Threat Modeling - STRIDE

While performing threat modeling on software, verify that every data item, end point crossing a boundary, open port etc are subject to the categorization defined by STRIDE. Each item under consideration may fall under more than one category.

STRIDE Definition

Spoofing User: Accessing and using a resource by masquerading as another user 

Tampering Data: Modifying data maliciously, so that the original data is unavailable and/or malicious                              data is introduced

Repudiation: Denying by a user or system, that an action has been performed by them

Information Disclosure: Disclosure of information to an unauthorized user or system

Denial of Service: Denying the Service to legitimate users or system

Elevation of Privilege: Unauthorized elevation of privileges by an unprivileged user

For more information, refer to Security Design by Threat Modeling