📊 Model: (InformationFlow-ContactSMS-violation)
🔗 Link to Original Paper/Article
View SourceOpen Example Model in Example Models Bundle
📝 Short Description
The case is about a user managing contacts and sending a SMS.
🔤 Abbreviations
SMS: Short Message Service
📖 Extensive Description
A User can manage their contacts in the Contact Store. When sending an SMS, they choose a contact by criteria, for which Extract Number adds the UserReceiver Data Label. Send SMS combines the extracted number with the message and forwards these to the SMS Gateway.
🏷️ Label Description
🗂️ Data Labels:
- ClassificationLevel: This label designates the node types a data flow may visit. There are
UserandUserReceivertypes.
🏷️ Node Labels:
- ClearanceLevel: This label categorizes nodes into
UserandUserReceivertypes, denoting which access rights a data flow must have to visit a node.
⚠️ Constraints
ContactDirect
Data may only flow into ClearanceLevel nodes if the flow has the corresponding ClassificationLevel label.
ContactDirect: data !ClassificationLevel.UserReceiver neverFlows vertex ClearanceLevel.UserReceiver
🚨 Violations
The introduced flow contact_direct bypasses Extract Number, which implies a missing access permission.