📊 Model: (AccessControl-ContactSMS-violation)
🔗 Link to Original Paper/Article
View SourceOpen Example Model in Example Models Bundle
📝 Short Description
The case is about a user managing contacts and sending a SMS.
🔤 Abbreviations
SMS: Short Message Service
📖 Extensive Description
A User can manage their contacts in the Contact Store. When sending an SMS, they choose a contact by criteria, for which Extract Number adds the Receiver Data Label. Send SMS combines the extracted number with the message and forwards these to the SMS Gateway.
🏷️ Label Description
🗂️ Data Labels:
- AccessRights: This label designates the node types a data flow may visit. There are
UserandReceivertypes.
🏷️ Node Labels:
- Role: This label categorizes nodes into
UserandReceivertypes, depending on which part of the system they belong to.
⚠️ Constraints
AccessRights
Data may only flow into Role nodes if the flow has the corresponding AccessRights label.
AccessRights: data !AccessRights.Receiver neverFlows vertex Role.Receiver
🚨 Violations
The introduced flow contact_direct bypasses Extract Number, which implies a missing access permission.