Security QA | |
User | System Administrator/Students/Hacker |
Problem | Attempt to change the grades, attempt to check the assignments |
Environment | Normal Operation |
Artifact | System’s database |
Response | Grant or withdraw permission to modify the data |
Tactic | Authenticate user, Authorize the user, Maintain Data Confidentiality, Maintain Integrity |
Rationale | Modification can only be done by authorized users |