Threat Model.tm7

<ThreatModel xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><DrawingSurfaceList><DrawingSurfaceModel z:Id="i1" xmlns:z="http://schemas.microsoft.com/2003/10/Serialization/"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">DRAWINGSURFACE</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts" xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Diagram</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name>Name</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">C</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">DRAWINGSURFACE</TypeId><Borders xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfguidanyType><a:Key>4b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value z:Id="i2" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Thick Client</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">OpenConnect Thick Client</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Unmanaged</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.ThickClient</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">34</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">249</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value z:Id="i3" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Web Server</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">OpenConnect Web Server</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Managed</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.WebServer</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">631</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">167</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>ae9fad25-61ab-4797-8266-1b97b20f5b33</a:Key><a:Value z:Id="i4" i:type="StencilRectangle"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.EI</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">ae9fad25-61ab-4797-8266-1b97b20f5b33</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Human User</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Human User</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Type</b:DisplayName><b:Name>type</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Human</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic External Interactor</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Authenticates Itself</b:DisplayName><b:Name>authenticatesItself</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Applicable</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Microsoft</b:DisplayName><b:Name>MS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.EI.TMCore.User</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">34</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">13</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>cd65edbb-0c56-4105-9d03-21163f8f29a8</a:Key><a:Value z:Id="i5" i:type="StencilRectangle"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">cd65edbb-0c56-4105-9d03-21163f8f29a8</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Free Text Annotation</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">DTLS protocol</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">461</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">10</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">101</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>e3dc8609-f561-48fb-b75e-c0ab902f4687</a:Key><a:Value z:Id="i6" i:type="StencilRectangle"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">e3dc8609-f561-48fb-b75e-c0ab902f4687</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Free Text Annotation</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Control Channel&#xD;
</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">320</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">29</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value z:Id="i7" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">04cdbc46-83cf-4cb1-81b5-457a5fa8150a</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configuration File</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Certificate Store</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Configuration</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.ConfigFile</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">808</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">40</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>6425f229-f632-458e-a2a6-98f9d6353021</a:Key><a:Value z:Id="i8" i:type="StencilRectangle"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6425f229-f632-458e-a2a6-98f9d6353021</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Free Text Annotation</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Webvpn</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.A</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">691</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">41</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>c5c2e7b2-b06a-4c24-9553-f255502665d4</a:Key><a:Value z:Id="i9" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c5c2e7b2-b06a-4c24-9553-f255502665d4</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Web Server</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Requested Application :Web Server</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">true</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Managed</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.WebServer</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">124</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1561</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">316</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">139</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>0a524375-8d81-4e87-9f9f-edf4a75c246f</a:Key><a:Value z:Id="i10" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0a524375-8d81-4e87-9f9f-edf4a75c246f</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Non Relational Database</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Application Database</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Non Relational Database</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.NoSQL</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1787</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">196</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value z:Id="i11" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">43246370-168b-40ac-8b1f-197ff26910ac</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>File System</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Company's Active Directory</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">true</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>File System</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>File System Type</b:DisplayName><b:Name>fsType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>NTFS</a:string><a:string>ExFAT</a:string><a:string>FAT</a:string><a:string>ReFS</a:string><a:string>IFS</a:string><a:string>UDF</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.FS</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1321</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">20</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</a:Key><a:Value z:Id="i12" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Non Relational Database</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Active Directory Store</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Non Relational Database</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.NoSQL</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1611</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">20</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>405c63d2-b002-4cff-bfa2-0278cb7944ab</a:Key><a:Value z:Id="i13" i:type="StencilRectangle"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.EI</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">405c63d2-b002-4cff-bfa2-0278cb7944ab</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Authorization Provider</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">RSA/TOTP/HOTP</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic External Interactor</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Authenticates Itself</b:DisplayName><b:Name>authenticatesItself</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Applicable</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Type</b:DisplayName><b:Name>type</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Code</a:string><a:string>Human</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Microsoft</b:DisplayName><b:Name>MS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.EI.TMCore.AuthProvider</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">639</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">536</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>5a00329f-51b8-4b6e-95a7-4940c346a513</a:Key><a:Value z:Id="i14" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5a00329f-51b8-4b6e-95a7-4940c346a513</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Device</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Smart Card</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Device</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>GPS</b:DisplayName><b:Name>GPS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contacts</b:DisplayName><b:Name>Contacts</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Calendar Events</b:DisplayName><b:Name>Calendar</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SMS messages</b:DisplayName><b:Name>SMSmessages</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Cached Credentials</b:DisplayName><b:Name>Creds</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Enterprise Data</b:DisplayName><b:Name>Enterprise</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Messaging Data (Mail, IM, SMS)</b:DisplayName><b:Name>e-mail</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SIM Storage</b:DisplayName><b:Name>SIM</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Other Data</b:DisplayName><b:Name>misc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.Device</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">64</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">479</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>9f84da96-8ab2-49d1-b216-f8fb09bd336c</a:Key><a:Value z:Id="i15" i:type="BorderBoundary"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.TB.B</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">9f84da96-8ab2-49d1-b216-f8fb09bd336c</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>CorpNet Trust Boundary</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">CorpNet Trust Boundary</b:Value></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Trust Border Boundary</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Trust Boundary Area</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.TB.B.TMCore.CorpNet</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">505</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">964</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">10</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">974</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>a0c236f6-6998-4373-87e0-3366d8a7eae3</a:Key><a:Value z:Id="i16" i:type="BorderBoundary"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.TB.B</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">a0c236f6-6998-4373-87e0-3366d8a7eae3</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Other Browsers Boundaries</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Client Trust Boundary</b:Value></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Chrome JavaScript Sandbox</b:DisplayName><b:Name>ChromeJava</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Chrome Sandbox</b:DisplayName><b:Name>Chrome</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Firefox JavaScript Sandbox</b:DisplayName><b:Name>FirefoxJava</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Trust Border Boundary</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Trust Boundary Area</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.TB.B.TMCore.NonIEB</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">584</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">10</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">10</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">312</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>6e0894a9-8a0b-4515-b0eb-02bdfc43560c</a:Key><a:Value z:Id="i17" i:type="BorderBoundary"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.TB.B</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6e0894a9-8a0b-4515-b0eb-02bdfc43560c</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Other Browsers Boundaries</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">OpenConnect Trust Boundary</b:Value></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Chrome JavaScript Sandbox</b:DisplayName><b:Name>ChromeJava</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Chrome Sandbox</b:DisplayName><b:Name>Chrome</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Firefox JavaScript Sandbox</b:DisplayName><b:Name>FirefoxJava</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Trust Border Boundary</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Trust Boundary Area</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.TB.B.TMCore.NonIEB</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">640</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">403</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">10</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">556</Width></a:Value></a:KeyValueOfguidanyType></Borders><Header>C</Header><Lines xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfguidanyType><a:Key>d2f1b975-fc1e-450c-9ed5-2daa7713cbf0</a:Key><a:Value z:Id="i18" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">d2f1b975-fc1e-450c-9ed5-2daa7713cbf0</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Connect Command</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">156</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">156</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">ae9fad25-61ab-4797-8266-1b97b20f5b33</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">84</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">108</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">84</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">255</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>ef7ad2ea-5da3-4816-9783-82a484926dfb</a:Key><a:Value z:Id="i19" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">ef7ad2ea-5da3-4816-9783-82a484926dfb</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">450</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">75</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">115</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">267</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">173</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>5d723338-3a81-498c-8f88-87a2293589e1</a:Key><a:Value z:Id="i20" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5d723338-3a81-498c-8f88-87a2293589e1</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Webvpn Cookie</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">473</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">203</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">173</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">115</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">267</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>15188a1e-3ded-4631-a325-1e8e9ba62a70</a:Key><a:Value z:Id="i21" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">15188a1e-3ded-4631-a325-1e8e9ba62a70</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTP Cookie</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">729</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">107</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">East</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">04cdbc46-83cf-4cb1-81b5-457a5fa8150a</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">813</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">135</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">726</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">217</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>78f65b03-fb96-44a6-b70d-d460e00b0da1</a:Key><a:Value z:Id="i22" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">78f65b03-fb96-44a6-b70d-d460e00b0da1</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Certificate Request</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">814</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">219</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">712</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">248</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">04cdbc46-83cf-4cb1-81b5-457a5fa8150a</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">858</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">135</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>702db47d-0998-47ac-88c3-91c1776fc0eb</a:Key><a:Value z:Id="i23" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">702db47d-0998-47ac-88c3-91c1776fc0eb</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">AD credentials</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1026</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">36</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">East</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">04cdbc46-83cf-4cb1-81b5-457a5fa8150a</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">903</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">90</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">43246370-168b-40ac-8b1f-197ff26910ac</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1326</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>b17c1534-0497-48aa-b096-6a4bb87c1077</a:Key><a:Value z:Id="i24" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">b17c1534-0497-48aa-b096-6a4bb87c1077</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Success/Failure Response</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1052</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">170</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">43246370-168b-40ac-8b1f-197ff26910ac</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1326</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">115</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">04cdbc46-83cf-4cb1-81b5-457a5fa8150a</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">903</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">135</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>c832ce9f-51db-40bb-966f-41769baf7bc7</a:Key><a:Value z:Id="i25" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c832ce9f-51db-40bb-966f-41769baf7bc7</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Verifies credentials</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1503</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">23</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">East</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">43246370-168b-40ac-8b1f-197ff26910ac</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1416</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1616</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>39b3e6d9-c120-4bf5-b5a5-c0b434557681</a:Key><a:Value z:Id="i26" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">39b3e6d9-c120-4bf5-b5a5-c0b434557681</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Success/Failure Response</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>2</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>5</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1514</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">116</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">East</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1616</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">43246370-168b-40ac-8b1f-197ff26910ac</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1416</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>e2824376-081a-4bdc-9c34-7bca0dd67a33</a:Key><a:Value z:Id="i27" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">e2824376-081a-4bdc-9c34-7bca0dd67a33</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS Connect Request </b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">492</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">376</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">115</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">330</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">649</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">248</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>36cf22e1-29fe-451e-b6c9-8dc851d36be9</a:Key><a:Value z:Id="i28" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">36cf22e1-29fe-451e-b6c9-8dc851d36be9</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Encrypted Data Flow</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1097</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">273</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">00000000-0000-0000-0000-000000000000</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">262</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c5c2e7b2-b06a-4c24-9553-f255502665d4</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1585</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">338</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>0f98850f-ab06-4c75-baa9-d41cc65e87bc</a:Key><a:Value z:Id="i29" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0f98850f-ab06-4c75-baa9-d41cc65e87bc</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Encrypted Data Flow</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1062</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">395</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c5c2e7b2-b06a-4c24-9553-f255502665d4</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1585</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">338</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">262</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>aa69937e-00db-43ee-a897-08d56735cc15</a:Key><a:Value z:Id="i30" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">aa69937e-00db-43ee-a897-08d56735cc15</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Database Request</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1629</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">281</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0a524375-8d81-4e87-9f9f-edf4a75c246f</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1792</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">291</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c5c2e7b2-b06a-4c24-9553-f255502665d4</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1675</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">338</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>19242652-4c37-4790-82d9-1d19c5581bb8</a:Key><a:Value z:Id="i31" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">19242652-4c37-4790-82d9-1d19c5581bb8</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Database Request</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1754</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">335</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c5c2e7b2-b06a-4c24-9553-f255502665d4</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1675</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">338</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0a524375-8d81-4e87-9f9f-edf4a75c246f</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1792</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">291</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>5841e37b-e706-4a17-916d-67d3b607c4f3</a:Key><a:Value z:Id="i32" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5841e37b-e706-4a17-916d-67d3b607c4f3</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Credential input</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">59</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">122</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">ae9fad25-61ab-4797-8266-1b97b20f5b33</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">84</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">108</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">84</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">255</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</a:Key><a:Value z:Id="i33" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c7c624b6-0a0a-4300-8e29-ff29a2ff9450</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS Tunnel Response</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">494</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">269</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">649</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">248</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">115</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">330</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>69b88ca2-4716-4b2a-9eba-8d79372af85e</a:Key><a:Value z:Id="i34" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">69b88ca2-4716-4b2a-9eba-8d79372af85e</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Two level auth checker</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">643</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">440</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">262</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">405c63d2-b002-4cff-bfa2-0278cb7944ab</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">689</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">541</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>b02f1fc4-d382-4ad2-a0b8-f4e30634db94</a:Key><a:Value z:Id="i35" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">b02f1fc4-d382-4ad2-a0b8-f4e30634db94</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Success/Failure Response</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">819</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">461</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">405c63d2-b002-4cff-bfa2-0278cb7944ab</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">689</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">541</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3c4b23f3-ed17-4675-aa4a-bac56d4545fc</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">681</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">262</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>67428b8c-108e-4e9d-9357-e9b0ce5670ab</a:Key><a:Value z:Id="i36" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">67428b8c-108e-4e9d-9357-e9b0ce5670ab</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">X.509 Certificate Request</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">379</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">4b822e5b-1109-4e93-8850-f6585d8a9669</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">84</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">344</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5a00329f-51b8-4b6e-95a7-4940c346a513</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">114</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">484</TargetY></a:Value></a:KeyValueOfguidanyType></Lines><Zoom>1</Zoom></DrawingSurfaceModel></DrawingSurfaceList><MetaInformation><Assumptions/><Contributors/><ExternalDependencies/><HighLevelSystemDescription/><Owner/><Reviewer/><ThreatModelName/></MetaInformation><Notes/><ThreatInstances xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.104cdbc46-83cf-4cb1-81b5-457a5fa8150a702db47d-0998-47ac-88c3-91c1776fc0eb43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>702db47d-0998-47ac-88c3-91c1776fc0eb</b:FlowGuid><b:Id>48</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:702db47d-0998-47ac-88c3-91c1776fc0eb:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Company's Active Directory</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Company's Active Directory may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Company's Active Directory. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>AD credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E5ae9fad25-61ab-4797-8266-1b97b20f5b33d2f1b975-fc1e-450c-9ed5-2daa7713cbf04b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>d2f1b975-fc1e-450c-9ed5-2daa7713cbf0</b:FlowGuid><b:Id>14</b:Id><b:InteractionKey>ae9fad25-61ab-4797-8266-1b97b20f5b33:d2f1b975-fc1e-450c-9ed5-2daa7713cbf0:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to impersonate the context of Human User in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Connect Command</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>ae9fad25-61ab-4797-8266-1b97b20f5b33</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E54b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>83</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to impersonate the context of OpenConnect Thick Client in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.14b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>82</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T64b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>81</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Authenticated Data Flow Compromised</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker can read or modify data transmitted over an authenticated dataflow.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S3ae9fad25-61ab-4797-8266-1b97b20f5b33d2f1b975-fc1e-450c-9ed5-2daa7713cbf04b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>d2f1b975-fc1e-450c-9ed5-2daa7713cbf0</b:FlowGuid><b:Id>13</b:Id><b:InteractionKey>ae9fad25-61ab-4797-8266-1b97b20f5b33:d2f1b975-fc1e-450c-9ed5-2daa7713cbf0:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Human User External Entity</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Human User may be spoofed by an attacker and this may lead to unauthorized access to OpenConnect Thick Client. Consider using a standard authentication mechanism to identify the external entity.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Connect Command</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>ae9fad25-61ab-4797-8266-1b97b20f5b33</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S704cdbc46-83cf-4cb1-81b5-457a5fa8150a702db47d-0998-47ac-88c3-91c1776fc0eb43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>702db47d-0998-47ac-88c3-91c1776fc0eb</b:FlowGuid><b:Id>47</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:702db47d-0998-47ac-88c3-91c1776fc0eb:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Certificate Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Certificate Store may be spoofed by an attacker and this may lead to incorrect data delivered to Company's Active Directory. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>AD credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E53c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>88</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to impersonate the context of OpenVPN Web Server in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T23c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>87</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>OpenVPN Web Server Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If OpenVPN Web Server is given access to memory, such as shared memory or pointers, or is given the ability to control what OpenConnect Thick Client executes (for example, passing back a function pointer.), then OpenVPN Web Server can tamper with OpenConnect Thick Client. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D23c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>42</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Excessive Resource Consumption for Web Server or Certificate Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Does OpenVPN Web Server or Certificate Store take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S704cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>20</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Certificate Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Certificate Store may be spoofed by an attacker and this may lead to incorrect data delivered to OpenVPN Web Server. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T504cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>21</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Risks from Logging</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.104cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>22</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.204cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>23</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Persistent Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store 'Certificate Store' inputs and output.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I2304cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>24</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weak Access Control for a Resource</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Improper data protection of Certificate Store can allow an attacker to read information not intended for disclosure. Review authorization settings.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I23</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I243c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>41</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weak Credential Storage</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I24</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R43c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>40</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Weak Protections for Audit Data</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Consider what happens when the audit mechanism comes under attack, including attempts to destroy the logs, or attack log analysis programs. Ensure access to the log is through a reference monitor, which controls read and write separately. Document what filters, if any, readers can rely on, or writers should expect</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R33c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>39</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Insufficient Auditing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Does the log capture enough data to understand what happened in the past? Do your logs capture enough data to understand an incident after the fact? Is such capture lightweight enough to be left on all the time? Do you have enough data to deal with repudiation claims? Make sure you log sufficient and appropriate data to handle a repudiation claims. You might want to talk to an audit expert as well as a privacy expert about your choice of data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R23c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>38</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Logs from an Unknown Source</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Do you accept logs from unknown or weakly authenticated users or systems? Identify and authenticate the source of the logs before accepting them.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R13c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>37</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Lower Trusted Subject Updates Logs</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If you have trust levels, is anyone other outside of the highest trust level allowed to log? Letting everyone write to your logs can lead to repudiation problems. Only allow trusted code to log.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T53c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>36</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Risks from Logging</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.13c4b23f3-ed17-4675-aa4a-bac56d4545fc78f65b03-fb96-44a6-b70d-d460e00b0da104cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>78f65b03-fb96-44a6-b70d-d460e00b0da1</b:FlowGuid><b:Id>35</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:78f65b03-fb96-44a6-b70d-d460e00b0da1:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Certificate Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Certificate Store may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Certificate Store. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T1104cdbc46-83cf-4cb1-81b5-457a5fa8150a15188a1e-3ded-4631-a325-1e8e9ba62a703c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>15188a1e-3ded-4631-a325-1e8e9ba62a70</b:FlowGuid><b:Id>34</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:15188a1e-3ded-4631-a325-1e8e9ba62a70:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>XML DTD and XSLT Processing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If a dataflow contains XML, XML processing threats (DTD and XSLT code execution) may be exploited.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTP Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T11</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S743246370-168b-40ac-8b1f-197ff26910acb17c1534-0497-48aa-b096-6a4bb87c107704cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b17c1534-0497-48aa-b096-6a4bb87c1077</b:FlowGuid><b:Id>49</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:b17c1534-0497-48aa-b096-6a4bb87c1077:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Company's Active Directory</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Company's Active Directory may be spoofed by an attacker and this may lead to incorrect data delivered to Certificate Store. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.143246370-168b-40ac-8b1f-197ff26910acb17c1534-0497-48aa-b096-6a4bb87c107704cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b17c1534-0497-48aa-b096-6a4bb87c1077</b:FlowGuid><b:Id>50</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:b17c1534-0497-48aa-b096-6a4bb87c1077:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Certificate Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Certificate Store may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Certificate Store. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S743246370-168b-40ac-8b1f-197ff26910acc832ce9f-51db-40bb-966f-41769baf7bc7a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c832ce9f-51db-40bb-966f-41769baf7bc7</b:FlowGuid><b:Id>51</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:c832ce9f-51db-40bb-966f-41769baf7bc7:a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Company's Active Directory</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Company's Active Directory may be spoofed by an attacker and this may lead to incorrect data delivered to Active Directory Store. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Verifies credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.143246370-168b-40ac-8b1f-197ff26910acc832ce9f-51db-40bb-966f-41769baf7bc7a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c832ce9f-51db-40bb-966f-41769baf7bc7</b:FlowGuid><b:Id>52</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:c832ce9f-51db-40bb-966f-41769baf7bc7:a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Active Directory Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Active Directory Store may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Active Directory Store. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Verifies credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7a911ac4e-8fc8-40df-9a2e-37e4b142cdc639b3e6d9-c120-4bf5-b5a5-c0b43455768143246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>39b3e6d9-c120-4bf5-b5a5-c0b434557681</b:FlowGuid><b:Id>54</b:Id><b:InteractionKey>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6:39b3e6d9-c120-4bf5-b5a5-c0b434557681:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Active Directory Store</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Active Directory Store may be spoofed by an attacker and this may lead to incorrect data delivered to Company's Active Directory. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.1a911ac4e-8fc8-40df-9a2e-37e4b142cdc639b3e6d9-c120-4bf5-b5a5-c0b43455768143246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>39b3e6d9-c120-4bf5-b5a5-c0b434557681</b:FlowGuid><b:Id>55</b:Id><b:InteractionKey>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6:39b3e6d9-c120-4bf5-b5a5-c0b434557681:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Company's Active Directory</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Company's Active Directory may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Company's Active Directory. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>a911ac4e-8fc8-40df-9a2e-37e4b142cdc6</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.14b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>56</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E54b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>57</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to impersonate the context of OpenConnect Thick Client in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E5ae9fad25-61ab-4797-8266-1b97b20f5b335841e37b-e706-4a17-916d-67d3b607c4f34b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5841e37b-e706-4a17-916d-67d3b607c4f3</b:FlowGuid><b:Id>92</b:Id><b:InteractionKey>ae9fad25-61ab-4797-8266-1b97b20f5b33:5841e37b-e706-4a17-916d-67d3b607c4f3:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to impersonate the context of Human User in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Credential input</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>ae9fad25-61ab-4797-8266-1b97b20f5b33</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S3ae9fad25-61ab-4797-8266-1b97b20f5b335841e37b-e706-4a17-916d-67d3b607c4f34b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5841e37b-e706-4a17-916d-67d3b607c4f3</b:FlowGuid><b:Id>91</b:Id><b:InteractionKey>ae9fad25-61ab-4797-8266-1b97b20f5b33:5841e37b-e706-4a17-916d-67d3b607c4f3:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Human User External Entity</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Human User may be spoofed by an attacker and this may lead to unauthorized access to OpenConnect Thick Client. Consider using a standard authentication mechanism to identify the external entity.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Credential input</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>ae9fad25-61ab-4797-8266-1b97b20f5b33</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.20a524375-8d81-4e87-9f9f-edf4a75c246faa69937e-00db-43ee-a897-08d56735cc15c5c2e7b2-b06a-4c24-9553-f255502665d4</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>aa69937e-00db-43ee-a897-08d56735cc15</b:FlowGuid><b:Id>77</b:Id><b:InteractionKey>0a524375-8d81-4e87-9f9f-edf4a75c246f:aa69937e-00db-43ee-a897-08d56735cc15:c5c2e7b2-b06a-4c24-9553-f255502665d4</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Persistent Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Requested Application :Web Server' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store 'Application Database' inputs and output.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.10a524375-8d81-4e87-9f9f-edf4a75c246faa69937e-00db-43ee-a897-08d56735cc15c5c2e7b2-b06a-4c24-9553-f255502665d4</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>aa69937e-00db-43ee-a897-08d56735cc15</b:FlowGuid><b:Id>76</b:Id><b:InteractionKey>0a524375-8d81-4e87-9f9f-edf4a75c246f:aa69937e-00db-43ee-a897-08d56735cc15:c5c2e7b2-b06a-4c24-9553-f255502665d4</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Requested Application :Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S70a524375-8d81-4e87-9f9f-edf4a75c246faa69937e-00db-43ee-a897-08d56735cc15c5c2e7b2-b06a-4c24-9553-f255502665d4</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>aa69937e-00db-43ee-a897-08d56735cc15</b:FlowGuid><b:Id>75</b:Id><b:InteractionKey>0a524375-8d81-4e87-9f9f-edf4a75c246f:aa69937e-00db-43ee-a897-08d56735cc15:c5c2e7b2-b06a-4c24-9553-f255502665d4</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store Application Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Application Database may be spoofed by an attacker and this may lead to incorrect data delivered to Requested Application :Web Server. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E5c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>90</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to impersonate the context of Requested Application :Web Server in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.1c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>89</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.1405c63d2-b002-4cff-bfa2-0278cb7944abb02f1fc4-d382-4ad2-a0b8-f4e30634db943c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b02f1fc4-d382-4ad2-a0b8-f4e30634db94</b:FlowGuid><b:Id>95</b:Id><b:InteractionKey>405c63d2-b002-4cff-bfa2-0278cb7944ab:b02f1fc4-d382-4ad2-a0b8-f4e30634db94:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'OpenVPN Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>405c63d2-b002-4cff-bfa2-0278cb7944ab</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S3405c63d2-b002-4cff-bfa2-0278cb7944abb02f1fc4-d382-4ad2-a0b8-f4e30634db943c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b02f1fc4-d382-4ad2-a0b8-f4e30634db94</b:FlowGuid><b:Id>94</b:Id><b:InteractionKey>405c63d2-b002-4cff-bfa2-0278cb7944ab:b02f1fc4-d382-4ad2-a0b8-f4e30634db94:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the RSA/TOTP/HOTP External Entity</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>RSA/TOTP/HOTP may be spoofed by an attacker and this may lead to unauthorized access to OpenVPN Web Server. Consider using a standard authentication mechanism to identify the external entity.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>405c63d2-b002-4cff-bfa2-0278cb7944ab</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E53c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>86</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to impersonate the context of OpenVPN Web Server in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T23c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>85</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>OpenVPN Web Server Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If OpenVPN Web Server is given access to memory, such as shared memory or pointers, or is given the ability to control what OpenConnect Thick Client executes (for example, passing back a function pointer.), then OpenVPN Web Server can tamper with OpenConnect Thick Client. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E33c4b23f3-ed17-4675-aa4a-bac56d4545fc69b88ca2-4716-4b2a-9eba-8d79372af85e405c63d2-b002-4cff-bfa2-0278cb7944ab</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>69b88ca2-4716-4b2a-9eba-8d79372af85e</b:FlowGuid><b:Id>93</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:69b88ca2-4716-4b2a-9eba-8d79372af85e:405c63d2-b002-4cff-bfa2-0278cb7944ab</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weakness in SSO Authorization</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Common SSO implementations such as OAUTH2 and OAUTH Wrap are vulnerable to MitM attacks.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Two level auth checker</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>405c63d2-b002-4cff-bfa2-0278cb7944ab</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D2c5c2e7b2-b06a-4c24-9553-f255502665d419242652-4c37-4790-82d9-1d19c5581bb80a524375-8d81-4e87-9f9f-edf4a75c246f</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>19242652-4c37-4790-82d9-1d19c5581bb8</b:FlowGuid><b:Id>80</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:19242652-4c37-4790-82d9-1d19c5581bb8:0a524375-8d81-4e87-9f9f-edf4a75c246f</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Excessive Resource Consumption for Requested Application :Web Server or Application Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Does Requested Application :Web Server or Application Database take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.1c5c2e7b2-b06a-4c24-9553-f255502665d419242652-4c37-4790-82d9-1d19c5581bb80a524375-8d81-4e87-9f9f-edf4a75c246f</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>19242652-4c37-4790-82d9-1d19c5581bb8</b:FlowGuid><b:Id>79</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:19242652-4c37-4790-82d9-1d19c5581bb8:0a524375-8d81-4e87-9f9f-edf4a75c246f</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Application Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Application Database may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Application Database. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I230a524375-8d81-4e87-9f9f-edf4a75c246faa69937e-00db-43ee-a897-08d56735cc15c5c2e7b2-b06a-4c24-9553-f255502665d4</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>aa69937e-00db-43ee-a897-08d56735cc15</b:FlowGuid><b:Id>78</b:Id><b:InteractionKey>0a524375-8d81-4e87-9f9f-edf4a75c246f:aa69937e-00db-43ee-a897-08d56735cc15:c5c2e7b2-b06a-4c24-9553-f255502665d4</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weak Access Control for a Resource</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Improper data protection of Application Database can allow an attacker to read information not intended for disclosure. Review authorization settings.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Database Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>0a524375-8d81-4e87-9f9f-edf4a75c246f</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I23</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E5405c63d2-b002-4cff-bfa2-0278cb7944abb02f1fc4-d382-4ad2-a0b8-f4e30634db943c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b02f1fc4-d382-4ad2-a0b8-f4e30634db94</b:FlowGuid><b:Id>96</b:Id><b:InteractionKey>405c63d2-b002-4cff-bfa2-0278cb7944ab:b02f1fc4-d382-4ad2-a0b8-f4e30634db94:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to impersonate the context of RSA/TOTP/HOTP in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>405c63d2-b002-4cff-bfa2-0278cb7944ab</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D24b822e5b-1109-4e93-8850-f6585d8a966967428b8c-108e-4e9d-9357-e9b0ce5670ab5a00329f-51b8-4b6e-95a7-4940c346a513</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>67428b8c-108e-4e9d-9357-e9b0ce5670ab</b:FlowGuid><b:Id>100</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:67428b8c-108e-4e9d-9357-e9b0ce5670ab:5a00329f-51b8-4b6e-95a7-4940c346a513</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Excessive Resource Consumption for Open VPN Thick Client or Smart Card</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Does OpenConnect Thick Client or Smart Card take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>X.509 Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5a00329f-51b8-4b6e-95a7-4940c346a513</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.14b822e5b-1109-4e93-8850-f6585d8a966967428b8c-108e-4e9d-9357-e9b0ce5670ab5a00329f-51b8-4b6e-95a7-4940c346a513</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>67428b8c-108e-4e9d-9357-e9b0ce5670ab</b:FlowGuid><b:Id>99</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:67428b8c-108e-4e9d-9357-e9b0ce5670ab:5a00329f-51b8-4b6e-95a7-4940c346a513</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store Smart Card</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Smart Card may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of Smart Card. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>X.509 Certificate Request</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5a00329f-51b8-4b6e-95a7-4940c346a513</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D543246370-168b-40ac-8b1f-197ff26910acb17c1534-0497-48aa-b096-6a4bb87c107704cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b17c1534-0497-48aa-b096-6a4bb87c1077</b:FlowGuid><b:Id>131</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:b17c1534-0497-48aa-b096-6a4bb87c1077:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Store Inaccessible</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent prevents access to a data store on the other side of the trust boundary.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D443246370-168b-40ac-8b1f-197ff26910acb17c1534-0497-48aa-b096-6a4bb87c107704cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b17c1534-0497-48aa-b096-6a4bb87c1077</b:FlowGuid><b:Id>130</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:b17c1534-0497-48aa-b096-6a4bb87c1077:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Success/Failure Response Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R843246370-168b-40ac-8b1f-197ff26910acb17c1534-0497-48aa-b096-6a4bb87c107704cdbc46-83cf-4cb1-81b5-457a5fa8150a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>b17c1534-0497-48aa-b096-6a4bb87c1077</b:FlowGuid><b:Id>129</b:Id><b:InteractionKey>43246370-168b-40ac-8b1f-197ff26910ac:b17c1534-0497-48aa-b096-6a4bb87c1077:04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Store Denies Certificate Store Potentially Writing Data</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Certificate Store claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Success/Failure Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R8</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D504cdbc46-83cf-4cb1-81b5-457a5fa8150a702db47d-0998-47ac-88c3-91c1776fc0eb43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>702db47d-0998-47ac-88c3-91c1776fc0eb</b:FlowGuid><b:Id>128</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:702db47d-0998-47ac-88c3-91c1776fc0eb:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Store Inaccessible</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent prevents access to a data store on the other side of the trust boundary.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>AD credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D404cdbc46-83cf-4cb1-81b5-457a5fa8150a702db47d-0998-47ac-88c3-91c1776fc0eb43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>702db47d-0998-47ac-88c3-91c1776fc0eb</b:FlowGuid><b:Id>127</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:702db47d-0998-47ac-88c3-91c1776fc0eb:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow AD credentials Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>AD credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R804cdbc46-83cf-4cb1-81b5-457a5fa8150a702db47d-0998-47ac-88c3-91c1776fc0eb43246370-168b-40ac-8b1f-197ff26910ac</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>702db47d-0998-47ac-88c3-91c1776fc0eb</b:FlowGuid><b:Id>126</b:Id><b:InteractionKey>04cdbc46-83cf-4cb1-81b5-457a5fa8150a:702db47d-0998-47ac-88c3-91c1776fc0eb:43246370-168b-40ac-8b1f-197ff26910ac</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Store Denies Company's Active Directory Potentially Writing Data</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Company's Active Directory claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>AD credentials</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>04cdbc46-83cf-4cb1-81b5-457a5fa8150a</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>43246370-168b-40ac-8b1f-197ff26910ac</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R8</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D3c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>122</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I6c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>121</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Sniffing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across Encrypted Data Flow may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R6c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>120</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T1c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>119</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Lack of Input Validation for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across Encrypted Data Flow may be tampered with by an attacker. This may lead to a denial of service attack against OpenVPN Web Server or an elevation of privilege attack against OpenVPN Web Server or an information disclosure by OpenVPN Web Server. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S2c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>118</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the OpenVPN Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be spoofed by an attacker and this may lead to information disclosure by Requested Application :Web Server. Consider using a standard authentication mechanism to identify the destination process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S1c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>117</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Requested Application :Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Requested Application :Web Server may be spoofed by an attacker and this may lead to unauthorized access to OpenVPN Web Server. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D4c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>123</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Encrypted Data Flow Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E6c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>124</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>OpenVPN Web Server May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Requested Application :Web Server may be able to remotely execute code for OpenVPN Web Server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E7c5c2e7b2-b06a-4c24-9553-f255502665d40f98850f-ab06-4c75-baa9-d41cc65e87bc3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>0f98850f-ab06-4c75-baa9-d41cc65e87bc</b:FlowGuid><b:Id>125</b:Id><b:InteractionKey>c5c2e7b2-b06a-4c24-9553-f255502665d4:0f98850f-ab06-4c75-baa9-d41cc65e87bc:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into OpenVPN Web Server in order to change the flow of program execution within OpenVPN Web Server to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Encrypted Data Flow</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>c5c2e7b2-b06a-4c24-9553-f255502665d4</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S14b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>148</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Open VPN Thick Client Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be spoofed by an attacker and this may lead to unauthorized access to OpenVPN Web Server. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T14b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>149</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Lack of Input Validation for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS may be tampered with by an attacker. This may lead to a denial of service attack against OpenVPN Web Server or an elevation of privilege attack against OpenVPN Web Server or an information disclosure by OpenVPN Web Server. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R64b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>150</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I64b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>151</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Sniffing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D34b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>152</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D44b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>153</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E64b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>154</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>OpenVPN Web Server May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to remotely execute code for OpenVPN Web Server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E74b822e5b-1109-4e93-8850-f6585d8a9669ef7ad2ea-5da3-4816-9783-82a484926dfb3c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>ef7ad2ea-5da3-4816-9783-82a484926dfb</b:FlowGuid><b:Id>155</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:ef7ad2ea-5da3-4816-9783-82a484926dfb:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into OpenVPN Web Server in order to change the flow of program execution within OpenVPN Web Server to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R63c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>156</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D33c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>157</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D43c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>158</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Webvpn Cookie Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E63c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>159</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Open VPN Thick Client May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to remotely execute code for OpenConnect Thick Client.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E73c4b23f3-ed17-4675-aa4a-bac56d4545fc5d723338-3a81-498c-8f88-87a2293589e14b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>5d723338-3a81-498c-8f88-87a2293589e1</b:FlowGuid><b:Id>160</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:5d723338-3a81-498c-8f88-87a2293589e1:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into OpenConnect Thick Client in order to change the flow of program execution within OpenConnect Thick Client to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>Webvpn Cookie</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S14b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>161</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Open VPN Thick Client Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be spoofed by an attacker and this may lead to unauthorized access to OpenVPN Web Server. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S24b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>162</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the OpenVPN Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be spoofed by an attacker and this may lead to information disclosure by OpenConnect Thick Client. Consider using a standard authentication mechanism to identify the destination process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T14b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>163</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Lack of Input Validation for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS Connect Request  may be tampered with by an attacker. This may lead to a denial of service attack against OpenVPN Web Server or an elevation of privilege attack against OpenVPN Web Server or an information disclosure by OpenVPN Web Server. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R64b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>164</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I64b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>165</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Sniffing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS Connect Request  may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D34b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>166</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D44b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>167</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Connect Request  Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E64b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>168</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>OpenVPN Web Server May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be able to remotely execute code for OpenVPN Web Server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E74b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>169</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in OpenVPN Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into OpenVPN Web Server in order to change the flow of program execution within OpenVPN Web Server to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>8404dcf5-bdd8-4902-abc2-3b6c967b02614b822e5b-1109-4e93-8850-f6585d8a9669e2824376-081a-4bdc-9c34-7bca0dd67a333c4b23f3-ed17-4675-aa4a-bac56d4545fc</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>e2824376-081a-4bdc-9c34-7bca0dd67a33</b:FlowGuid><b:Id>170</b:Id><b:InteractionKey>4b822e5b-1109-4e93-8850-f6585d8a9669:e2824376-081a-4bdc-9c34-7bca0dd67a33:3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Request Forgery</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Connect Request </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>8404dcf5-bdd8-4902-abc2-3b6c967b0261</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S13c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>171</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the OpenVPN Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be spoofed by an attacker and this may lead to unauthorized access to OpenConnect Thick Client. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S23c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>172</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Open VPN Thick Client Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client may be spoofed by an attacker and this may lead to information disclosure by OpenVPN Web Server. Consider using a standard authentication mechanism to identify the destination process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>173</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Lack of Input Validation for Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS Tunnel Response may be tampered with by an attacker. This may lead to a denial of service attack against OpenConnect Thick Client or an elevation of privilege attack against OpenConnect Thick Client or an information disclosure by OpenConnect Thick Client. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R63c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>174</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I63c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>175</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow Sniffing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Data flowing across HTTPS Tunnel Response may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D33c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>176</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenConnect Thick Client crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D43c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>177</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Tunnel Response Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E63c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>178</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Open VPN Thick Client May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>OpenVPN Web Server may be able to remotely execute code for OpenConnect Thick Client.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E73c4b23f3-ed17-4675-aa4a-bac56d4545fcc7c624b6-0a0a-4300-8e29-ff29a2ff94504b822e5b-1109-4e93-8850-f6585d8a9669</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy i:nil="true"/><b:DrawingSurfaceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</b:DrawingSurfaceGuid><b:FlowGuid>c7c624b6-0a0a-4300-8e29-ff29a2ff9450</b:FlowGuid><b:Id>179</b:Id><b:InteractionKey>3c4b23f3-ed17-4675-aa4a-bac56d4545fc:c7c624b6-0a0a-4300-8e29-ff29a2ff9450:4b822e5b-1109-4e93-8850-f6585d8a9669</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>0001-01-01T00:00:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Open VPN Thick Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into OpenConnect Thick Client in order to change the flow of program execution within OpenConnect Thick Client to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS Tunnel Response</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>3c4b23f3-ed17-4675-aa4a-bac56d4545fc</b:SourceGuid><b:State>AutoGenerated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>4b822e5b-1109-4e93-8850-f6585d8a9669</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB></ThreatInstances><ThreatGenerationEnabled>true</ThreatGenerationEnabled><Validations xmlns:a="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><a:Validation z:Id="i37" xmlns:z="http://schemas.microsoft.com/2003/10/Serialization/"><a:ElementGuids xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:guid>36cf22e1-29fe-451e-b6c9-8dc851d36be9</b:guid><b:guid>36cf22e1-29fe-451e-b6c9-8dc851d36be9</b:guid></a:ElementGuids><a:Enabled>true</a:Enabled><a:Guid>00000000-0000-0000-0000-000000000000</a:Guid><a:IssueGuid>102be8a5-2c83-439a-9157-f7c7e9ac1321</a:IssueGuid><a:Items xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><a:Message>The connector should be attached to two elements.</a:Message><a:Source/><a:SourceGuid>bdf43d0c-43a1-4c4e-8e8f-a322c814f4cd</a:SourceGuid></a:Validation></Validations><Version>4.3</Version><KnowledgeBase z:Id="i38" xmlns:a="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase" xmlns:z="http://schemas.microsoft.com/2003/10/Serialization/"><a:GenericElements><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Managed</b:Value><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Kernel</b:Value><b:Value>System</b:Value><b:Value>Network Service</b:Value><b:Value>Local Service</b:Value><b:Value>Administrator</b:Value><b:Value>Standard User With Elevation</b:Value><b:Value>Standard User Without Elevation</b:Value><b:Value>Windows Store App</b:Value></a:AttributeValues><a:DisplayName>Running As</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>runningAs</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>AppContainer</b:Value><b:Value>Low Integrity Level</b:Value><b:Value>Microsoft Office Isolated Conversion Environment (MOICE)</b:Value><b:Value>Sandbox</b:Value></a:AttributeValues><a:DisplayName>Isolation Level</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Isolation</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Any Remote User or Entity</b:Value><b:Value>Kernel, System, or Local Admin</b:Value><b:Value>Local or Network Service</b:Value><b:Value>Local Standard User With Elevation</b:Value><b:Value>Local Standard User Without Elevation</b:Value><b:Value>Windows Store Apps or App Container Processes</b:Value><b:Value>Nothing</b:Value><b:Value>Other</b:Value></a:AttributeValues><a:DisplayName>Accepts Input From</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>acceptsInputFrom</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses an Authentication Mechanism</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsAuthenticationScheme</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses an Authorization Mechanism</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsCustomAuthorizationMechanism</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses a Communication Protocol</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsCommunicationProtocol</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Sanitizes Input</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>hasInputSanitizers</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Sanitizes Output</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>hasOutputSanitizers</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>A representation of a generic process.</a:Description><a:Hidden>false</a:Hidden><a:Id>GE.P</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Process</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Ellipse</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Code</b:Value><b:Value>Human</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Microsoft</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>MS</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external interactor.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.EI</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic External Interactor</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Rectangle</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Stores Credentials</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storesCredentials</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Stores Log Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storesLogData</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Encrypted</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Encrypted</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Signed</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Signed</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Write Access</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>AccessType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Removable Storage</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>RemoveableStorage</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Backup</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Backup</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Shared</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>shared</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>SQL Relational Database</b:Value><b:Value>Non Relational Database</b:Value><b:Value>File System</b:Value><b:Value>Registry</b:Value><b:Value>Configuration</b:Value><b:Value>Cache</b:Value><b:Value>HTML5 Storage</b:Value><b:Value>Cookie</b:Value><b:Value>Device</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a data store.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.DS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAIxJREFUOE9j+P//PxwzmnrPB+L/BPB5IOaH6SFVMxgzmflcANJgQ0jWDMMwQ8jSDMMgQ0Au0AZiVzKxBcgFWE0nFoMNcM6smoaPxoZhcpS7AIu/SMLDIQxKJswpxoVhikC2YZMHYVAgCuLCMANcs6vDsMmDMMwL9jDFJGCwHrABuhFZPkgSRGGIHu//AJbS3MIG0q+eAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Data Store</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>ParallelLines</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Wire</b:Value><b:Value>Wi-Fi</b:Value><b:Value>Bluetooth</b:Value><b:Value>2G-4G</b:Value></a:AttributeValues><a:DisplayName>Physical Network</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>channel</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Transmits XML</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>XMLenc</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Contains Cookies</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Cookies</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SOAP Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SOAP</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>REST Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>REST</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>RSS Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>RSS</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>JSON Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>JSON</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>ValidateAntiForgeryTokenAttribute</b:Value><b:Value>ViewStateUserKey</b:Value><b:Value>Nonce</b:Value><b:Value>Other dynamic canary</b:Value><b:Value>Static header not available to the browser</b:Value><b:Value>Other</b:Value><b:Value>None</b:Value><b:Value>Not applicable because the request does not change data</b:Value></a:AttributeValues><a:DisplayName>Forgery Protection</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>54851a3b-65da-4902-b4e0-94ef015be735</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A unidirectional representation of the flow of data between elements.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.DF</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Data Flow</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Line</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
        An arc representation of a trust boundary.
      </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.TB.L</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Trust Line Boundary</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>LineBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
        A border representation of a trust boundary.
      </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.TB.B</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Trust Border Boundary</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an annotation.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.A</a:Id><a:ImageLocation i:nil="true"/><a:ImageSource i:nil="true"/><a:ImageStream i:nil="true"/><a:Name>Free Text Annotation</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Annotation</a:Representation><a:Shape i:nil="true"/></a:ElementType></a:GenericElements><a:Manifest><a:Author>TwC MSEC</a:Author><a:Id>cc62ebae-3748-431e-b1df-f4220dc9003f</a:Id><a:Name>SDL TM Knowledge Base (Core)</a:Name><a:Version>4.1.0.9</a:Version></a:Manifest><a:StandardElements><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A Windows Process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.OSProcess</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>OS Process</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A thread of execution in a Windows process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Thread</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Thread</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A thread of execution in the Windows kernel.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.KernelThread</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Kernel Thread</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Win32 or Win64 application.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WinApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Native Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a .NET Web application.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.NetApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Managed Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a thick client.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.ThickClient</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGBJREFUOE/FjdEJwDAIBe1QnaJ7BzpA5nmpH8KjkaC2kI9L5MBTAHzClRnkOK/+gABdF95+EissoL/N/wRMrOAAsyfArhRgSgF2pQBTCrDT59YhQLMlZrqUxZUZXBkHMgDkpHNwRk9QLgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Thick Client</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a browser client.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.BrowserClient</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASBJREFUOE+l0q1LBGEQx/FdMMsVg/H+AG1WmxqMZ1WDWC5dUMQiyImIQVARRTGpRVHwpYigd/iCmLQZBINYD8yG576/Y0Y27AOehs/O7PA8s/PwbBJC+JfcYjuStG/Y9WAML9jAE0ZQRGuNNhBDlm+exDvqKmLP4hXeMIifBv515Xp04Rrb2MIdZiyu4NB0xBos4RZzOMYNplHDPhZwj7JvylJBo+tFi78s37X4iSPLa7EGq9D441jDJkattowJy+e9gaLnenwogcb/tvzAYgMXltdjE1Rwjins4ARli+uYhZqUYhN04gFqoi+/ompRt6Kr1XRpbAIZwjMuVYQf4QyP6EX0P3DdGMApFqEj9KOA1prcCbzbX+UW25Fb/L2QNAG8ROHz0OoHewAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser Client</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>ActiveX</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>ActiveX</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Brower Plug-in Object (BHO)</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>BHO</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an browser plugin.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.PlugIn</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANxJREFUOE+l070OwVAYgGEdDG7BbJUYMPhZJKYmBgYJg9lgwCDhAoTJHXSR2A0MRPxdA4nRDRgYxML7JW3SoI62w5PTnp68+XKSBrSEXsPTI0MCl7dNVyRgvcizG64CafTQte0pA1G0McASKdi//wyUccQaMzxwRgzWGcdAGAdskUEIHciZFZSBLDaYY4wJppAzMokyEMcOezTRQh1VVKAMyLgnXJGEhgL6kLtRBkZo4A7Zv5mrjJ/HXwFZS1hA7mKICKwzwjGQQxEyftDc++Yj4IkEfP9MPn5n3XgBkdQdpG8eZzEAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser and ActiveX Plugins</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an Web Server Process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebServer</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAJ5JREFUOE9j+P//Pxgzmnr/JwejGOCcWTWtZMKcYmIxhgGu2dVhQLYgsRjDAN2ILB8YnxgMNgBEYMH22DSgY5BarAYQ6xKQWjABCjwBx7A7qkEpO8kyAB3T3wDk+Ec2iBiM1QW4DMSW0LC6ADlBIRuALaERDAOLxKJFMBxS3qYHE4dhnAZgE0fC8IQGIlyxYJDzsInDMEgebgAF+D8DAHhvQ2cWCf/0AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Server</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Local</b:Value><b:Value>Web</b:Value></a:AttributeValues><a:DisplayName>Context</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>context</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Documents Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>documentsLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Enterprise Authentication capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>enterprizeAuthentication</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Internet (Client &amp; Server) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>internetClientServer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Internet (Client) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>internetClient</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Location capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>location</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Microphone capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>microphone</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Music Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>musicLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Pictures Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>pictureLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Private Networks (Client &amp; Server) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>privateNetworkClientServer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Proximity capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>proximity</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Removable Storage capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>removableStorage</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Shared User Certificates capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>sharedUserCertificates</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Text Messaging capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>sms</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Videos Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>videosLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Webcam capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>webcam</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Windows Store process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Modern</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows Store Process</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an network process or service.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Win32Service</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Win32 Service</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Delivers web content to a human user.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Exposes a programmatic interface.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebSvc</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Service</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A virtual machine running in a Hyper-V partition.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.VM</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Virtual Machine</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Microsoft applications running on operating systems from Google or Apple.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.NonMS</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Applications Running on a non Microsoft OS</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web browser.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.Browser</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAMRJREFUOE9j+P//PwOjqfd/NGwPEkfH2NSBJUomzCmGCTpnVk1rmbdCHl0zLnVgCZggDPPaBzuha8alDquEbkSWD5C+jyYuj8YHq8NnAIqYuFu0K7oY2AAgA90mkjCG7aRinAaAQhkbGx3jNMA1uzoMGD6uUCyHTQ0I4zQAFECgAIZhbGpAeJAYYJFYtAiUTEE4sbG/HiSGzQBs6hi4bYNegBjoOKS8TQ/ZAFzqQJI2QAwLbWTMAcRwA4AYqzpkBWTg/wwA3lTsAWB+hJkAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external authorization provider.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.AuthProvider</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAATpJREFUOE9j+P//PwZmNPWuB+L7QPwfit8D8Xwg5kdXi8IBYajC/0YxeXNLJswpBmG/osYOFnPfT0xmPhfQDUHXHA/SDNIE5CsBsSAUS529fseH1cLvM9CghSC1MIxiALuV/xXVoJSdQDZIE4ocELOAXAKyANkVKIpAkuGVHfHIYsh47sZd6iA1vPbBTjAxFAUgSd2ILB9kMWRsnlAojK4GRYGAY9gdLpvApchiyJjTOjAJZEDLvBXyMDEUBW45NU0gBUCM4Q2gmD6zuc9HaBixwMRRFAGxFEgB1BCU6AJG4Qd+h9DbO0+cM0cWhzOQsDbIAJBzYWJAvjxILLSirQzIh9sOwnAGMoa6AAObxhX4o6tF4SBhVxwYI32gcJAxFhfYY1OHIYCECdoOwhgCyJiQ7SCMVZB4/J8BAHcPi99NNItPAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Authorization Provider</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web application (portal, front ed, etc.).
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WebApp</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAIBJREFUOE9j+P//PwOjqXc8EP8nEc8H6QUbwGzu8xGLAmKwPswFYAHnzKppJRPmFBPCMPUqgSmeKAa4ZleHAfmChDBMvW5Elg+KASABEJ8QHjVg1AAQxmkAqRhuAKuF32dsCmB5A5scCNuklNqCDfArauzApgAfVg1K2fn//39eAIdsIEry0cBoAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>External Web Application</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web service.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WebSvc</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAJ5JREFUOE9j+P//Pxgzmnr/JwejGOCcWTWtZMKcYmIxhgGu2dVhQLYgsRjDAN2ILB8YnxgMNgBEYMH22DSgY5BarAYQ6xKQWjABCjwBx7A7qkEpO8kyAB3T3wDk+Ec2iBiM1QW4DMSW0LC6ADlBIRuALaERDAOLxKJFMBxS3qYHE4dhnAZgE0fC8IQGIlyxYJDzsInDMEgebgAF+D8DAHhvQ2cWCf/0AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>External Web Service</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Human</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a user.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.User</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAQNJREFUOE9j+P//PwZmNPXWB+L7QPwfiveDxLCpxRAAKuRnMvP5gKQZjJnNfS6iqwVhDAFe+2AndM1IGMMVKBwQ1o3I8sGiEYyL+mdLo6tH4YAwl03gUmyaQZjN0r8QXT0KB4SFnSP2YNMMwsoByQ3o6lE4ILzvzEVrVgu/z+iaBRzD7izbcUAbXT0KB4pZlPyTtqMb4JZT0wSSQ1OL1QCG8MqOeHQDgEAKWQ0MYwgAFfMDo3IaugFAHI+uFoThDKACUOqbD8TvoRqwYVDqrAdiebgBQA5IIyipYtOAD4Ms42cAJVE0CaIxi7nvQpALsEoSg/kdQk9RZICgU9gZCg0IOwMAqzT/oq6scnwAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Human User</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A large service that has only one instance on the Internet, for example, Outlook.com and Xbox Live.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.Megasevrice</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAALBJREFUOE+l0rEJwmAQBeBfBEFwAAcQBHsLwQ1srRwgrUu4gZO4gQNYWQmpbG0d4HwvmHD+eZocFh8JL3eP5CfJzP4iw4g0WG66LKCAlcsarcCZwhnMucEMmjm/UJvDEPLl2hX4vJr3ixO4AIee7+s3a2gVbEENK3v4KNgBX00NKzwL7lQFPGE11EfBgnsWRpQs6DqwXx4sOGVhxJEFY95A5FNKOMBI/t8RMoyQYX+WXnB1v3lL8LpjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Megaservice</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into an unmanged runtime library such as the CRT.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.CRT</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into the .NET Framework.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.NFX</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows .NET Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into WinRT.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WinRT</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows RT Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
          A representation of a Cloud Storage.
        </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.CloudStorage</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOwwAADsMBx2+oZAAAAXRJREFUOE+NkztLA0EUhVcFg4U2goUgWKxVKnGNqKCBKBYGZBVUkO1iEfHR+0ZSCoKNIGIjwR+ghb2Vv8DeVlDBLiYZ7zfM6OyyPorD5J57zpndvTeeUioVLcOzgeBFoBxQB64uZrJAJGi25oofQbRVnVnfPeWkhndDXNOlaerbEN/cPyxJzxf0cVLDC16tzw1odoyHz9zWXVh+5BQ+Y/sGGZ6ECyxnzbeQe2dXq1JzW86crlkju1g+QCuoUGOuQLSPzr0L0WWFwq0ZoZTfAYfn1QCt6VUQ1o057wr9sLSTFiDgtfImpE6AKpS3TxKi3wI08NDTAUPRJu8eE/wVYPuejKThjiUp+CmgbaT4htezYxGwZXy4XkHNcC5qGOUMBXpD8ZLmmy1rQA6ubPRH+8eM6mup+H10cU24ngxaPHjtI7FtU4JpAV+5Z2C+dGcDjJgRsxto0OJJ/y8YZNnMzsmFJ/mtxWlIJR1MCMYSXAyp5P+hvE94cVhHBmDVoQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cloud Storage</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>SQL Relational Database</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a SQL Database.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.SQL</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASJJREFUOE99kj1Ow0AQhQ2IjsJHSA7Bj4SJZCmpiNLQUSJRIwpQOAItSgvKDXIe6lyAAgkoyPA+s2vtrr2O9Ekz895MdrxbmFmxd3y5FB9iJ6wH6uhL/CE0I9j+yXx3NLnaXtw+vKZQR8eHPx1gGJRMxbkY9UB9ig+/fvEAx694F6wD10FMHb3xdgZwzMOzxafi7DdAx0feGTBe3DwrqcVsAPRR7wBHtEJoSmBYm2dX8AbFlfjydQd51Q7IrOCbw8aUanAF3f230yI4Le8CfXAFH4fgk1Y7/7+pbwXVm+O7R0beNituXi8UfpJIVyhdHTZucNQMfOk6t8LB6fzH52IjomZ0f5+8984tPL683YUNKeh+QI7yabW+T07S/DN1Myv/AMyfAkxuIUzjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>SQL Database</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Non Relational Database</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a non-relational database.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.NoSQL</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAQtJREFUOE99krFKA0EQhs8EO4t7hOQhokLOQCBWOa6xsxSsQ4qE+Ai2kjYhr5XaF7AQ1MKM88nOsdnb3YMPdv7/37md2ytEpLgYzTfKh3JSJAI6/oa8D5sxpHddn64mD+93z6tdCDo+OfJhAyGgxUwZK4MI6DNy5PU5b+D4VY4K48Cjt0bH/892GnDMy9vmU9fJb4BPjrrTYNg8vWoxVe4z4A+iDRxnI/ihAJq1dXIEC+i6Ur5Md1BXbYPECLbZ3xhSZUfQu/92Xgf+C/zsCLbOkRxB9fb4vm6YV7g3U4QjlE7Pwpeepkbo39Q/VsfAt/vkf+/cwvptv4htNPCtQYryZXtYhiehRheR8g/o7QMp4dB2sAAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Non Relational Database</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>NTFS</b:Value><b:Value>ExFAT</b:Value><b:Value>FAT</b:Value><b:Value>ReFS</b:Value><b:Value>IFS</b:Value><b:Value>UDF</b:Value><b:Value>Other</b:Value></a:AttributeValues><a:DisplayName>File System Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>fsType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>File System</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a file system.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.FS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASFJREFUOE9j+P//PwOjqfd/InE8SD0yJtUAEEYxBMUAIHDFhZEMQDEE3QC4yegYSTOKISiSMMXYMJJGZKyPIomsASp+GYiLoHwM76gEpnhiNQDIPgfEZ5nMfH6zWfo/ArIfA3EbkjxYvW5Elg9WA/jsQ66B+OxW/m+ZzX1+gthA27ph8jD1WA0A0seAmr5zWge+LZs0L9sqqXgui7nvdyB+CZS7TNAAoIYufofQ20ANXwSdwhoFHMO2Ag38LeoaecYysXgSQQOAWBZo+xMQHxgGf4D0PxBbyT9pBVBOHlk9zjAASizWj8xeAwpEcbfoc0D+ervUskKYPEEDgFgViNWEnSOuAp3dCWSrA7E4VI4oA2DYDIhl0cRwG0AqpoIBWT4AXz0GcRbZcbEAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>File System</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Registry</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Registry.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Registry</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAZxJREFUOE+Vkr1LQlEYxm9lSyFlUEuEEEFDxJ3KOxSSUEFqYoVJECoEQYt97eocqHO0VNgm0hC4hBQ0BEUNLUFQTbVV9Afcnudwj5x7uUENv3vPed6Pc877vpppmoKWsbAOaiAotb8gPgjKAbN/bvW0dTzyiXUJdDmd3RDBbYHI1275YAfCSKXeSHLfbswXnM5uaP5ouszTEfSKf8wTiF5wT90twEkzgRNnAmgpEFM1oqXzxXD3VOJJDe6cXHinbgX6QUOxs9DN+vDjBYaR2T6iw2hyo3r98DhLHfusVVShD4RTV1yDDyBuo15nEEyDYeCBgzi1YyL+ZhWYup4plHIo8LeVqKYmsEEHPuXw7HwJe59i62WnrAT2IBXpgCe84N8cLqxj8llEikGQlU6WJhwUOFwsoE2nY4kZvcHFOtZ3QP8lgSvCcau4v4kgvSe0fIsCXf47gcUz/75Q4oYJWHkWUbHb4OzsHVfXNaUlgqH42gkTAB/ngf1X7YQzA7sBvFoFLembWblnIvYYIvsti+nhXt5GngqNMwO7qf0AFBEVY8ZCOLAAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Registry Hive</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Configuration</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A configuration file, this includes XML, INI, and INF files.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.ConfigFile</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAZxJREFUOE+Vkr1LQlEYxm9lSyFlUEuEEEFDxJ3KOxSSUEFqYoVJECoEQYt97eocqHO0VNgm0hC4hBQ0BEUNLUFQTbVV9Afcnudwj5x7uUENv3vPed6Pc877vpppmoKWsbAOaiAotb8gPgjKAbN/bvW0dTzyiXUJdDmd3RDBbYHI1275YAfCSKXeSHLfbswXnM5uaP5ouszTEfSKf8wTiF5wT90twEkzgRNnAmgpEFM1oqXzxXD3VOJJDe6cXHinbgX6QUOxs9DN+vDjBYaR2T6iw2hyo3r98DhLHfusVVShD4RTV1yDDyBuo15nEEyDYeCBgzi1YyL+ZhWYup4plHIo8LeVqKYmsEEHPuXw7HwJe59i62WnrAT2IBXpgCe84N8cLqxj8llEikGQlU6WJhwUOFwsoE2nY4kZvcHFOtZ3QP8lgSvCcau4v4kgvSe0fIsCXf47gcUz/75Q4oYJWHkWUbHb4OzsHVfXNaUlgqH42gkTAB/ngf1X7YQzA7sBvFoFLembWblnIvYYIvsti+nhXt5GngqNMwO7qf0AFBEVY8ZCOLAAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Configuration File</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Cache</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a local data cache.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Cache</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAF1JREFUOE9j+P//PxwzmnrPB+L/BPB5IOaH6SFVMxgzmflcANJgQ0jWDMMwQ8jSDMMgQ0Au0AZiVzKxBcgFWE0nFoMNcM6smoaPxoZhcpS7AIu/SMKjYTAMwsD7PwDo1eAuODnTegAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cache</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>HTML5 Storage</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of HTML5 local storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.HTML5LS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAS1JREFUOE9j+P//P0UYqyApGEOA0dSbH4jtQTSaOEhMHlkMhFE4QAX6QPweiP+zWfoXoon/h+J4ZD3ImvORFP03TyhMgcm5ZFVpsVr4fUaSnw/EYBfCnAwSAEuCFHYvXpsOlBSFGQDEHEt37I8QcAy7A1PHZOZzAUjLM0AZYEExt6gLZ6/f8QFq4EXSDDcEiC10I7LWIhnygQHZac6ZVQ1ARSxImjBwRvsUf2Q9DO0LVqWg+a8em0YQBsr5g2yFqQ0oae4CSfCCnI3sPyCej0VzPEweKZykYApYjl++7gIKA5giIM5H0gyPRm7boBcgVwPFweEEtwGIQX43gQUStmgEWXDyyk13oBg8kJENgGF1IHYFYpRoBGJHIDYBYpRAhjPIxVgFScFYBYnH/xkAObxzbhFjTVgAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTML5 Local Storage</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>HTTPOnly</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>HTTPOnly</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Cookie</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of cookie storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Cookie</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGFJREFUOE9jYDT1/k8JBhvgnFk1rWTCnGJSMdwA1+zqsP///wuSiuEG6EZk+QAF0L1jj0UMQw6nATAxIHbFgkEuIM4AZDEkjN0FQIxhC5oYihyGASA2Eh4NgxEWBuRj7/8An7gYjzKNJXgAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cookies</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>GPS</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>GPS</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Contacts</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Contacts</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Calendar Events</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Calendar</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SMS messages</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SMSmessages</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Cached Credentials</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Creds</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Enterprise Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Enterprise</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Messaging Data (Mail, IM, SMS)</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>e-mail</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SIM Storage</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SIM</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Other Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>misc</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Device</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of device local storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Device</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAKpJREFUOE9j+P//P0UYzmA09bYH4v9E4noMAzisA7ZgUYgVM5v7fEQxACgoj66ICBwPNwBo+2QsCvBidiv/K2ADgBx+kJPQFRCJ7Rk4rQOTsEgQhblsApcysJj7PsImSSwGeQGrBLEYbIBzZtW0kglziknFcANcs6vDQLRuRJYPOg0MaUF0jKwGbABUoStUAToNT2xIGCwHN4ASDDONbIzuNJIxVkHi8X8GAIAQEkmTSFVLAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Device</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an HTTP data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.HTTP</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAADhJREFUOE9jYDT1/k8JHjWAWgaAAIwmBWA1AEQTw4bRcANgAF0hNjYMgPhkuwCGqWMAJXjUAO//APzi2/y5tNUIAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTTP</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an HTTPS data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.HTTPS</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAP9JREFUOE+10s1mQ0EYxvFECCGr3EcI0dBVKeFw6B1kFULpKqvSVSkl5A5yE9lmFbINJWSVVbZZhRBKmf6f8U5NT9pptbL4OWfmvO8zH06pfJG7/zh7wAzX6GCIFT7VpALWqDrnSoHGeLbvXirgMWp8wAKZjSfwdamApyhgbnNvuEQdW82lApZRwBVebX5kc/4oqQDxW7aGNkZo2riPkwDd8tTete1aCCji21h1xYAXNHAP38yzC61WiZqbOOAjYIM9dK67qDDDEarZQf/FErpMv2gI0HZaGBSaw8V9KwRIL2rO8WOzhAAV1635xsYnxV+Jd6CLusWvmyUO+IPcvQN8C4wQAsHzwgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTTPS</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an Binary data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.Binary</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGNJREFUOE9jYDT1/k8JhhnwGYjnAPEHKB8fBqkBqQXpgRswGYhB7BYoHx8GqQGpBelBccFMIH4L5ePDIDUgtSguIBtT3wAgYMCH0dVT3wBSMfUNQHcyOkZXPxwNIBVTaID3fwAn5sGwmvgmbgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Binary</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an IPsec data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.IPsec</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAPtJREFUOE+l0kFnA0EYxvGtUErIqdeeeiqlRG6lp5xCv0S+wVKW0lPJKacSSk79BqWUEHIKJZR8j5xKCWH6f9a8a2ynnWUPv8g7mecxO5vMOddK+XE0GP1liCU+MMUlqt9TBRfYwwU0Fyj3pAoeYMFHXOPdz2MkC+5hBTd+rYM1vnCWKujDClY4htbv/FqRKhA7smyg8NbP81iBbvnWf9exv2EFdXms4Ao7TGDhBeY4+Fl0im5YcI4e9IqeYBv1CCfQnlPof6G70WWWWSvI8YlnhGG7uKiwQF5g4Tf8G5awQJv1bhV+9fOvQF39BLqoGRqFpSpoI7rYnMt+APCSd3DankzjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>IPsec</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a named pipe data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.NamedPipe</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAKxJREFUOE9jYDT1rgDin0D8HwueD8QgNfxAfBIqhowvgSS/AfFtIJ6JAzsBMS5DwAaAGEuBGMTGh0EGHANisgzApploA7BpLoWKwQ2YBsToGkEYm78zgRgkxwPEM0EMfAZwAvFeIEbXDMPMIAKfASAMMwRdcxQQE2UALrwFiKeBGJQYQDAQ8eHBYcA9EIMSAx6CGJ+B+BUQnyERfwBisBdCgPgwVJAUDEwb3vYAyzfmxSXYv1YAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Named Pipe</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a SMBv1 or SMBv2 data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.SMB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEhJREFUOE/NzLENACAMA8EwFFNk/3kCpotc2VBg6eTuY8ysGyewF463AbyCAo4WwCso4GgBvIICjhbAKyjgaAG8ggKOjwK+rAUpwkqHruWEswAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>SMB</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an RPC or Distributed COM (DCOM) data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.RPC</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAG5JREFUOE+VjMENwDAIA5OhOkX3n4eqSK4cakfhEeQ7E0ZE5JvXHe8Dn7rWsnKtZTD79oGa7bJyKttl5cDsbcEerNwnIWpmVk5+4sys3CJrWVk5W4CdB28PuMycQxW7zJxDFWDnwfbAqWst/12MB+3XXGPkZTU+AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>RPC or DCOM</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an (Advanced) Local Procedure Call data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.ALPC</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>ALPC</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      User Data Protocol Transport.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.UDP</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>UDP</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An interface for an application to communicate to a device driver.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.IOCTL</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>IOCTL Interface</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An arc representation of an Internet trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Internet</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Internet Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An arc representation of a machine trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Machine</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Machine Trust Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of user-model / kernel-mode separation.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Kernel</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>User mode or Kernel mode Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation for a Window Store AppContainer boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.AppContainer</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>AppContainer Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of a corporate network trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.CorpNet</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>CorpNet Trust Boundary</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of a sandbox trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.Sandbox</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Sandbox Trust Boundary Border</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Low Integrity Level Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>IntegrityLevel</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>App Container Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>AppContainer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>JavaScript</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Flash Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Flash</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Describes the types of trust boundaries implemented by Internet Explorer.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.IEB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Internet Explorer Boundaries</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Chrome JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>ChromeJava</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Chrome Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Chrome</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Firefox JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>FirefoxJava</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Describes the types of trust boundaries implemented by Google Chrome and Firefox.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.NonIEB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Other Browsers Boundaries</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType></a:StandardElements><a:ThreatCategories><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>S</a:Id><a:LongDescription/><a:Name>Spoofing</a:Name><a:ShortDescription>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>T</a:Id><a:LongDescription/><a:Name>Tampering</a:Name><a:ShortDescription>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>R</a:Id><a:LongDescription/><a:Name>Repudiation</a:Name><a:ShortDescription>Repudiation threats involve an adversary denying that something happened.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>I</a:Id><a:LongDescription/><a:Name>Information Disclosure</a:Name><a:ShortDescription>Information disclosure happens when the information can be read by an unauthorized party.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>D</a:Id><a:LongDescription/><a:Name>Denial Of Service</a:Name><a:ShortDescription>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>E</a:Id><a:LongDescription/><a:Name>Elevation Of Privilege</a:Name><a:ShortDescription>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>A</a:Id><a:LongDescription/><a:Name>Abuse</a:Name><a:ShortDescription>Abuse is when a legitimate user violates the terms of use for the system without violating a system security policy.</a:ShortDescription></a:ThreatCategory></a:ThreatCategories><a:ThreatMetaData><IsPriorityUsed>true</IsPriorityUsed><IsStatusUsed>true</IsStatusUsed><PropertiesMetaData><ThreatMetaDatum><Name>Title</Name><Label>Title</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>ac0f9ea8-3b39-4ce9-bac2-6787124d7b48</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatCategory</Name><Label>Category</Label><HideFromUI>false</HideFromUI><Values i:nil="true" xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><Id i:nil="true"/></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string><b:string>Repudiation threats involve an adversary denying that something happened.</b:string><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string><b:string>Abuse is when a legitimate user violates the terms of use for the system without violating a system security policy.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>StateInformation</Name><Label>Justification</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>0406a684-e06e-4643-ba21-0f63104d9131</Id></ThreatMetaDatum><ThreatMetaDatum><Name>InteractionString</Name><Label>Interaction</Label><HideFromUI>false</HideFromUI><Values i:nil="true" xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><Id>d64f8926-f09d-4d67-a86f-fb4ad5036451</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>High</b:string><b:string>Medium</b:string><b:string>Low</b:string></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></PropertiesMetaData></a:ThreatMetaData><a:ThreatTypes><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>SU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the source process.</a:Description><a:GenerationFilters><a:Exclude>flow.authenticatesSource is 'Yes' or source.implementsAuthenticationScheme is 'Yes'</a:Exclude><a:Include>source is 'GE.P' and (target is 'GE.P' or target is 'GE.DS') and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the source process.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {source.Name} Process</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to information disclosure by {source.Name}. Consider using a standard authentication mechanism to identify the destination process.</a:Description><a:GenerationFilters><a:Exclude>flow.authenticatesDestination is 'Yes'</a:Exclude><a:Include>(source is 'GE.P' or source is 'GE.EI' or source is 'GE.DS') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to information disclosure by {source.Name}. Consider using a standard authentication mechanism to identify the destination process.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {target.Name} Process</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</a:Description><a:GenerationFilters><a:Exclude>source.authenticatesItself is 'Yes' or flow.authenticatesSource is 'Yes'</a:Exclude><a:Include>source is 'GE.EI' and target is 'GE.P'</a:Include></a:GenerationFilters><a:Id>S3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {source.Name} External Entity</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to incorrect data delivered to {target.Name}. Consider using a standard authentication mechanism to identify the source data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>S7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to incorrect data delivered to {target.Name}. Consider using a standard authentication mechanism to identify the source data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of Source Data Store {source.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the destination data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>S7.1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the destination data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of Destination Data Store {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to data being sent to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.EI' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to data being sent to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of the {target.Name} External Destination Entity</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>TU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Tampering (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to a denial of service attack against {target.Name} or an elevation of privilege attack against {target.Name} or an information disclosure by {target.Name}. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Description><a:GenerationFilters><a:Exclude>(flow.providesConfidentiality is 'Yes' and flow.providesIntegrity is 'Yes')</a:Exclude><a:Include>(source is 'GE.P' or source is 'GE.EI') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>T1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to a denial of service attack against {target.Name} or an elevation of privilege attack against {target.Name} or an information disclosure by {target.Name}. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Lack of Input Validation for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If {source.Name} is given access to memory, such as shared memory or pointers, or is given the ability to control what {target.Name} executes (for example, passing back a function pointer.), then {source.Name} can tamper with {target.Name}. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and target.codeType is 'Unmanaged'</a:Include></a:GenerationFilters><a:Id>T2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If {source.Name} is given access to memory, such as shared memory or pointers, or is given the ability to control what {target.Name} executes (for example, passing back a function pointer.), then {source.Name} can tamper with {target.Name}. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>{source.Name} Process Memory Tampered</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Packets or messages without sequence numbers or timestamps can be captured and replayed in a wide variety of ways. Implement or utilize an existing communication protocol that supports anti-replay techniques (investigate sequence numbers before timers) and strong integrity.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsCommunicationProtocol is 'Yes'</a:Include></a:GenerationFilters><a:Id>T3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Packets or messages without sequence numbers or timestamps can be captured and replayed in a wide variety of ways. Implement or utilize an existing communication protocol that supports anti-replay techniques (investigate sequence numbers before timers) and strong integrity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Replay Attacks</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Attackers who can send a series of packets or messages may be able to overlap data. For example, packet 1 may be 100 bytes starting at offset 0. Packet 2 may be 100 bytes starting at offset 25. Packet 2 will overwrite 75 bytes of packet 1. Ensure you reassemble data before filtering it, and ensure you explicitly handle these sorts of cases.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsCommunicationProtocol is 'Yes'</a:Include></a:GenerationFilters><a:Id>T4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Attackers who can send a series of packets or messages may be able to overlap data. For example, packet 1 may be 100 bytes starting at offset 0. Packet 2 may be 100 bytes starting at offset 25. Packet 2 will overwrite 75 bytes of packet 1. Ensure you reassemble data before filtering it, and ensure you explicitly handle these sorts of cases.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Collision Attacks</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes') or (target is 'GE.P' and source is 'GE.DS' and source.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>T5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Risks from Logging</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>An attacker can read or modify data transmitted over an authenticated dataflow.</a:Description><a:GenerationFilters><a:Exclude>(flow.providesConfidentiality is 'Yes' and flow.providesIntegrity is 'Yes')</a:Exclude><a:Include>(flow.authenticatesSource is 'Yes' or flow.authenticatesDestination is 'Yes')</a:Include></a:GenerationFilters><a:Id>T6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An attacker can read or modify data transmitted over an authenticated dataflow.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Authenticated Data Flow Compromised</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>
        (target is 'SE.DS.TMCore.SQL' and source is 'GE.P')
      </a:Include></a:GenerationFilters><a:Id>T7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential SQL Injection Vulnerability for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>
        (target is 'SE.DS.TMCore.SQL' and source is 'GE.EI')
      </a:Include></a:GenerationFilters><a:Id>T8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Possible SQL Injection Vulnerability for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If a dataflow contains XML, XML processing threats (DTD and XSLT code execution) may be exploited.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(flow.XMLenc is 'Yes' and target is 'GE.P')</a:Include></a:GenerationFilters><a:Id>T11</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If a dataflow contains XML, XML processing threats (DTD and XSLT code execution) may be exploited.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>XML DTD and XSLT Processing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If a dataflow contains JSON, JSON processing and hijacking threats may be exploited.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>((flow is 'SE.DF.TMCore.HTTP' or flow is 'SE.DF.TMCore.HTTPS') and flow.JSON is 'Yes' and target is 'GE.P')</a:Include></a:GenerationFilters><a:Id>T12</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If a dataflow contains JSON, JSON processing and hijacking threats may be exploited.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>JavaScript Object Notation Processing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>The web server '{target.Name}' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Description><a:GenerationFilters><a:Exclude>(target.hasOutputSanitizers is 'Yes') and (target.hasInputSanitizers is 'Yes')</a:Exclude><a:Include>(target is 'SE.P.TMCore.WebServer' or target is 'SE.P.TMCore.WebApp')</a:Include></a:GenerationFilters><a:Id>T13.1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>The web server '{target.Name}' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Cross Site Scripting</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>The web server '{target.Name}' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store '{source.Name}' inputs and output.</a:Description><a:GenerationFilters><a:Exclude>(target.hasOutputSanitizers is 'Yes') and (target.hasInputSanitizers is 'Yes')</a:Exclude><a:Include>(target is 'SE.P.TMCore.WebServer' or target is 'SE.P.TMCore.WebApp') and source is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>T13.2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>The web server '{target.Name}' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store '{source.Name}' inputs and output.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Persistent Cross Site Scripting</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to corruption of {target.Name}. Ensure the integrity of the data flow to the data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>T18</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to corruption of {target.Name}. Ensure the integrity of the data flow to the data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>The {target.Name} Data Store Could Be Corrupted</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>RU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Repudiation (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>If you have trust levels, is anyone other outside of the highest trust level allowed to log? Letting everyone write to your logs can lead to repudiation problems. Only allow trusted code to log.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and (target is 'GE.DS') and (target.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>R1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If you have trust levels, is anyone other outside of the highest trust level allowed to log? Letting everyone write to your logs can lead to repudiation problems. Only allow trusted code to log.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Lower Trusted Subject Updates Logs</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Do you accept logs from unknown or weakly authenticated users or systems? Identify and authenticate the source of the logs before accepting them.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and (target is 'GE.DS') and (target.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>R2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Do you accept logs from unknown or weakly authenticated users or systems? Identify and authenticate the source of the logs before accepting them.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Logs from an Unknown Source</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Does the log capture enough data to understand what happened in the past? Do your logs capture enough data to understand an incident after the fact? Is such capture lightweight enough to be left on all the time? Do you have enough data to deal with repudiation claims? Make sure you log sufficient and appropriate data to handle a repudiation claims. You might want to talk to an audit expert as well as a privacy expert about your choice of data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes'</a:Include></a:GenerationFilters><a:Id>R3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Does the log capture enough data to understand what happened in the past? Do your logs capture enough data to understand an incident after the fact? Is such capture lightweight enough to be left on all the time? Do you have enough data to deal with repudiation claims? Make sure you log sufficient and appropriate data to handle a repudiation claims. You might want to talk to an audit expert as well as a privacy expert about your choice of data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Insufficient Auditing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Consider what happens when the audit mechanism comes under attack, including attempts to destroy the logs, or attack log analysis programs. Ensure access to the log is through a reference monitor, which controls read and write separately. Document what filters, if any, readers can rely on, or writers should expect</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes'</a:Include></a:GenerationFilters><a:Id>R4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Consider what happens when the audit mechanism comes under attack, including attempts to destroy the logs, or attack log analysis programs. Ensure access to the log is through a reference monitor, which controls read and write separately. Document what filters, if any, readers can rely on, or writers should expect</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Weak Protections for Audit Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Data Repudiation by {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not receive data from a process on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.EI' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not receive data from a process on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>External Entity {target.Name} Potentially Denies Receiving Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Store Denies {target.Name} Potentially Writing Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>IU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Information Disclosure (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Can you access {target.Name} and bypass the permissions for the object? For example by editing the files directly with a hex editor, or reaching it via filesharing? Ensure that your program is the only one that can access the data, and that all other subjects have to use your interface.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and source.implementsCustomAuthorizationMechanism is 'Yes'</a:Include></a:GenerationFilters><a:Id>I2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Can you access {target.Name} and bypass the permissions for the object? For example by editing the files directly with a hex editor, or reaching it via filesharing? Ensure that your program is the only one that can access the data, and that all other subjects have to use your interface.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Authorization Bypass</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Data flowing across {flow.Name} may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Description><a:GenerationFilters><a:Exclude>flow.providesConfidentiality is 'Yes'</a:Exclude><a:Include>((source is 'GE.P' or source is 'GE.EI') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')) or (source is 'GE.P' and target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B'))</a:Include></a:GenerationFilters><a:Id>I6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Flow Sniffing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Improper data protection of {source.name} can allow an attacker to read information not intended for disclosure. Review authorization settings.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.DS' and (target is 'GE.P' or target is 'GE.EI')</a:Include></a:GenerationFilters><a:Id>I23</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Improper data protection of {source.name} can allow an attacker to read information not intended for disclosure. Review authorization settings.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Access Control for a Resource</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesCredentials is 'Yes'</a:Include></a:GenerationFilters><a:Id>I24</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Credential Storage</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Credentials on the wire are often subject to sniffing by an attacker. Are the credentials re-usable/re-playable? Are credentials included in a message? For example, sending a zip file with the password in the email. Use strong cryptography for the transmission of credentials. Use the OS libraries if at all possible, and consider cryptographic algorithm agility, rather than hardcoding a choice.</a:Description><a:GenerationFilters><a:Exclude>flow is 'SE.DF.TMCore.HTTPS' or flow is 'SE.DF.TMCore.IPsec'</a:Exclude><a:Include>source is 'GE.P' and (target is 'GE.P' or target is 'GE.DS') and (flow crosses 'SE.TB.L.TMCore.Machine')</a:Include></a:GenerationFilters><a:Id>I25</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Credentials on the wire are often subject to sniffing by an attacker. Are the credentials re-usable/re-playable? Are credentials included in a message? For example, sending a zip file with the password in the email. Use strong cryptography for the transmission of credentials. Use the OS libraries if at all possible, and consider cryptographic algorithm agility, rather than hardcoding a choice.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Credential Transit</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Custom authentication schemes are susceptible to common weaknesses such as weak credential change management, credential equivalence, easily guessable credentials, null credentials, downgrade authentication or a weak credential change management system. Consider the impact and potential mitigations for your custom authentication scheme.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsAuthenticationScheme is 'Yes'</a:Include></a:GenerationFilters><a:Id>I26</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Custom authentication schemes are susceptible to common weaknesses such as weak credential change management, credential equivalence, easily guessable credentials, null credentials, downgrade authentication or a weak credential change management system. Consider the impact and potential mitigations for your custom authentication scheme.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Authentication Scheme</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>DU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Denial Of Service (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>Does {source.Name} or {target.Name} take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>D2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Does {source.Name} or {target.Name} take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Excessive Resource Consumption for {source.Name} or {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>{target.Name} crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} crashes, halts, stops or runs slowly; in all cases violating an availability metric.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Process Crash or Stop for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>An external agent interrupts data flowing across a trust boundary in either direction.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An external agent interrupts data flowing across a trust boundary in either direction.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Flow {flow.Name} Is Potentially Interrupted</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>An external agent prevents access to a data store on the other side of the trust boundary.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.DS' or target is 'GE.DS') and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An external agent prevents access to a data store on the other side of the trust boundary.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Store Inaccessible</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>EU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation Of Privilege (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Common SSO implementations such as OAUTH2 and OAUTH Wrap are vulnerable to MitM attacks.</a:Description><a:GenerationFilters><a:Exclude>(target is 'SE.EI.TMCore.AuthProvider' and target.MS is 'Yes')</a:Exclude><a:Include>target is 'SE.EI.TMCore.AuthProvider'</a:Include></a:GenerationFilters><a:Id>E3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Common SSO implementations such as OAUTH2 and OAUTH Wrap are vulnerable to MitM attacks.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weakness in SSO Authorization</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>{target.Name} may be able to impersonate the context of {source.Name} in order to gain additional privilege.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.EI' or source is 'GE.P') and target is 'GE.P'</a:Include></a:GenerationFilters><a:Id>E5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be able to impersonate the context of {source.Name} in order to gain additional privilege.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation Using Impersonation</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>{source.Name} may be able to remotely execute code for {target.Name}.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>E6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be able to remotely execute code for {target.Name}.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>{target.Name} May be Subject to Elevation of Privilege Using Remote Code Execution</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>An attacker may pass data into {target.Name} in order to change the flow of program execution within {target.Name} to the attacker's choosing.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>E7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An attacker may pass data into {target.Name} in order to change the flow of program execution within {target.Name} to the attacker's choosing.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation by Changing the Execution Flow in {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</a:Description><a:GenerationFilters><a:Exclude>(source is 'SE.P.TMCore.OSProcess' or source is 'SE.P.TMCore.Thread' or source is 'SE.P.TMCore.KernelThread' or source is 'SE.P.TMCore.WinApp' or source is 'SE.P.TMCore.NetApp' or source is 'SE.P.TMCore.WebServer' or source is 'SE.P.TMCore.Win32Service' or  source is 'SE.P.TMCore.WebSvc' or source is 'SE.P.TMCore.VM' or (source is 'SE.P.TMCore.Modern' and source.internetClientServer is 'No' and source.internetClient is 'No' ) or source is 'SE.EI.TMCore.AuthProvider' or source is 'SE.EI.TMCore.WebSvc' or source is 'SE.EI.TMCore.WebApp' or source is 'SE.EI.TMCore.Megasevrice' or source is 'SE.EI.TMCore.CRT' or source is 'SE.EI.TMCore.NFX' or source is 'SE.EI.TMCore.WinRT' ) or (target is 'SE.P.TMCore.ThickClient' or target is 'SE.P.TMCore.BrowserClient' or target is 'SE.P.TMCore.PlugIn' or target is 'SE.P.TMCore.Modern') or (flow crosses 'SE.TB.L.TMCore.Machine' or flow crosses 'SE.TB.L.TMCore.Kernel' or flow crosses 'SE.TB.L.TMCore.AppContainer' or flow crosses 'SE.TB.B.TMCore.CorpNet' or flow crosses 'SE.TB.B.TMCore.Sandbox')</a:Exclude><a:Include>(source is 'GE.P' or  source is  'GE.EI') and (target is 'GE.P' ) and (flow.authenticatesSource is 'Not Selected' or  flow.authenticatesSource is 'Yes') and (flow.54851a3b-65da-4902-b4e0-94ef015be735 is 'None' or flow.54851a3b-65da-4902-b4e0-94ef015be735 is 'Not Selected' ) and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>8404dcf5-bdd8-4902-abc2-3b6c967b0261</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory/><a:ShortTitle>Cross Site Request Forgery</a:ShortTitle></a:ThreatType></a:ThreatTypes></KnowledgeBase><Profile><PromptedKb xmlns=""/></Profile></ThreatModel>