE Framework ApproachNikola Gavric0Andrii Shalaginov1Aliaksei Andrushevich2Andreas Rumsch3Andrew Paice4School of Economics, Innovation, and Technology, Kristiania University College, Kirkegata 24, 0153 Oslo, NorwaySchool of Economics, Innovation, and Technology, Kristiania University College, Kirkegata 24, 0153 Oslo, NorwayiHomeLab, Lucerne University of Applied Sciences and Arts, Technikumstrasse 21, 6048 Horw, SwitzerlandiHomeLab, Lucerne University of Applied Sciences and Arts, Technikumstrasse 21, 6048 Horw, SwitzerlandiHomeLab, Lucerne University of Applied Sciences and Arts, Technikumstrasse 21, 6048 Horw, SwitzerlandThe proliferation of Internet of Things (IoT) devices and big data has catalyzed the emergence of data markets. Regulatory and technological frameworks such as International Data Spaces (IDS) have been developed to facilitate secure data exchange while integrating security and data sovereignty aspects required by laws and regulations, such as the GDPR and NIS2. Recently, novel attack vectors have taken a toll on many enterprises, causing significant damage despite the deployed security mechanisms. Hence, it is reasonable to assume that the IDS may be just as susceptible. In this paper, we conduct a STRIDE threat analysis on IDS to assess its susceptibility to traditional and emerging cybersecurity threats. Specifically, we evaluate novel threats such as Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors in commonly used open-source software. Our analysis identifies multiple vulnerabilities, particularly at the trust boundary (TB) between users and the IDS system. These include the traditionally troublesome Denial of Service (DoS) attacks, key management weaknesses, and the mentioned novel threats. We discuss the hacking techniques, tools, and associated risks to the IDS framework, followed by targeted mitigation strategies and recommendations. This paper provides a framework for performing a STRIDE-based threat analysis of the IDS. Using the proposed methodology, we identified the most potent threats and suggested solutions, thus contributing to the development of a safer and more resilient data space architecture.https://www.mdpi.com/2227-7080/13/1/8International Data Spacescybersecurity in data spacesMan-in-the-Middle attacksDDoS attacksSIM swappingopen-source backdoor |
| spellingShingle | Nikola Gavric Andrii Shalaginov Aliaksei Andrushevich Andreas Rumsch Andrew Paice Enhancing Security in International Data Spaces: A STRIDE Framework Approach Technologies International Data Spaces cybersecurity in data spaces Man-in-the-Middle attacks DDoS attacks SIM swapping open-source backdoor |
| title | Enhancing Security in International Data Spaces: A STRIDE Framework Approach |
| title_full | Enhancing Security in International Data Spaces: A STRIDE Framework Approach |
| title_fullStr | Enhancing Security in International Data Spaces: A STRIDE Framework Approach |
| title_full_unstemmed | Enhancing Security in International Data Spaces: A STRIDE Framework Approach |
| title_short | Enhancing Security in International Data Spaces: A STRIDE Framework Approach |
| title_sort | enhancing security in international data spaces a stride framework approach |
| topic | International Data Spaces cybersecurity in data spaces Man-in-the-Middle attacks DDoS attacks SIM swapping open-source backdoor |
| url | https://www.mdpi.com/2227-7080/13/1/8 |
| work_keys_str_mv | AT nikolagavric enhancingsecurityininternationaldataspacesastrideframeworkapproach AT andriishalaginov enhancingsecurityininternationaldataspacesastrideframeworkapproach AT aliakseiandrushevich enhancingsecurityininternationaldataspacesastrideframeworkapproach AT andreasrumsch enhancingsecurityininternationaldataspacesastrideframeworkapproach AT andrewpaice enhancingsecurityininternationaldataspacesastrideframeworkapproach |