ThreatModel.tm7

<ThreatModel xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><DrawingSurfaceList><DrawingSurfaceModel z:Id="i1" xmlns:z="http://schemas.microsoft.com/2003/10/Serialization/"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">DRAWINGSURFACE</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">0634b2be-4f0c-49ea-891c-d3d06f17e21b</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts" xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Diagram</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Diagram 1</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">DRAWINGSURFACE</TypeId><Borders xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfguidanyType><a:Key>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value z:Id="i2" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Web Server</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Web Server</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Managed</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>7</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.WebServer</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">573</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">248</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>7a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value z:Id="i3" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">7a6a6b54-e754-4e5e-be67-8bb06b758b78</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Browser Client</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Browser Client</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Unmanaged</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.BrowserClient</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">203</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">267</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>37b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value z:Id="i4" i:type="StencilEllipse"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.P</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">37b03a69-1e59-4f81-97db-13e067ed079e</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Web Service</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Stripe Web Service</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Code Type</b:DisplayName><b:Name>codeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Unmanaged</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Process</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Running As</b:DisplayName><b:Name>runningAs</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Kernel</a:string><a:string>System</a:string><a:string>Network Service</a:string><a:string>Local Service</a:string><a:string>Administrator</a:string><a:string>Standard User With Elevation</a:string><a:string>Standard User Without Elevation</a:string><a:string>Windows Store App</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Isolation Level</b:DisplayName><b:Name>Isolation</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>AppContainer</a:string><a:string>Low Integrity Level</a:string><a:string>Microsoft Office Isolated Conversion Environment (MOICE)</a:string><a:string>Sandbox</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Accepts Input From</b:DisplayName><b:Name>acceptsInputFrom</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Any Remote User or Entity</a:string><a:string>Kernel, System, or Local Admin</a:string><a:string>Local or Network Service</a:string><a:string>Local Standard User With Elevation</a:string><a:string>Local Standard User Without Elevation</a:string><a:string>Windows Store Apps or App Container Processes</a:string><a:string>Nothing</a:string><a:string>Other</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authentication Mechanism</b:DisplayName><b:Name>implementsAuthenticationScheme</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses an Authorization Mechanism</b:DisplayName><b:Name>implementsCustomAuthorizationMechanism</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Implements or Uses a Communication Protocol</b:DisplayName><b:Name>implementsCommunicationProtocol</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Input</b:DisplayName><b:Name>hasInputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Sanitizes Output</b:DisplayName><b:Name>hasOutputSanitizers</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.P.TMCore.WebSvc</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">578</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">40</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>6ad6021b-363a-4376-a536-6cf701dbdc4a</a:Key><a:Value z:Id="i5" i:type="StencilParallelLines"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DS</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6ad6021b-363a-4376-a536-6cf701dbdc4a</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SQL Database</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">SQL Database</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Store Type</b:DisplayName><b:Name>storeType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>SQL Relational Database</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Store</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Credentials</b:DisplayName><b:Name>storesCredentials</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Stores Log Data</b:DisplayName><b:Name>storesLogData</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Encrypted</b:DisplayName><b:Name>Encrypted</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Signed</b:DisplayName><b:Name>Signed</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Write Access</b:DisplayName><b:Name>AccessType</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Removable Storage</b:DisplayName><b:Name>RemoveableStorage</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Backup</b:DisplayName><b:Name>Backup</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Shared</b:DisplayName><b:Name>shared</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DS.TMCore.SQL</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">574</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">413</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">100</Width></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>568183b9-0c1c-4254-a714-0aa3f9d15a0d</a:Key><a:Value z:Id="i6" i:type="BorderBoundary"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.TB.B</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">568183b9-0c1c-4254-a714-0aa3f9d15a0d</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Generic Trust Border Boundary</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">Generic Trust Border Boundary</b:Value></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.TB.B</TypeId><Height xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">291</Height><Left xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">545</Left><StrokeDashArray i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"/><StrokeThickness xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">1</StrokeThickness><Top xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">229</Top><Width xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">292</Width></a:Value></a:KeyValueOfguidanyType></Borders><Header>Diagram 1</Header><Lines xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfguidanyType><a:Key>9f0794b6-4d19-4838-918c-591dc44d4f1e</a:Key><a:Value z:Id="i7" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">9f0794b6-4d19-4838-918c-591dc44d4f1e</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">325</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">70</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">7a6a6b54-e754-4e5e-be67-8bb06b758b78</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">208</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">317</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">37b03a69-1e59-4f81-97db-13e067ed079e</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">628</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">46</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>6905e50e-adfd-405a-a0b6-6e7d870d7730</a:Key><a:Value z:Id="i8" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6905e50e-adfd-405a-a0b6-6e7d870d7730</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">375</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">102</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">North</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">37b03a69-1e59-4f81-97db-13e067ed079e</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">583</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">90</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">7a6a6b54-e754-4e5e-be67-8bb06b758b78</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">253</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">273</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>31f4e205-a3b3-4361-a6ce-cc964a824337</a:Key><a:Value z:Id="i9" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">31f4e205-a3b3-4361-a6ce-cc964a824337</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">593</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">181</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">37b03a69-1e59-4f81-97db-13e067ed079e</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">596</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">121</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">591</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">266</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</a:Key><a:Value z:Id="i10" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">9c166f5f-32c6-4e4e-b932-ee99af2c41a7</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">658</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">184</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">654</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">266</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">37b03a69-1e59-4f81-97db-13e067ed079e</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">659</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">121</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>b1641751-4cb9-4d0e-9319-3d9133c236a5</a:Key><a:Value z:Id="i11" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">b1641751-4cb9-4d0e-9319-3d9133c236a5</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">585</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">364</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">South</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">623</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">343</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6ad6021b-363a-4376-a536-6cf701dbdc4a</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">579</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">418</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</a:Key><a:Value z:Id="i12" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>1</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">702</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">328</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">NorthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">6ad6021b-363a-4376-a536-6cf701dbdc4a</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">669</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">418</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">654</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">329</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</a:Key><a:Value z:Id="i13" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">439</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">365</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthEast</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SouthWest</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">7a6a6b54-e754-4e5e-be67-8bb06b758b78</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">284</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">348</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">591</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">329</TargetY></a:Value></a:KeyValueOfguidanyType><a:KeyValueOfguidanyType><a:Key>3aad4936-015a-4a2a-81f8-14c70cfc5617</a:Key><a:Value z:Id="i14" i:type="Connector"><GenericTypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">GE.DF</GenericTypeId><Guid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">3aad4936-015a-4a2a-81f8-14c70cfc5617</Guid><Properties xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts"><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>HTTPS</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Name</b:DisplayName><b:Name/><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema">HTTPS</b:Value></a:anyType><a:anyType i:type="b:BooleanDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Out Of Scope</b:DisplayName><b:Name>71f3d9aa-b8ef-4e54-8126-607a1d903103</b:Name><b:Value i:type="c:boolean" xmlns:c="http://www.w3.org/2001/XMLSchema">false</b:Value></a:anyType><a:anyType i:type="b:StringDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Reason For Out Of Scope</b:DisplayName><b:Name>752473b6-52d4-4776-9a24-202153f7d579</b:Name><b:Value i:type="c:string" xmlns:c="http://www.w3.org/2001/XMLSchema"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Predefined Static Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Destination Authenticated</b:DisplayName><b:Name>authenticatesDestination</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Confidentiality</b:DisplayName><b:Name>providesConfidentiality</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:StaticListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Provides Integrity</b:DisplayName><b:Name>providesIntegrity</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Configurable Attributes</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:HeaderDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>As Generic Data Flow</b:DisplayName><b:Name/><b:Value i:nil="true"/></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Physical Network</b:DisplayName><b:Name>channel</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>Wire</a:string><a:string>Wi-Fi</a:string><a:string>Bluetooth</a:string><a:string>2G-4G</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Source Authenticated</b:DisplayName><b:Name>authenticatesSource</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Transmits XML</b:DisplayName><b:Name>XMLenc</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Contains Cookies</b:DisplayName><b:Name>Cookies</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Yes</a:string><a:string>No</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>SOAP Payload</b:DisplayName><b:Name>SOAP</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>REST Payload</b:DisplayName><b:Name>REST</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>RSS Payload</b:DisplayName><b:Name>RSS</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>JSON Payload</b:DisplayName><b:Name>JSON</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>No</a:string><a:string>Yes</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType><a:anyType i:type="b:ListDisplayAttribute" xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:DisplayName>Forgery Protection</b:DisplayName><b:Name>54851a3b-65da-4902-b4e0-94ef015be735</b:Name><b:Value i:type="a:ArrayOfstring"><a:string>Not Selected</a:string><a:string>ValidateAntiForgeryTokenAttribute</a:string><a:string>ViewStateUserKey</a:string><a:string>Nonce</a:string><a:string>Other dynamic canary</a:string><a:string>Static header not available to the browser</a:string><a:string>Other</a:string><a:string>None</a:string><a:string>Not applicable because the request does not change data</a:string></b:Value><b:SelectedIndex>0</b:SelectedIndex></a:anyType></Properties><TypeId xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">SE.DF.TMCore.HTTPS</TypeId><HandleX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">436</HandleX><HandleY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">288</HandleY><PortSource xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">West</PortSource><PortTarget xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">East</PortTarget><SourceGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">5cd9ded7-83c4-40a7-b1e3-5805e5b19267</SourceGuid><SourceX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">578</SourceX><SourceY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">298</SourceY><TargetGuid xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">7a6a6b54-e754-4e5e-be67-8bb06b758b78</TargetGuid><TargetX xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">298</TargetX><TargetY xmlns="http://schemas.datacontract.org/2004/07/ThreatModeling.Model.Abstracts">317</TargetY></a:Value></a:KeyValueOfguidanyType></Lines><Zoom>1</Zoom></DrawingSurfaceModel></DrawingSurfaceList><MetaInformation><Assumptions>We assume that it is in Stripes interests to provide a stable, secure service with minimal downtime.</Assumptions><Contributors>John Steel</Contributors><ExternalDependencies>Stripe's Credit Card Payment Service</ExternalDependencies><HighLevelSystemDescription>This service allows customers to purchase and review games, create wish lists and track game-related events.</HighLevelSystemDescription><Owner>Sea Sharpe</Owner><Reviewer/><ThreatModelName>Conestoga VideoGame Store Threat Model</ThreatModelName></MetaInformation><Notes/><ThreatInstances xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T27a6a6b54-e754-4e5e-be67-8bb06b758b789f0794b6-4d19-4838-918c-591dc44d4f1e37b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9f0794b6-4d19-4838-918c-591dc44d4f1e</b:FlowGuid><b:Id>45</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:9f0794b6-4d19-4838-918c-591dc44d4f1e:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:46:15.3001812-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Browser Client Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If Browser Client is given access to memory, such as shared memory or pointers, or is given the ability to control what Stripe Web Service executes (for example, passing back a function pointer.), then Browser Client can tamper with Stripe Web Service. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>The Stripe web service is not under our control and the only information that could be compromised in such an event is the customer's information. If the customer's computer was already compromised their keystrokes may already have been logged. We cannot help the customer in such as situation. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E57a6a6b54-e754-4e5e-be67-8bb06b758b789f0794b6-4d19-4838-918c-591dc44d4f1e37b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9f0794b6-4d19-4838-918c-591dc44d4f1e</b:FlowGuid><b:Id>1</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:9f0794b6-4d19-4838-918c-591dc44d4f1e:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T14:32:42.4131036-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service may be able to impersonate the context of Browser Client in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Stripe would only be able to gain the privilege of an account that it has the credentials for. In our scenario, stripe already stores the most crucial information for our users, their credit card information. &#xD;
</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T237b03a69-1e59-4f81-97db-13e067ed079e6905e50e-adfd-405a-a0b6-6e7d870d77307a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>6905e50e-adfd-405a-a0b6-6e7d870d7730</b:FlowGuid><b:Id>2</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:6905e50e-adfd-405a-a0b6-6e7d870d7730:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T14:32:36.7250835-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Stripe Web Service Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If Stripe Web Service is given access to memory, such as shared memory or pointers, or is given the ability to control what Browser Client executes (for example, passing back a function pointer.), then Stripe Web Service can tamper with Browser Client. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>We have to trust Stripe not to do this. &#xD;
</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E537b03a69-1e59-4f81-97db-13e067ed079e6905e50e-adfd-405a-a0b6-6e7d870d77307a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>6905e50e-adfd-405a-a0b6-6e7d870d7730</b:FlowGuid><b:Id>3</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:6905e50e-adfd-405a-a0b6-6e7d870d7730:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:20:32.2719146-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client may be able to impersonate the context of Stripe Web Service in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Client cannot impersonate stripe without knowledge of their Certificate Private Key. We trust that stripe's private key stays private. Should it be stolen we trust that stripe would revoke their certificate to prevent this kind of attack.&#xD;
</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S137b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>4</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:03:07.9513712-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Stripe Web Service Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service may be spoofed by an attacker and this may lead to unauthorized access to Web Server. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Stripe is identified by it's HTTPs certificate.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.137b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>5</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:06:54.5098412-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Sanitization is handled by the Razor 5 and Entity frameworks, even so, tests will be done to ensure this. See Github Implementation Issue #1.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R637b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>6</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:08:49.0420305-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>IIS Access logs will configured to include this information.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D337b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>7</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:45:24.508095-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Stripe does not rely on our web server to operate and if they did we wouldn't care.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D437b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>8</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:40:45.2267648-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>If an ISP, goverment or other entity interupts traffic between a client and us or between us and stripe we would no longer be able to process sales. We would take all aproprate steps to ensure such a thing does not happen.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E537b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>9</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:28:31.1515861-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be able to impersonate the context of Stripe Web Service in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>We use stripe so that we don't have to store credit card information on our systems, but the web server could pretend to be stripe (or just be patched to work without stripe) and customer credit card information could be captured. This could do signifigant harm to our brand if it was discovered. We should make sure that this never happens. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E637b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>10</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:46:18.4969739-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Web Server May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service may be able to remotely execute code for Web Server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>We will take care to sanitize all inputs from Stripe and throw exceptions/log errors when unexpected values are recived. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E737b03a69-1e59-4f81-97db-13e067ed079e31f4e205-a3b3-4361-a6ce-cc964a8243375cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>31f4e205-a3b3-4361-a6ce-cc964a824337</b:FlowGuid><b:Id>11</b:Id><b:InteractionKey>37b03a69-1e59-4f81-97db-13e067ed079e:31f4e205-a3b3-4361-a6ce-cc964a824337:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:32:53.0520397-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into Web Server in order to change the flow of program execution within Web Server to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>User inputs will inevitably effect the flow of our server software but we will take care to ensure that there are not any implementation bugs where a user is able to take actions that they are not authorized to do. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S15cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>12</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:34:37.4666141-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be spoofed by an attacker and this may lead to unauthorized access to Stripe Web Service. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Stripe provides credentails for the server, as long as those credentails are not leaked, the web service cannot be spoofed in this mannor. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T25cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>13</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:36:51.1138445-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Web Server Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If Web Server is given access to memory, such as shared memory or pointers, or is given the ability to control what Stripe Web Service executes (for example, passing back a function pointer.), then Web Server can tamper with Stripe Web Service. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Web Server is on a private server and does not share memory. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R65cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>14</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:37:10.2612554-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Stripe Web Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Out of Scope</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D35cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>15</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:40:17.1217484-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Stripe Web Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>If the Stripe service has issues, we will no longer be able to complete sales; however, we can still function as a social hub for game &amp; event information.  This issue could cost us revenue. We trust that to protect their brand name and to not loose out of revenue themselves, Stripe will strive to keep their downtime to a minimum. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D45cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>16</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:42:01.0535665-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>If an ISP, goverment or other entity interupts traffic between a client and us or between us and stripe we would no longer be able to process sales. We would take all aproprate steps to ensure such a thing does not happen.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E55cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>17</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:21:18.8017156-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Stripe Web Service may be able to impersonate the context of Web Server in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>The calls to and callbacks from stripe are too specific and should not lend themselves to elevation of privlege bugs</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E65cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>18</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:23:12.0058678-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Stripe Web Service May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be able to remotely execute code for Stripe Web Service.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Attacks against stripe from our server are out of scope.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E75cd9ded7-83c4-40a7-b1e3-5805e5b192679c166f5f-32c6-4e4e-b932-ee99af2c41a737b03a69-1e59-4f81-97db-13e067ed079e</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>9c166f5f-32c6-4e4e-b932-ee99af2c41a7</b:FlowGuid><b:Id>19</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:9c166f5f-32c6-4e4e-b932-ee99af2c41a7:37b03a69-1e59-4f81-97db-13e067ed079e</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:23:17.7690746-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Stripe Web Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into Stripe Web Service in order to change the flow of program execution within Stripe Web Service to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Attacks against stripe from our server are out of scope.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>37b03a69-1e59-4f81-97db-13e067ed079e</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S7.15cd9ded7-83c4-40a7-b1e3-5805e5b19267b1641751-4cb9-4d0e-9319-3d9133c236a56ad6021b-363a-4376-a536-6cf701dbdc4a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>b1641751-4cb9-4d0e-9319-3d9133c236a5</b:FlowGuid><b:Id>20</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:b1641751-4cb9-4d0e-9319-3d9133c236a5:6ad6021b-363a-4376-a536-6cf701dbdc4a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:06:13.589095-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Destination Data Store SQL Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>SQL Database may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of SQL Database. Consider using a standard authentication mechanism to identify the destination data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>SQL Database will be authenticated using mutual SSL Authentication. So long as it's private key stays private this will serve to authenticate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T75cd9ded7-83c4-40a7-b1e3-5805e5b19267b1641751-4cb9-4d0e-9319-3d9133c236a56ad6021b-363a-4376-a536-6cf701dbdc4a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>b1641751-4cb9-4d0e-9319-3d9133c236a5</b:FlowGuid><b:Id>21</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:b1641751-4cb9-4d0e-9319-3d9133c236a5:6ad6021b-363a-4376-a536-6cf701dbdc4a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:11:00.1614037-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential SQL Injection Vulnerability for SQL Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Sanitization is handled by the Razor 5 and Entity frameworks, even so, tests will be done to ensure this. See Github Implementation Issue #1.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I245cd9ded7-83c4-40a7-b1e3-5805e5b19267b1641751-4cb9-4d0e-9319-3d9133c236a56ad6021b-363a-4376-a536-6cf701dbdc4a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>b1641751-4cb9-4d0e-9319-3d9133c236a5</b:FlowGuid><b:Id>22</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:b1641751-4cb9-4d0e-9319-3d9133c236a5:6ad6021b-363a-4376-a536-6cf701dbdc4a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:13:34.9297872-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weak Credential Storage</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>We implement hashing and salting of user passwords. Actual passwords are never stored in logs or the db and are only in memory for as long as it takes to hash them.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I24</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D25cd9ded7-83c4-40a7-b1e3-5805e5b19267b1641751-4cb9-4d0e-9319-3d9133c236a56ad6021b-363a-4376-a536-6cf701dbdc4a</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>b1641751-4cb9-4d0e-9319-3d9133c236a5</b:FlowGuid><b:Id>23</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:b1641751-4cb9-4d0e-9319-3d9133c236a5:6ad6021b-363a-4376-a536-6cf701dbdc4a</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:45:36.2958225-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Excessive Resource Consumption for Web Server or SQL Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Does Web Server or SQL Database take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Auditing should be done on the most time consuming database tasks to find out if they are malicious. If so, steps should be taken to automatically ban or block users from creating malicious requests aimed at tieing up resources. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S76ad6021b-363a-4376-a536-6cf701dbdc4ac2f0e2d9-470a-4f8b-b0da-d91fb426e5b35cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</b:FlowGuid><b:Id>24</b:Id><b:InteractionKey>6ad6021b-363a-4376-a536-6cf701dbdc4a:c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:05:38.3055422-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing of Source Data Store SQL Database</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>SQL Database may be spoofed by an attacker and this may lead to incorrect data delivered to Web Server. Consider using a standard authentication mechanism to identify the source data store.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>SQL Database will be authenticated using mutual SSL Authentication. So long as it's private key stays private this will serve to authenticate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.16ad6021b-363a-4376-a536-6cf701dbdc4ac2f0e2d9-470a-4f8b-b0da-d91fb426e5b35cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</b:FlowGuid><b:Id>25</b:Id><b:InteractionKey>6ad6021b-363a-4376-a536-6cf701dbdc4a:c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:11:04.3253784-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Sanitization is handled by the Razor 5 and Entity frameworks, even so, tests will be done to ensure this. See Github Implementation Issue #1.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.26ad6021b-363a-4376-a536-6cf701dbdc4ac2f0e2d9-470a-4f8b-b0da-d91fb426e5b35cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</b:FlowGuid><b:Id>26</b:Id><b:InteractionKey>6ad6021b-363a-4376-a536-6cf701dbdc4a:c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:11:07.2792621-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Persistent Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Web Server' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store 'SQL Database' inputs and output.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Sanitization is handled by the Razor 5 and Entity frameworks, even so, tests will be done to ensure this. See Github Implementation Issue #1.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>I236ad6021b-363a-4376-a536-6cf701dbdc4ac2f0e2d9-470a-4f8b-b0da-d91fb426e5b35cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3</b:FlowGuid><b:Id>27</b:Id><b:InteractionKey>6ad6021b-363a-4376-a536-6cf701dbdc4a:c2f0e2d9-470a-4f8b-b0da-d91fb426e5b3:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:13:31.4262099-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Weak Access Control for a Resource</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Information Disclosure</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Information disclosure happens when the information can be read by an unauthorized party.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Improper data protection of SQL Database can allow an attacker to read information not intended for disclosure. Review authorization settings.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Extra care will be taken to ensure that requsts are authorzied. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>6ad6021b-363a-4376-a536-6cf701dbdc4a</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>I23</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S17a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>28</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:04:41.0387907-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Browser Client Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client may be spoofed by an attacker and this may lead to unauthorized access to Web Server. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>A token stored in an HTTP cookie will be used to authenticate the client is authentic. Cookies will timeout periodically to mitigate the risk of them being stolen.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T13.17a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>29</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:11:11.0752403-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Scripting</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>The web server 'Web Server' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Sanitization is handled by the Razor 5 and Entity frameworks, even so, tests will be done to ensure this. See Github Implementation Issue #1.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T13.1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R67a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>30</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:07:08.3497568-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>IIS Access logs will configured to include this information.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D37a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>31</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:45:39.3086059-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Such problems would cost us business. We should ensure that our platform is as stable as possible.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D47a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>32</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:45:42.4168892-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>If an ISP, goverment or other entity interupts traffic between a client and us or between us and stripe we would no longer be able to serve our customers. We would take all aproprate steps to ensure such a thing does not happen.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E57a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>33</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:24:10.1186449-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be able to impersonate the context of Browser Client in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>This does not apply in our case.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E67a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>34</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:26:11.9327367-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Web Server May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client may be able to remotely execute code for Web Server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Rasor 5 should handle sanatization of all form inputs but testing should be done to verify that user inputs can never allow the user to compromize our web server.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E77a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>35</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:32:14.4130309-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Web Server</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into Web Server in order to change the flow of program execution within Web Server to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>User inputs will inevitably effect the flow of our server software but we will take care to ensure that there are not any implementation bugs where a user is able to take actions that they are not authorized to do. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>8404dcf5-bdd8-4902-abc2-3b6c967b02617a6a6b54-e754-4e5e-be67-8bb06b758b7830d5bd54-d81b-427e-a96a-94eb5c9dd3b45cd9ded7-83c4-40a7-b1e3-5805e5b19267</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>30d5bd54-d81b-427e-a96a-94eb5c9dd3b4</b:FlowGuid><b:Id>36</b:Id><b:InteractionKey>7a6a6b54-e754-4e5e-be67-8bb06b758b78:30d5bd54-d81b-427e-a96a-94eb5c9dd3b4:5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:31:50.8796146-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Cross Site Request Forgery</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Razor 5 has mitigated this with Anti-Forgery tokens. These can make testing with Curl / Postman difficult and may be turned off during development. We must ensure that these tokens are enabled in production. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>8404dcf5-bdd8-4902-abc2-3b6c967b0261</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>S15cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>37</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:05:31.5167606-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Spoofing the Web Server Process</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Spoofing</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be spoofed by an attacker and this may lead to unauthorized access to Browser Client. Consider using a standard authentication mechanism to identify the source process.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>The webserver is authenticated by the HTTPS Certificate and our private key. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>S1</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>T25cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>38</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:10:52.1954722-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Web Server Process Memory Tampered</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Tampering</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>If Web Server is given access to memory, such as shared memory or pointers, or is given the ability to control what Browser Client executes (for example, passing back a function pointer.), then Web Server can tamper with Browser Client. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>Web Server is on a private server and does not share memory. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>T2</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>R65cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>39</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:07:05.3290947-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Data Repudiation by Browser Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Repudiation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Repudiation threats involve an adversary denying that something happened.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>IIS Access logs will configured to include this information.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>R6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D35cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>40</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:41:51.7487235-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Potential Process Crash or Stop for Browser Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>We will do testing to ensure that our site does not cause browsers to become unstable. </a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D3</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>D45cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>41</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T15:41:55.3208351-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Data Flow HTTPS Is Potentially Interrupted</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Denial Of Service</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An external agent interrupts data flowing across a trust boundary in either direction.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>If an ISP, goverment or other entity interupts traffic between a client and us or between us and stripe we would no longer be able to serve our customers. We would take all aproprate steps to ensure such a thing does not happen.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>D4</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E55cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>42</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:32:22.1570861-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation Using Impersonation</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Browser Client may be able to impersonate the context of Web Server in order to gain additional privilege.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>This does not apply in our case.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>NotApplicable</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E5</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E65cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>43</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:34:57.4924845-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Browser Client May be Subject to Elevation of Privilege Using Remote Code Execution</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>Web Server may be able to remotely execute code for Browser Client.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>It certianly could (and does) execute javascript code on the client that support it. Existing XSS Mitigations will ensure that only authorized code is sent to browsers.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E6</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB><a:KeyValueOfstringThreatpc_P0_PhOB><a:Key>E75cd9ded7-83c4-40a7-b1e3-5805e5b192673aad4936-015a-4a2a-81f8-14c70cfc56177a6a6b54-e754-4e5e-be67-8bb06b758b78</a:Key><a:Value xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"><b:ChangedBy>BLACKTOP\black_000</b:ChangedBy><b:DrawingSurfaceGuid>0634b2be-4f0c-49ea-891c-d3d06f17e21b</b:DrawingSurfaceGuid><b:FlowGuid>3aad4936-015a-4a2a-81f8-14c70cfc5617</b:FlowGuid><b:Id>44</b:Id><b:InteractionKey>5cd9ded7-83c4-40a7-b1e3-5805e5b19267:3aad4936-015a-4a2a-81f8-14c70cfc5617:7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:InteractionKey><b:InteractionString i:nil="true"/><b:ModifiedAt>2015-11-10T16:35:12.85246-05:00</b:ModifiedAt><b:Priority>High</b:Priority><b:Properties><a:KeyValueOfstringstring><a:Key>Title</a:Key><a:Value>Elevation by Changing the Execution Flow in Browser Client</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatCategory</a:Key><a:Value>Elevation Of Privilege</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatShortDescription</a:Key><a:Value>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>UserThreatDescription</a:Key><a:Value>An attacker may pass data into Browser Client in order to change the flow of program execution within Browser Client to the attacker's choosing.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>StateInformation</a:Key><a:Value>It certianly could (and does) execute javascript code on the client that support it. Existing XSS Mitigations will ensure that only authorized code is sent to browsers.</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>InteractionString</a:Key><a:Value>HTTPS</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>Priority</a:Key><a:Value>High</a:Value></a:KeyValueOfstringstring></b:Properties><b:SourceGuid>5cd9ded7-83c4-40a7-b1e3-5805e5b19267</b:SourceGuid><b:State>Mitigated</b:State><b:StateInformation i:nil="true"/><b:TargetGuid>7a6a6b54-e754-4e5e-be67-8bb06b758b78</b:TargetGuid><b:Title i:nil="true"/><b:TypeId>E7</b:TypeId><b:Upgraded>false</b:Upgraded><b:UserThreatCategory i:nil="true"/><b:UserThreatDescription i:nil="true"/><b:UserThreatShortDescription i:nil="true"/><b:Wide>false</b:Wide></a:Value></a:KeyValueOfstringThreatpc_P0_PhOB></ThreatInstances><ThreatGenerationEnabled>true</ThreatGenerationEnabled><Validations xmlns:a="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase"/><Version>4.3</Version><KnowledgeBase z:Id="i15" xmlns:a="http://schemas.datacontract.org/2004/07/ThreatModeling.KnowledgeBase" xmlns:z="http://schemas.microsoft.com/2003/10/Serialization/"><a:GenericElements><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Managed</b:Value><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Kernel</b:Value><b:Value>System</b:Value><b:Value>Network Service</b:Value><b:Value>Local Service</b:Value><b:Value>Administrator</b:Value><b:Value>Standard User With Elevation</b:Value><b:Value>Standard User Without Elevation</b:Value><b:Value>Windows Store App</b:Value></a:AttributeValues><a:DisplayName>Running As</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>runningAs</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>AppContainer</b:Value><b:Value>Low Integrity Level</b:Value><b:Value>Microsoft Office Isolated Conversion Environment (MOICE)</b:Value><b:Value>Sandbox</b:Value></a:AttributeValues><a:DisplayName>Isolation Level</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Isolation</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Any Remote User or Entity</b:Value><b:Value>Kernel, System, or Local Admin</b:Value><b:Value>Local or Network Service</b:Value><b:Value>Local Standard User With Elevation</b:Value><b:Value>Local Standard User Without Elevation</b:Value><b:Value>Windows Store Apps or App Container Processes</b:Value><b:Value>Nothing</b:Value><b:Value>Other</b:Value></a:AttributeValues><a:DisplayName>Accepts Input From</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>acceptsInputFrom</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses an Authentication Mechanism</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsAuthenticationScheme</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses an Authorization Mechanism</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsCustomAuthorizationMechanism</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Implements or Uses a Communication Protocol</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>implementsCommunicationProtocol</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Sanitizes Input</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>hasInputSanitizers</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Sanitizes Output</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>hasOutputSanitizers</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>A representation of a generic process.</a:Description><a:Hidden>false</a:Hidden><a:Id>GE.P</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Process</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Ellipse</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Code</b:Value><b:Value>Human</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Microsoft</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>MS</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external interactor.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.EI</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic External Interactor</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Rectangle</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Stores Credentials</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storesCredentials</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Stores Log Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storesLogData</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Encrypted</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Encrypted</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Signed</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Signed</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Write Access</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>AccessType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Removable Storage</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>RemoveableStorage</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Backup</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Backup</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Shared</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>shared</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>SQL Relational Database</b:Value><b:Value>Non Relational Database</b:Value><b:Value>File System</b:Value><b:Value>Registry</b:Value><b:Value>Configuration</b:Value><b:Value>Cache</b:Value><b:Value>HTML5 Storage</b:Value><b:Value>Cookie</b:Value><b:Value>Device</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a data store.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.DS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAIxJREFUOE9j+P//PxwzmnrPB+L/BPB5IOaH6SFVMxgzmflcANJgQ0jWDMMwQ8jSDMMgQ0Au0AZiVzKxBcgFWE0nFoMNcM6smoaPxoZhcpS7AIu/SMLDIQxKJswpxoVhikC2YZMHYVAgCuLCMANcs6vDsMmDMMwL9jDFJGCwHrABuhFZPkgSRGGIHu//AJbS3MIG0q+eAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Data Store</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>ParallelLines</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Wire</b:Value><b:Value>Wi-Fi</b:Value><b:Value>Bluetooth</b:Value><b:Value>2G-4G</b:Value></a:AttributeValues><a:DisplayName>Physical Network</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>channel</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Transmits XML</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>XMLenc</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Contains Cookies</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Cookies</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SOAP Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SOAP</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>REST Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>REST</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>RSS Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>RSS</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>JSON Payload</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>JSON</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>ValidateAntiForgeryTokenAttribute</b:Value><b:Value>ViewStateUserKey</b:Value><b:Value>Nonce</b:Value><b:Value>Other dynamic canary</b:Value><b:Value>Static header not available to the browser</b:Value><b:Value>Other</b:Value><b:Value>None</b:Value><b:Value>Not applicable because the request does not change data</b:Value></a:AttributeValues><a:DisplayName>Forgery Protection</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>54851a3b-65da-4902-b4e0-94ef015be735</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A unidirectional representation of the flow of data between elements.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.DF</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Data Flow</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Line</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
        An arc representation of a trust boundary.
      </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.TB.L</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Trust Line Boundary</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>LineBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
        A border representation of a trust boundary.
      </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.TB.B</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Generic Trust Border Boundary</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an annotation.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>GE.A</a:Id><a:ImageLocation i:nil="true"/><a:ImageSource i:nil="true"/><a:ImageStream i:nil="true"/><a:Name>Free Text Annotation</a:Name><a:ParentId>ROOT</a:ParentId><a:Representation>Annotation</a:Representation><a:Shape i:nil="true"/></a:ElementType></a:GenericElements><a:Manifest><a:Author>TwC MSEC</a:Author><a:Id>cc62ebae-3748-431e-b1df-f4220dc9003f</a:Id><a:Name>SDL TM Knowledge Base (Core)</a:Name><a:Version>4.1.0.9</a:Version></a:Manifest><a:StandardElements><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A Windows Process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.OSProcess</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>OS Process</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A thread of execution in a Windows process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Thread</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Thread</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A thread of execution in the Windows kernel.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.KernelThread</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Kernel Thread</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Win32 or Win64 application.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WinApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEFJREFUOE9jYDT1ngnE/8nEM0EG/EETJAV/ABmATYJYTD0DQDQ5eNSAUQNAmDoGgDITugSxGGzAfCAGuYIM7D0HAH9a5DRx46KEAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Native Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a .NET Web application.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.NetApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Managed Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a thick client.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.ThickClient</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGBJREFUOE/FjdEJwDAIBe1QnaJ7BzpA5nmpH8KjkaC2kI9L5MBTAHzClRnkOK/+gABdF95+EissoL/N/wRMrOAAsyfArhRgSgF2pQBTCrDT59YhQLMlZrqUxZUZXBkHMgDkpHNwRk9QLgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Thick Client</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a browser client.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.BrowserClient</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASBJREFUOE+l0q1LBGEQx/FdMMsVg/H+AG1WmxqMZ1WDWC5dUMQiyImIQVARRTGpRVHwpYigd/iCmLQZBINYD8yG576/Y0Y27AOehs/O7PA8s/PwbBJC+JfcYjuStG/Y9WAML9jAE0ZQRGuNNhBDlm+exDvqKmLP4hXeMIifBv515Xp04Rrb2MIdZiyu4NB0xBos4RZzOMYNplHDPhZwj7JvylJBo+tFi78s37X4iSPLa7EGq9D441jDJkattowJy+e9gaLnenwogcb/tvzAYgMXltdjE1Rwjins4ARli+uYhZqUYhN04gFqoi+/ompRt6Kr1XRpbAIZwjMuVYQf4QyP6EX0P3DdGMApFqEj9KOA1prcCbzbX+UW25Fb/L2QNAG8ROHz0OoHewAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser Client</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>ActiveX</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>ActiveX</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Brower Plug-in Object (BHO)</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>BHO</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an browser plugin.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.PlugIn</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANxJREFUOE+l070OwVAYgGEdDG7BbJUYMPhZJKYmBgYJg9lgwCDhAoTJHXSR2A0MRPxdA4nRDRgYxML7JW3SoI62w5PTnp68+XKSBrSEXsPTI0MCl7dNVyRgvcizG64CafTQte0pA1G0McASKdi//wyUccQaMzxwRgzWGcdAGAdskUEIHciZFZSBLDaYY4wJppAzMokyEMcOezTRQh1VVKAMyLgnXJGEhgL6kLtRBkZo4A7Zv5mrjJ/HXwFZS1hA7mKICKwzwjGQQxEyftDc++Yj4IkEfP9MPn5n3XgBkdQdpG8eZzEAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser and ActiveX Plugins</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an Web Server Process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebServer</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAJ5JREFUOE9j+P//Pxgzmnr/JwejGOCcWTWtZMKcYmIxhgGu2dVhQLYgsRjDAN2ILB8YnxgMNgBEYMH22DSgY5BarAYQ6xKQWjABCjwBx7A7qkEpO8kyAB3T3wDk+Ec2iBiM1QW4DMSW0LC6ADlBIRuALaERDAOLxKJFMBxS3qYHE4dhnAZgE0fC8IQGIlyxYJDzsInDMEgebgAF+D8DAHhvQ2cWCf/0AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Server</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Local</b:Value><b:Value>Web</b:Value></a:AttributeValues><a:DisplayName>Context</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>context</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Documents Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>documentsLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Enterprise Authentication capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>enterprizeAuthentication</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Internet (Client &amp; Server) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>internetClientServer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Internet (Client) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>internetClient</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Location capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>location</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Microphone capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>microphone</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Music Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>musicLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Pictures Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>pictureLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Private Networks (Client &amp; Server) capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>privateNetworkClientServer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Proximity capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>proximity</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Removable Storage capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>removableStorage</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Shared User Certificates capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>sharedUserCertificates</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Text Messaging capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>sms</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Videos Library capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>videosLibrary</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Selected</b:Value><b:Value>Yes</b:Value><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Webcam capability</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>webcam</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Managed</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Windows Store process.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Modern</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows Store Process</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an network process or service.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.Win32Service</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Win32 Service</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Delivers web content to a human user.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebApp</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Application</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Unmanaged</b:Value></a:AttributeValues><a:DisplayName>Code Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>codeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Exposes a programmatic interface.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.WebSvc</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAANFJREFUOE+t09EGAkEUxvF6lG6jqxQR3cbQbURERER0FV31ErEsveI+QNT3X3NYszPsji5+Zsycvjk7o8Fw5gr5ZioI+ASLfVQExDa6+l8AY45kgJO7HGQvD78W1kUD+MFYljLxmE9lJ83aVsBRLsLTnuXpMWftKtQkA+yErR+tA+Z01qxBK+AlJ+E0RuuAeelH9pIBls7lMfbuYCNruQkXx6dgLrwKe9QkA8BJI1mJdcCcEOvCRAPA6dw4nwJeYSFhXR3Anync6KoOeAtdZHDlD8vn/L46Hi6/AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Web Service</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A virtual machine running in a Hyper-V partition.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.VM</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Virtual Machine</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Microsoft applications running on operating systems from Google or Apple.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.P.TMCore.NonMS</a:Id><a:ImageLocation>Centered on stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAARRJREFUOE99ksFmQ0EUhtOHKCGUUi6hhEieoVy6CiGrkG3IA2TVB+hThVLyDN1eSghdZTX5P84fc5u5d/H558z5z5kzc+/gYVb/ZydS6F0+pdTCCcwHUYsvQQPU8Vb0NjgKirog39vgXWA8iZWYhBKzT76zwUZ47KV4ER/iOWL2yeMrNriECUbiM9Y0IXYOX7FBPsFCcPJeUEzMfu8E8CYw/gqKnkKJ2SdvbwsvvgXGLsi3Co0X+X+AUoTy+v4PXgXX+xFDMRa3Bjlr8RfqvbmgqT+rdZ4X9sGD0pRJH0OJR3evmiODaQQnVqE8MtoUC40MhsKz4GTujhJXxUIjg5kKTmTsXKfFQiNDDg/JJBRzBcX14ApRBWL6a6sYxQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Applications Running on a non Microsoft OS</a:Name><a:ParentId>GE.P</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web browser.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.Browser</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAMRJREFUOE9j+P//PwOjqfd/NGwPEkfH2NSBJUomzCmGCTpnVk1rmbdCHl0zLnVgCZggDPPaBzuha8alDquEbkSWD5C+jyYuj8YHq8NnAIqYuFu0K7oY2AAgA90mkjCG7aRinAaAQhkbGx3jNMA1uzoMGD6uUCyHTQ0I4zQAFECgAIZhbGpAeJAYYJFYtAiUTEE4sbG/HiSGzQBs6hi4bYNegBjoOKS8TQ/ZAFzqQJI2QAwLbWTMAcRwA4AYqzpkBWTg/wwA3lTsAWB+hJkAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Browser</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external authorization provider.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.AuthProvider</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAATpJREFUOE9j+P//PwZmNPWuB+L7QPwfit8D8Xwg5kdXi8IBYajC/0YxeXNLJswpBmG/osYOFnPfT0xmPhfQDUHXHA/SDNIE5CsBsSAUS529fseH1cLvM9CghSC1MIxiALuV/xXVoJSdQDZIE4ocELOAXAKyANkVKIpAkuGVHfHIYsh47sZd6iA1vPbBTjAxFAUgSd2ILB9kMWRsnlAojK4GRYGAY9gdLpvApchiyJjTOjAJZEDLvBXyMDEUBW45NU0gBUCM4Q2gmD6zuc9HaBixwMRRFAGxFEgB1BCU6AJG4Qd+h9DbO0+cM0cWhzOQsDbIAJBzYWJAvjxILLSirQzIh9sOwnAGMoa6AAObxhX4o6tF4SBhVxwYI32gcJAxFhfYY1OHIYCECdoOwhgCyJiQ7SCMVZB4/J8BAHcPi99NNItPAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Authorization Provider</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web application (portal, front ed, etc.).
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WebApp</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAIBJREFUOE9j+P//PwOjqXc8EP8nEc8H6QUbwGzu8xGLAmKwPswFYAHnzKppJRPmFBPCMPUqgSmeKAa4ZleHAfmChDBMvW5Elg+KASABEJ8QHjVg1AAQxmkAqRhuAKuF32dsCmB5A5scCNuklNqCDfArauzApgAfVg1K2fn//39eAIdsIEry0cBoAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>External Web Application</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an external Web service.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WebSvc</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAJ5JREFUOE9j+P//Pxgzmnr/JwejGOCcWTWtZMKcYmIxhgGu2dVhQLYgsRjDAN2ILB8YnxgMNgBEYMH22DSgY5BarAYQ6xKQWjABCjwBx7A7qkEpO8kyAB3T3wDk+Ec2iBiM1QW4DMSW0LC6ADlBIRuALaERDAOLxKJFMBxS3qYHE4dhnAZgE0fC8IQGIlyxYJDzsInDMEgebgAF+D8DAHhvQ2cWCf/0AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>External Web Service</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Human</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a user.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.User</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAQNJREFUOE9j+P//PwZmNPXWB+L7QPwfiveDxLCpxRAAKuRnMvP5gKQZjJnNfS6iqwVhDAFe+2AndM1IGMMVKBwQ1o3I8sGiEYyL+mdLo6tH4YAwl03gUmyaQZjN0r8QXT0KB4SFnSP2YNMMwsoByQ3o6lE4ILzvzEVrVgu/z+iaBRzD7izbcUAbXT0KB4pZlPyTtqMb4JZT0wSSQ1OL1QCG8MqOeHQDgEAKWQ0MYwgAFfMDo3IaugFAHI+uFoThDKACUOqbD8TvoRqwYVDqrAdiebgBQA5IIyipYtOAD4Ms42cAJVE0CaIxi7nvQpALsEoSg/kdQk9RZICgU9gZCg0IOwMAqzT/oq6scnwAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Human User</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A large service that has only one instance on the Internet, for example, Outlook.com and Xbox Live.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.Megasevrice</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAALBJREFUOE+l0rEJwmAQBeBfBEFwAAcQBHsLwQ1srRwgrUu4gZO4gQNYWQmpbG0d4HwvmHD+eZocFh8JL3eP5CfJzP4iw4g0WG66LKCAlcsarcCZwhnMucEMmjm/UJvDEPLl2hX4vJr3ixO4AIee7+s3a2gVbEENK3v4KNgBX00NKzwL7lQFPGE11EfBgnsWRpQs6DqwXx4sOGVhxJEFY95A5FNKOMBI/t8RMoyQYX+WXnB1v3lL8LpjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Megaservice</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into an unmanged runtime library such as the CRT.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.CRT</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into the .NET Framework.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.NFX</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows .NET Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Not Applicable</b:Value></a:AttributeValues><a:DisplayName>Authenticates Itself</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesItself</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Code</b:Value></a:AttributeValues><a:DisplayName>Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>type</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Represents the point where an application calls into WinRT.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.EI.TMCore.WinRT</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAALEwAACxMBAJqcGAAAANBJREFUOE9j+P//P1UwVkFyMJhgNPX+jwW/B2J5dA24MJhAMwCOmc19LgJpfnRN2DCYQDeADGxPFYN0I7J8aG+QgGPYHdWglJ0wvkVi0SJWC7/PyGpgGK9B6W2TM4Fy2iDDAkqau4BsJb+ixg5savEaxGTm8wFI64MMA2IpEBsYix+R1cAwwTASdY1MB8mDMLdt0FRsakAYr0FQ74BdAsJAtjpymCFjQoG9Ekjrg7wI86aEe/R6ZDUwTNBrxGLqGwTErhRiQZhBFGOsgqTj/wwAWDijBcYFCvcAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Windows RT Runtime</a:Name><a:ParentId>GE.EI</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
          A representation of a Cloud Storage.
        </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.CloudStorage</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOwwAADsMBx2+oZAAAAXRJREFUOE+NkztLA0EUhVcFg4U2goUgWKxVKnGNqKCBKBYGZBVUkO1iEfHR+0ZSCoKNIGIjwR+ghb2Vv8DeVlDBLiYZ7zfM6OyyPorD5J57zpndvTeeUioVLcOzgeBFoBxQB64uZrJAJGi25oofQbRVnVnfPeWkhndDXNOlaerbEN/cPyxJzxf0cVLDC16tzw1odoyHz9zWXVh+5BQ+Y/sGGZ6ECyxnzbeQe2dXq1JzW86crlkju1g+QCuoUGOuQLSPzr0L0WWFwq0ZoZTfAYfn1QCt6VUQ1o057wr9sLSTFiDgtfImpE6AKpS3TxKi3wI08NDTAUPRJu8eE/wVYPuejKThjiUp+CmgbaT4htezYxGwZXy4XkHNcC5qGOUMBXpD8ZLmmy1rQA6ubPRH+8eM6mup+H10cU24ngxaPHjtI7FtU4JpAV+5Z2C+dGcDjJgRsxto0OJJ/y8YZNnMzsmFJ/mtxWlIJR1MCMYSXAyp5P+hvE94cVhHBmDVoQAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cloud Storage</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>SQL Relational Database</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a SQL Database.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.SQL</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASJJREFUOE99kj1Ow0AQhQ2IjsJHSA7Bj4SJZCmpiNLQUSJRIwpQOAItSgvKDXIe6lyAAgkoyPA+s2vtrr2O9Ekz895MdrxbmFmxd3y5FB9iJ6wH6uhL/CE0I9j+yXx3NLnaXtw+vKZQR8eHPx1gGJRMxbkY9UB9ig+/fvEAx694F6wD10FMHb3xdgZwzMOzxafi7DdAx0feGTBe3DwrqcVsAPRR7wBHtEJoSmBYm2dX8AbFlfjydQd51Q7IrOCbw8aUanAF3f230yI4Le8CfXAFH4fgk1Y7/7+pbwXVm+O7R0beNituXi8UfpJIVyhdHTZucNQMfOk6t8LB6fzH52IjomZ0f5+8984tPL683YUNKeh+QI7yabW+T07S/DN1Myv/AMyfAkxuIUzjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>SQL Database</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Non Relational Database</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a non-relational database.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.NoSQL</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAQtJREFUOE99krFKA0EQhs8EO4t7hOQhokLOQCBWOa6xsxSsQ4qE+Ai2kjYhr5XaF7AQ1MKM88nOsdnb3YMPdv7/37md2ytEpLgYzTfKh3JSJAI6/oa8D5sxpHddn64mD+93z6tdCDo+OfJhAyGgxUwZK4MI6DNy5PU5b+D4VY4K48Cjt0bH/892GnDMy9vmU9fJb4BPjrrTYNg8vWoxVe4z4A+iDRxnI/ihAJq1dXIEC+i6Ur5Md1BXbYPECLbZ3xhSZUfQu/92Xgf+C/zsCLbOkRxB9fb4vm6YV7g3U4QjlE7Pwpeepkbo39Q/VsfAt/vkf+/cwvptv4htNPCtQYryZXtYhiehRheR8g/o7QMp4dB2sAAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Non Relational Database</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>NTFS</b:Value><b:Value>ExFAT</b:Value><b:Value>FAT</b:Value><b:Value>ReFS</b:Value><b:Value>IFS</b:Value><b:Value>UDF</b:Value><b:Value>Other</b:Value></a:AttributeValues><a:DisplayName>File System Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>fsType</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>File System</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a file system.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.FS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAASFJREFUOE9j+P//PwOjqfd/InE8SD0yJtUAEEYxBMUAIHDFhZEMQDEE3QC4yegYSTOKISiSMMXYMJJGZKyPIomsASp+GYiLoHwM76gEpnhiNQDIPgfEZ5nMfH6zWfo/ArIfA3EbkjxYvW5Elg9WA/jsQ66B+OxW/m+ZzX1+gthA27ph8jD1WA0A0seAmr5zWge+LZs0L9sqqXgui7nvdyB+CZS7TNAAoIYufofQ20ANXwSdwhoFHMO2Ag38LeoaecYysXgSQQOAWBZo+xMQHxgGf4D0PxBbyT9pBVBOHlk9zjAASizWj8xeAwpEcbfoc0D+ervUskKYPEEDgFgViNWEnSOuAp3dCWSrA7E4VI4oA2DYDIhl0cRwG0AqpoIBWT4AXz0GcRbZcbEAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>File System</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Registry</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a Registry.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Registry</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAZxJREFUOE+Vkr1LQlEYxm9lSyFlUEuEEEFDxJ3KOxSSUEFqYoVJECoEQYt97eocqHO0VNgm0hC4hBQ0BEUNLUFQTbVV9Afcnudwj5x7uUENv3vPed6Pc877vpppmoKWsbAOaiAotb8gPgjKAbN/bvW0dTzyiXUJdDmd3RDBbYHI1275YAfCSKXeSHLfbswXnM5uaP5ouszTEfSKf8wTiF5wT90twEkzgRNnAmgpEFM1oqXzxXD3VOJJDe6cXHinbgX6QUOxs9DN+vDjBYaR2T6iw2hyo3r98DhLHfusVVShD4RTV1yDDyBuo15nEEyDYeCBgzi1YyL+ZhWYup4plHIo8LeVqKYmsEEHPuXw7HwJe59i62WnrAT2IBXpgCe84N8cLqxj8llEikGQlU6WJhwUOFwsoE2nY4kZvcHFOtZ3QP8lgSvCcau4v4kgvSe0fIsCXf47gcUz/75Q4oYJWHkWUbHb4OzsHVfXNaUlgqH42gkTAB/ngf1X7YQzA7sBvFoFLembWblnIvYYIvsti+nhXt5GngqNMwO7qf0AFBEVY8ZCOLAAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Registry Hive</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Configuration</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A configuration file, this includes XML, INI, and INF files.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.ConfigFile</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAZxJREFUOE+Vkr1LQlEYxm9lSyFlUEuEEEFDxJ3KOxSSUEFqYoVJECoEQYt97eocqHO0VNgm0hC4hBQ0BEUNLUFQTbVV9Afcnudwj5x7uUENv3vPed6Pc877vpppmoKWsbAOaiAotb8gPgjKAbN/bvW0dTzyiXUJdDmd3RDBbYHI1275YAfCSKXeSHLfbswXnM5uaP5ouszTEfSKf8wTiF5wT90twEkzgRNnAmgpEFM1oqXzxXD3VOJJDe6cXHinbgX6QUOxs9DN+vDjBYaR2T6iw2hyo3r98DhLHfusVVShD4RTV1yDDyBuo15nEEyDYeCBgzi1YyL+ZhWYup4plHIo8LeVqKYmsEEHPuXw7HwJe59i62WnrAT2IBXpgCe84N8cLqxj8llEikGQlU6WJhwUOFwsoE2nY4kZvcHFOtZ3QP8lgSvCcau4v4kgvSe0fIsCXf47gcUz/75Q4oYJWHkWUbHb4OzsHVfXNaUlgqH42gkTAB/ngf1X7YQzA7sBvFoFLembWblnIvYYIvsti+nhXt5GngqNMwO7qf0AFBEVY8ZCOLAAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Configuration File</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Cache</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a local data cache.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Cache</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAF1JREFUOE9j+P//PxwzmnrPB+L/BPB5IOaH6SFVMxgzmflcANJgQ0jWDMMwQ8jSDMMgQ0Au0AZiVzKxBcgFWE0nFoMNcM6smoaPxoZhcpS7AIu/SMKjYTAMwsD7PwDo1eAuODnTegAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cache</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>HTML5 Storage</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of HTML5 local storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.HTML5LS</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAS1JREFUOE9j+P//P0UYqyApGEOA0dSbH4jtQTSaOEhMHlkMhFE4QAX6QPweiP+zWfoXoon/h+J4ZD3ImvORFP03TyhMgcm5ZFVpsVr4fUaSnw/EYBfCnAwSAEuCFHYvXpsOlBSFGQDEHEt37I8QcAy7A1PHZOZzAUjLM0AZYEExt6gLZ6/f8QFq4EXSDDcEiC10I7LWIhnygQHZac6ZVQ1ARSxImjBwRvsUf2Q9DO0LVqWg+a8em0YQBsr5g2yFqQ0oae4CSfCCnI3sPyCej0VzPEweKZykYApYjl++7gIKA5giIM5H0gyPRm7boBcgVwPFweEEtwGIQX43gQUStmgEWXDyyk13oBg8kJENgGF1IHYFYpRoBGJHIDYBYpRAhjPIxVgFScFYBYnH/xkAObxzbhFjTVgAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTML5 Local Storage</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>HTTPOnly</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>HTTPOnly</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Cookie</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of cookie storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Cookie</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGFJREFUOE9jYDT1/k8JBhvgnFk1rWTCnGJSMdwA1+zqsP///wuSiuEG6EZk+QAF0L1jj0UMQw6nATAxIHbFgkEuIM4AZDEkjN0FQIxhC5oYihyGASA2Eh4NgxEWBuRj7/8An7gYjzKNJXgAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Cookies</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>GPS</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>GPS</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Contacts</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Contacts</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Calendar Events</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Calendar</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SMS messages</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SMSmessages</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Cached Credentials</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Creds</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Enterprise Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Enterprise</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Messaging Data (Mail, IM, SMS)</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>e-mail</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>SIM Storage</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>SIM</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Other Data</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>misc</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Device</b:Value></a:AttributeValues><a:DisplayName>Store Type</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>storeType</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of device local storage.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DS.TMCore.Device</a:Id><a:ImageLocation>Lower right of stencil</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAKpJREFUOE9j+P//P0UYzmA09bYH4v9E4noMAzisA7ZgUYgVM5v7fEQxACgoj66ICBwPNwBo+2QsCvBidiv/K2ADgBx+kJPQFRCJ7Rk4rQOTsEgQhblsApcysJj7PsImSSwGeQGrBLEYbIBzZtW0kglziknFcANcs6vDQLRuRJYPOg0MaUF0jKwGbABUoStUAToNT2xIGCwHN4ASDDONbIzuNJIxVkHi8X8GAIAQEkmTSFVLAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Device</a:Name><a:ParentId>GE.DS</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an HTTP data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.HTTP</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAADhJREFUOE9jYDT1/k8JHjWAWgaAAIwmBWA1AEQTw4bRcANgAF0hNjYMgPhkuwCGqWMAJXjUAO//APzi2/y5tNUIAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTTP</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an HTTPS data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.HTTPS</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAP9JREFUOE+10s1mQ0EYxvFECCGr3EcI0dBVKeFw6B1kFULpKqvSVSkl5A5yE9lmFbINJWSVVbZZhRBKmf6f8U5NT9pptbL4OWfmvO8zH06pfJG7/zh7wAzX6GCIFT7VpALWqDrnSoHGeLbvXirgMWp8wAKZjSfwdamApyhgbnNvuEQdW82lApZRwBVebX5kc/4oqQDxW7aGNkZo2riPkwDd8tTete1aCCji21h1xYAXNHAP38yzC61WiZqbOOAjYIM9dK67qDDDEarZQf/FErpMv2gI0HZaGBSaw8V9KwRIL2rO8WOzhAAV1635xsYnxV+Jd6CLusWvmyUO+IPcvQN8C4wQAsHzwgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>HTTPS</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an Binary data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.Binary</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAGNJREFUOE9jYDT1/k8JhhnwGYjnAPEHKB8fBqkBqQXpgRswGYhB7BYoHx8GqQGpBelBccFMIH4L5ePDIDUgtSguIBtT3wAgYMCH0dVT3wBSMfUNQHcyOkZXPxwNIBVTaID3fwAn5sGwmvgmbgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Binary</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Source Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesSource</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Destination Authenticated</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>authenticatesDestination</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Confidentiality</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesConfidentiality</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Provides Integrity</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Static</a:Mode><a:Name>providesIntegrity</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an IPsec data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.IPsec</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAPtJREFUOE+l0kFnA0EYxvGtUErIqdeeeiqlRG6lp5xCv0S+wVKW0lPJKacSSk79BqWUEHIKJZR8j5xKCWH6f9a8a2ynnWUPv8g7mecxO5vMOddK+XE0GP1liCU+MMUlqt9TBRfYwwU0Fyj3pAoeYMFHXOPdz2MkC+5hBTd+rYM1vnCWKujDClY4htbv/FqRKhA7smyg8NbP81iBbvnWf9exv2EFdXms4Ao7TGDhBeY4+Fl0im5YcI4e9IqeYBv1CCfQnlPof6G70WWWWSvI8YlnhGG7uKiwQF5g4Tf8G5awQJv1bhV+9fOvQF39BLqoGRqFpSpoI7rYnMt+APCSd3DankzjAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>IPsec</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a named pipe data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.NamedPipe</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAKxJREFUOE9jYDT1rgDin0D8HwueD8QgNfxAfBIqhowvgSS/AfFtIJ6JAzsBMS5DwAaAGEuBGMTGh0EGHANisgzApploA7BpLoWKwQ2YBsToGkEYm78zgRgkxwPEM0EMfAZwAvFeIEbXDMPMIAKfASAMMwRdcxQQE2UALrwFiKeBGJQYQDAQ8eHBYcA9EIMSAx6CGJ+B+BUQnyERfwBisBdCgPgwVJAUDEwb3vYAyzfmxSXYv1YAAAAASUVORK5CYII=</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Named Pipe</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of a SMBv1 or SMBv2 data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.SMB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEhJREFUOE/NzLENACAMA8EwFFNk/3kCpotc2VBg6eTuY8ysGyewF463AbyCAo4WwCso4GgBvIICjhbAKyjgaAG8ggKOjwK+rAUpwkqHruWEswAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>SMB</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an RPC or Distributed COM (DCOM) data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.RPC</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAG5JREFUOE+VjMENwDAIA5OhOkX3n4eqSK4cakfhEeQ7E0ZE5JvXHe8Dn7rWsnKtZTD79oGa7bJyKttl5cDsbcEerNwnIWpmVk5+4sys3CJrWVk5W4CdB28PuMycQxW7zJxDFWDnwfbAqWst/12MB+3XXGPkZTU+AAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>RPC or DCOM</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A representation of an (Advanced) Local Procedure Call data flow.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.ALPC</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>ALPC</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      User Data Protocol Transport.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.UDP</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>UDP</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An interface for an application to communicate to a device driver.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.DF.TMCore.IOCTL</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGOfPtRkwAAACBjSFJNAACHDwAAjA8AAP1SAACBQAAAfXkAAOmLAAA85QAAGcxzPIV3AAAKOWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAEjHnZZ3VFTXFofPvXd6oc0wAlKG3rvAANJ7k15FYZgZYCgDDjM0sSGiAhFFRJoiSFDEgNFQJFZEsRAUVLAHJAgoMRhFVCxvRtaLrqy89/Ly++Osb+2z97n77L3PWhcAkqcvl5cGSwGQyhPwgzyc6RGRUXTsAIABHmCAKQBMVka6X7B7CBDJy82FniFyAl8EAfB6WLwCcNPQM4BOB/+fpFnpfIHomAARm7M5GSwRF4g4JUuQLrbPipgalyxmGCVmvihBEcuJOWGRDT77LLKjmNmpPLaIxTmns1PZYu4V8bZMIUfEiK+ICzO5nCwR3xKxRoowlSviN+LYVA4zAwAUSWwXcFiJIjYRMYkfEuQi4uUA4EgJX3HcVyzgZAvEl3JJS8/hcxMSBXQdli7d1NqaQffkZKVwBALDACYrmcln013SUtOZvBwAFu/8WTLi2tJFRbY0tba0NDQzMv2qUP91829K3NtFehn4uWcQrf+L7a/80hoAYMyJarPziy2uCoDOLQDI3fti0zgAgKSobx3Xv7oPTTwviQJBuo2xcVZWlhGXwzISF/QP/U+Hv6GvvmckPu6P8tBdOfFMYYqALq4bKy0lTcinZ6QzWRy64Z+H+B8H/nUeBkGceA6fwxNFhImmjMtLELWbx+YKuGk8Opf3n5r4D8P+pMW5FonS+BFQY4yA1HUqQH7tBygKESDR+8Vd/6NvvvgwIH554SqTi3P/7zf9Z8Gl4iWDm/A5ziUohM4S8jMX98TPEqABAUgCKpAHykAd6ABDYAasgC1wBG7AG/iDEBAJVgMWSASpgA+yQB7YBApBMdgJ9oBqUAcaQTNoBcdBJzgFzoNL4Bq4AW6D+2AUTIBnYBa8BgsQBGEhMkSB5CEVSBPSh8wgBmQPuUG+UBAUCcVCCRAPEkJ50GaoGCqDqqF6qBn6HjoJnYeuQIPQXWgMmoZ+h97BCEyCqbASrAUbwwzYCfaBQ+BVcAK8Bs6FC+AdcCXcAB+FO+Dz8DX4NjwKP4PnEIAQERqiihgiDMQF8UeikHiEj6xHipAKpAFpRbqRPuQmMorMIG9RGBQFRUcZomxRnqhQFAu1BrUeVYKqRh1GdaB6UTdRY6hZ1Ec0Ga2I1kfboL3QEegEdBa6EF2BbkK3oy+ib6Mn0K8xGAwNo42xwnhiIjFJmLWYEsw+TBvmHGYQM46Zw2Kx8lh9rB3WH8vECrCF2CrsUexZ7BB2AvsGR8Sp4Mxw7rgoHA+Xj6vAHcGdwQ3hJnELeCm8Jt4G749n43PwpfhGfDf+On4Cv0CQJmgT7AghhCTCJkIloZVwkfCA8JJIJKoRrYmBRC5xI7GSeIx4mThGfEuSIemRXEjRJCFpB+kQ6RzpLuklmUzWIjuSo8gC8g5yM/kC+RH5jQRFwkjCS4ItsUGiRqJDYkjiuSReUlPSSXK1ZK5kheQJyeuSM1J4KS0pFymm1HqpGqmTUiNSc9IUaVNpf+lU6RLpI9JXpKdksDJaMm4ybJkCmYMyF2TGKQhFneJCYVE2UxopFykTVAxVm+pFTaIWU7+jDlBnZWVkl8mGyWbL1sielh2lITQtmhcthVZKO04bpr1borTEaQlnyfYlrUuGlszLLZVzlOPIFcm1yd2WeydPl3eTT5bfJd8p/1ABpaCnEKiQpbBf4aLCzFLqUtulrKVFS48vvacIK+opBimuVTyo2K84p6Ss5KGUrlSldEFpRpmm7KicpFyufEZ5WoWiYq/CVSlXOavylC5Ld6Kn0CvpvfRZVUVVT1Whar3qgOqCmrZaqFq+WpvaQ3WCOkM9Xr1cvUd9VkNFw08jT6NF454mXpOhmai5V7NPc15LWytca6tWp9aUtpy2l3audov2Ax2yjoPOGp0GnVu6GF2GbrLuPt0berCehV6iXo3edX1Y31Kfq79Pf9AAbWBtwDNoMBgxJBk6GWYathiOGdGMfI3yjTqNnhtrGEcZ7zLuM/5oYmGSYtJoct9UxtTbNN+02/R3Mz0zllmN2S1zsrm7+QbzLvMXy/SXcZbtX3bHgmLhZ7HVosfig6WVJd+y1XLaSsMq1qrWaoRBZQQwShiXrdHWztYbrE9Zv7WxtBHYHLf5zdbQNtn2iO3Ucu3lnOWNy8ft1OyYdvV2o/Z0+1j7A/ajDqoOTIcGh8eO6o5sxybHSSddpySno07PnU2c+c7tzvMuNi7rXM65Iq4erkWuA24ybqFu1W6P3NXcE9xb3Gc9LDzWepzzRHv6eO7yHPFS8mJ5NXvNelt5r/Pu9SH5BPtU+zz21fPl+3b7wX7efrv9HqzQXMFb0ekP/L38d/s/DNAOWBPwYyAmMCCwJvBJkGlQXlBfMCU4JvhI8OsQ55DSkPuhOqHC0J4wybDosOaw+XDX8LLw0QjjiHUR1yIVIrmRXVHYqLCopqi5lW4r96yciLaILoweXqW9KnvVldUKq1NWn46RjGHGnIhFx4bHHol9z/RnNjDn4rziauNmWS6svaxnbEd2OXuaY8cp40zG28WXxU8l2CXsTphOdEisSJzhunCruS+SPJPqkuaT/ZMPJX9KCU9pS8Wlxqae5Mnwknm9acpp2WmD6frphemja2zW7Fkzy/fhN2VAGasyugRU0c9Uv1BHuEU4lmmfWZP5Jiss60S2dDYvuz9HL2d7zmSue+63a1FrWWt78lTzNuWNrXNaV78eWh+3vmeD+oaCDRMbPTYe3kTYlLzpp3yT/LL8V5vDN3cXKBVsLBjf4rGlpVCikF84stV2a9021DbutoHt5turtn8sYhddLTYprih+X8IqufqN6TeV33zaEb9joNSydP9OzE7ezuFdDrsOl0mX5ZaN7/bb3VFOLy8qf7UnZs+VimUVdXsJe4V7Ryt9K7uqNKp2Vr2vTqy+XeNc01arWLu9dn4fe9/Qfsf9rXVKdcV17w5wD9yp96jvaNBqqDiIOZh58EljWGPft4xvm5sUmoqbPhziHRo9HHS4t9mqufmI4pHSFrhF2DJ9NProje9cv+tqNWytb6O1FR8Dx4THnn4f+/3wcZ/jPScYJ1p/0Pyhtp3SXtQBdeR0zHYmdo52RXYNnvQ+2dNt293+o9GPh06pnqo5LXu69AzhTMGZT2dzz86dSz83cz7h/HhPTM/9CxEXbvUG9g5c9Ll4+ZL7pQt9Tn1nL9tdPnXF5srJq4yrndcsr3X0W/S3/2TxU/uA5UDHdavrXTesb3QPLh88M+QwdP6m681Lt7xuXbu94vbgcOjwnZHokdE77DtTd1PuvriXeW/h/sYH6AdFD6UeVjxSfNTws+7PbaOWo6fHXMf6Hwc/vj/OGn/2S8Yv7ycKnpCfVEyqTDZPmU2dmnafvvF05dOJZ+nPFmYKf5X+tfa5zvMffnP8rX82YnbiBf/Fp99LXsq/PPRq2aueuYC5R69TXy/MF72Rf3P4LeNt37vwd5MLWe+x7ys/6H7o/ujz8cGn1E+f/gUDmPP8usTo0wAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAEtJREFUOE9j+P//P1bMaOr9Hx2jqwFhDAEYHngDYBiXRhjGKoiMR5IBIIWkYmwGgGh0jFN8OBkA4qBhbGJYxbEagMNQrOIUGuD9HwBIkRfD8QF9EgAAAABJRU5ErkJggg==</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>IOCTL Interface</a:Name><a:ParentId>GE.DF</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An arc representation of an Internet trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Internet</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Internet Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      An arc representation of a machine trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Machine</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Machine Trust Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of user-model / kernel-mode separation.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.Kernel</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>User mode or Kernel mode Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation for a Window Store AppContainer boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.L.TMCore.AppContainer</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAABX0lEQVQ4T2NgNPXGh/mhGJscGCNzQArtgVgfxmcy87kAwlA5ZLVwDGOAFQPp/1Dcj8zHZwiY4LUPdgLSMM0YmM8+5JaAY5gRkI3dAJuUUlsgjVUzCM/ZuDPg////vEA2dgNAkqpBKTuBbKwGRNV0iQNpmCZQGMG9AxPk57IJvA6ksRrAYu67EEjLA7E+s7nPReQwAWtGC0CiMMwQkPNZ5H0TtqArIIRBAWueUCgM9gLQEG1QGHDbBr1YuftQDJDvapFYtAhdEwwDY+TO8cvXXUCWw8IAbMjCrXtDgDQHlK8E04CO1YPTVoA0A9nwQIQZAtYMxaBAw2oAFINSLaoBSFgfGEgPgDQ2jWAs5hZVCaSxGwB0Ca+iX9I2IBusGORn3YistTA+q4Xf59KJcy1BarEaAMJAQ8ABixRg6omN/fWgwF26Y38EzLsghfiwNhBbADELlC8KxEpAzAHh/2cAANCSU7ngF2KpAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>AppContainer Boundary</a:Name><a:ParentId>GE.TB.L</a:ParentId><a:Representation>Inherited</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of a corporate network trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.CorpNet</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>CorpNet Trust Boundary</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes/><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      A border representation of a sandbox trust boundary.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.Sandbox</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Sandbox Trust Boundary Border</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Low Integrity Level Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>IntegrityLevel</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>App Container Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>AppContainer</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>JavaScript</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Flash Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Flash</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Describes the types of trust boundaries implemented by Internet Explorer.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.IEB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Internet Explorer Boundaries</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType><a:ElementType><a:IsExtension>false</a:IsExtension><a:Attributes><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Chrome JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>ChromeJava</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Chrome Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>Chrome</a:Name><a:Type>List</a:Type></a:Attribute><a:Attribute><a:IsExtension>false</a:IsExtension><a:AttributeValues xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.Interfaces"><b:Value>No</b:Value><b:Value>Yes</b:Value></a:AttributeValues><a:DisplayName>Firefox JavaScript Sandbox</a:DisplayName><a:Inheritance>Virtual</a:Inheritance><a:Mode>Dynamic</a:Mode><a:Name>FirefoxJava</a:Name><a:Type>List</a:Type></a:Attribute></a:Attributes><a:AvailableToBaseModels xmlns:b="http://schemas.datacontract.org/2004/07/ThreatModeling.ExternalStorage.OM"/><a:Behavior i:nil="true"/><a:Description>
      Describes the types of trust boundaries implemented by Google Chrome and Firefox.
    </a:Description><a:Hidden>false</a:Hidden><a:Id>SE.TB.B.TMCore.NonIEB</a:Id><a:ImageLocation>Before label</a:ImageLocation><a:ImageSource>iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABGSURBVDhPY/hPIWBQ9Ev6z2jqDccPnr0ESxArzoDMAeEDZy+DFRIrDjeAVDCcDIDyyQajgTioAhGEQekdHx+bGIUGeP8HAJ4fIfJijo6MAAAAAElFTkSuQmCC</a:ImageSource><a:ImageStream i:nil="true"/><a:Name>Other Browsers Boundaries</a:Name><a:ParentId>GE.TB.B</a:ParentId><a:Representation>BorderBoundary</a:Representation><a:Shape i:nil="true"/></a:ElementType></a:StandardElements><a:ThreatCategories><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>S</a:Id><a:LongDescription/><a:Name>Spoofing</a:Name><a:ShortDescription>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>T</a:Id><a:LongDescription/><a:Name>Tampering</a:Name><a:ShortDescription>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>R</a:Id><a:LongDescription/><a:Name>Repudiation</a:Name><a:ShortDescription>Repudiation threats involve an adversary denying that something happened.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>I</a:Id><a:LongDescription/><a:Name>Information Disclosure</a:Name><a:ShortDescription>Information disclosure happens when the information can be read by an unauthorized party.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>D</a:Id><a:LongDescription/><a:Name>Denial Of Service</a:Name><a:ShortDescription>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>E</a:Id><a:LongDescription/><a:Name>Elevation Of Privilege</a:Name><a:ShortDescription>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</a:ShortDescription></a:ThreatCategory><a:ThreatCategory><a:IsExtension>false</a:IsExtension><a:Id>A</a:Id><a:LongDescription/><a:Name>Abuse</a:Name><a:ShortDescription>Abuse is when a legitimate user violates the terms of use for the system without violating a system security policy.</a:ShortDescription></a:ThreatCategory></a:ThreatCategories><a:ThreatMetaData><IsPriorityUsed>true</IsPriorityUsed><IsStatusUsed>true</IsStatusUsed><PropertiesMetaData><ThreatMetaDatum><Name>Title</Name><Label>Title</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>ac0f9ea8-3b39-4ce9-bac2-6787124d7b48</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatCategory</Name><Label>Category</Label><HideFromUI>false</HideFromUI><Values i:nil="true" xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><Id i:nil="true"/></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string><b:string>Repudiation threats involve an adversary denying that something happened.</b:string><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string><b:string>Abuse is when a legitimate user violates the terms of use for the system without violating a system security policy.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>StateInformation</Name><Label>Justification</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string/></Values><Id>0406a684-e06e-4643-ba21-0f63104d9131</Id></ThreatMetaDatum><ThreatMetaDatum><Name>InteractionString</Name><Label>Interaction</Label><HideFromUI>false</HideFromUI><Values i:nil="true" xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><Id>d64f8926-f09d-4d67-a86f-fb4ad5036451</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>High</b:string><b:string>Medium</b:string><b:string>Low</b:string></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></PropertiesMetaData></a:ThreatMetaData><a:ThreatTypes><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>SU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the source process.</a:Description><a:GenerationFilters><a:Exclude>flow.authenticatesSource is 'Yes' or source.implementsAuthenticationScheme is 'Yes'</a:Exclude><a:Include>source is 'GE.P' and (target is 'GE.P' or target is 'GE.DS') and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the source process.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {source.Name} Process</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to information disclosure by {source.Name}. Consider using a standard authentication mechanism to identify the destination process.</a:Description><a:GenerationFilters><a:Exclude>flow.authenticatesDestination is 'Yes'</a:Exclude><a:Include>(source is 'GE.P' or source is 'GE.EI' or source is 'GE.DS') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to information disclosure by {source.Name}. Consider using a standard authentication mechanism to identify the destination process.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {target.Name} Process</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</a:Description><a:GenerationFilters><a:Exclude>source.authenticatesItself is 'Yes' or flow.authenticatesSource is 'Yes'</a:Exclude><a:Include>source is 'GE.EI' and target is 'GE.P'</a:Include></a:GenerationFilters><a:Id>S3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to unauthorized access to {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing the {source.Name} External Entity</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{source.Name} may be spoofed by an attacker and this may lead to incorrect data delivered to {target.Name}. Consider using a standard authentication mechanism to identify the source data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>S7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be spoofed by an attacker and this may lead to incorrect data delivered to {target.Name}. Consider using a standard authentication mechanism to identify the source data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of Source Data Store {source.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the destination data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>S7.1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to data being written to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the destination data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of Destination Data Store {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>S</a:Category><a:Description>{target.Name} may be spoofed by an attacker and this may lead to data being sent to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.EI' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>S8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Spoofing is when a process or entity is something other than its claimed identity. Examples include substituting a process, a file, website or a network address.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be spoofed by an attacker and this may lead to data being sent to the attacker's target instead of {target.Name}. Consider using a standard authentication mechanism to identify the external entity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Spoofing of the {target.Name} External Destination Entity</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>TU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Tampering (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to a denial of service attack against {target.Name} or an elevation of privilege attack against {target.Name} or an information disclosure by {target.Name}. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</a:Description><a:GenerationFilters><a:Exclude>(flow.providesConfidentiality is 'Yes' and flow.providesIntegrity is 'Yes')</a:Exclude><a:Include>(source is 'GE.P' or source is 'GE.EI') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>T1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to a denial of service attack against {target.Name} or an elevation of privilege attack against {target.Name} or an information disclosure by {target.Name}. Failure to verify that input is as expected is a root cause of a very large number of exploitable issues. Consider all paths and the way they handle data. Verify that all input is verified for correctness using an approved list input validation approach.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Lack of Input Validation for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If {source.Name} is given access to memory, such as shared memory or pointers, or is given the ability to control what {target.Name} executes (for example, passing back a function pointer.), then {source.Name} can tamper with {target.Name}. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and target.codeType is 'Unmanaged'</a:Include></a:GenerationFilters><a:Id>T2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If {source.Name} is given access to memory, such as shared memory or pointers, or is given the ability to control what {target.Name} executes (for example, passing back a function pointer.), then {source.Name} can tamper with {target.Name}. Consider if the function could work with less access to memory, such as passing data rather than pointers. Copy in data provided, and then validate it.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>{source.Name} Process Memory Tampered</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Packets or messages without sequence numbers or timestamps can be captured and replayed in a wide variety of ways. Implement or utilize an existing communication protocol that supports anti-replay techniques (investigate sequence numbers before timers) and strong integrity.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsCommunicationProtocol is 'Yes'</a:Include></a:GenerationFilters><a:Id>T3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Packets or messages without sequence numbers or timestamps can be captured and replayed in a wide variety of ways. Implement or utilize an existing communication protocol that supports anti-replay techniques (investigate sequence numbers before timers) and strong integrity.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Replay Attacks</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Attackers who can send a series of packets or messages may be able to overlap data. For example, packet 1 may be 100 bytes starting at offset 0. Packet 2 may be 100 bytes starting at offset 25. Packet 2 will overwrite 75 bytes of packet 1. Ensure you reassemble data before filtering it, and ensure you explicitly handle these sorts of cases.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsCommunicationProtocol is 'Yes'</a:Include></a:GenerationFilters><a:Id>T4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Attackers who can send a series of packets or messages may be able to overlap data. For example, packet 1 may be 100 bytes starting at offset 0. Packet 2 may be 100 bytes starting at offset 25. Packet 2 will overwrite 75 bytes of packet 1. Ensure you reassemble data before filtering it, and ensure you explicitly handle these sorts of cases.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Collision Attacks</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes') or (target is 'GE.P' and source is 'GE.DS' and source.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>T5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Log readers can come under attack via log files. Consider ways to canonicalize data in all logs. Implement a single reader for the logs, if possible, in order to reduce attack surface area. Be sure to understand and document log file elements which come from untrusted sources.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Risks from Logging</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>An attacker can read or modify data transmitted over an authenticated dataflow.</a:Description><a:GenerationFilters><a:Exclude>(flow.providesConfidentiality is 'Yes' and flow.providesIntegrity is 'Yes')</a:Exclude><a:Include>(flow.authenticatesSource is 'Yes' or flow.authenticatesDestination is 'Yes')</a:Include></a:GenerationFilters><a:Id>T6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An attacker can read or modify data transmitted over an authenticated dataflow.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Authenticated Data Flow Compromised</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>
        (target is 'SE.DS.TMCore.SQL' and source is 'GE.P')
      </a:Include></a:GenerationFilters><a:Id>T7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential SQL Injection Vulnerability for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>
        (target is 'SE.DS.TMCore.SQL' and source is 'GE.EI')
      </a:Include></a:GenerationFilters><a:Id>T8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Possible SQL Injection Vulnerability for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If a dataflow contains XML, XML processing threats (DTD and XSLT code execution) may be exploited.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(flow.XMLenc is 'Yes' and target is 'GE.P')</a:Include></a:GenerationFilters><a:Id>T11</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If a dataflow contains XML, XML processing threats (DTD and XSLT code execution) may be exploited.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>XML DTD and XSLT Processing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>If a dataflow contains JSON, JSON processing and hijacking threats may be exploited.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>((flow is 'SE.DF.TMCore.HTTP' or flow is 'SE.DF.TMCore.HTTPS') and flow.JSON is 'Yes' and target is 'GE.P')</a:Include></a:GenerationFilters><a:Id>T12</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If a dataflow contains JSON, JSON processing and hijacking threats may be exploited.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>JavaScript Object Notation Processing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>The web server '{target.Name}' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</a:Description><a:GenerationFilters><a:Exclude>(target.hasOutputSanitizers is 'Yes') and (target.hasInputSanitizers is 'Yes')</a:Exclude><a:Include>(target is 'SE.P.TMCore.WebServer' or target is 'SE.P.TMCore.WebApp')</a:Include></a:GenerationFilters><a:Id>T13.1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>The web server '{target.Name}' could be a subject to a cross-site scripting attack because it does not sanitize untrusted input.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Cross Site Scripting</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>The web server '{target.Name}' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store '{source.Name}' inputs and output.</a:Description><a:GenerationFilters><a:Exclude>(target.hasOutputSanitizers is 'Yes') and (target.hasInputSanitizers is 'Yes')</a:Exclude><a:Include>(target is 'SE.P.TMCore.WebServer' or target is 'SE.P.TMCore.WebApp') and source is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>T13.2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>The web server '{target.Name}' could be a subject to a persistent cross-site scripting attack because it does not sanitize data store '{source.Name}' inputs and output.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Persistent Cross Site Scripting</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>T</a:Category><a:Description>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to corruption of {target.Name}. Ensure the integrity of the data flow to the data store.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>T18</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Tampering is the act of altering the bits. Tampering with a process involves changing bits in the running process. Similarly, Tampering with a data flow involves changing bits on the wire or between two running processes.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be tampered with by an attacker. This may lead to corruption of {target.Name}. Ensure the integrity of the data flow to the data store.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>The {target.Name} Data Store Could Be Corrupted</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>RU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Repudiation (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>If you have trust levels, is anyone other outside of the highest trust level allowed to log? Letting everyone write to your logs can lead to repudiation problems. Only allow trusted code to log.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and (target is 'GE.DS') and (target.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>R1</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>If you have trust levels, is anyone other outside of the highest trust level allowed to log? Letting everyone write to your logs can lead to repudiation problems. Only allow trusted code to log.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Lower Trusted Subject Updates Logs</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Do you accept logs from unknown or weakly authenticated users or systems? Identify and authenticate the source of the logs before accepting them.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.P' or source is 'GE.EI') and (target is 'GE.DS') and (target.storesLogData is 'Yes')</a:Include></a:GenerationFilters><a:Id>R2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Do you accept logs from unknown or weakly authenticated users or systems? Identify and authenticate the source of the logs before accepting them.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Logs from an Unknown Source</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Does the log capture enough data to understand what happened in the past? Do your logs capture enough data to understand an incident after the fact? Is such capture lightweight enough to be left on all the time? Do you have enough data to deal with repudiation claims? Make sure you log sufficient and appropriate data to handle a repudiation claims. You might want to talk to an audit expert as well as a privacy expert about your choice of data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes'</a:Include></a:GenerationFilters><a:Id>R3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Does the log capture enough data to understand what happened in the past? Do your logs capture enough data to understand an incident after the fact? Is such capture lightweight enough to be left on all the time? Do you have enough data to deal with repudiation claims? Make sure you log sufficient and appropriate data to handle a repudiation claims. You might want to talk to an audit expert as well as a privacy expert about your choice of data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Insufficient Auditing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>Consider what happens when the audit mechanism comes under attack, including attempts to destroy the logs, or attack log analysis programs. Ensure access to the log is through a reference monitor, which controls read and write separately. Document what filters, if any, readers can rely on, or writers should expect</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesLogData is 'Yes'</a:Include></a:GenerationFilters><a:Id>R4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Consider what happens when the audit mechanism comes under attack, including attempts to destroy the logs, or attack log analysis programs. Ensure access to the log is through a reference monitor, which controls read and write separately. Document what filters, if any, readers can rely on, or writers should expect</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Weak Protections for Audit Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not receive data from a source outside the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Data Repudiation by {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not receive data from a process on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.EI' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not receive data from a process on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>External Entity {target.Name} Potentially Denies Receiving Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>R</a:Category><a:Description>{target.Name} claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>R8</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Repudiation threats involve an adversary denying that something happened.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} claims that it did not write data received from an entity on the other side of the trust boundary. Consider using logging or auditing to record the source, time, and summary of the received data.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Store Denies {target.Name} Potentially Writing Data</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>IU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Information Disclosure (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Can you access {target.Name} and bypass the permissions for the object? For example by editing the files directly with a hex editor, or reaching it via filesharing? Ensure that your program is the only one that can access the data, and that all other subjects have to use your interface.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and source.implementsCustomAuthorizationMechanism is 'Yes'</a:Include></a:GenerationFilters><a:Id>I2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Can you access {target.Name} and bypass the permissions for the object? For example by editing the files directly with a hex editor, or reaching it via filesharing? Ensure that your program is the only one that can access the data, and that all other subjects have to use your interface.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Authorization Bypass</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Data flowing across {flow.Name} may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</a:Description><a:GenerationFilters><a:Exclude>flow.providesConfidentiality is 'Yes'</a:Exclude><a:Include>((source is 'GE.P' or source is 'GE.EI') and target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')) or (source is 'GE.P' and target is 'GE.DS' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B'))</a:Include></a:GenerationFilters><a:Id>I6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Data flowing across {flow.Name} may be sniffed by an attacker. Depending on what type of data an attacker can read, it may be used to attack other parts of the system or simply be a disclosure of information leading to compliance violations. Consider encrypting the data flow.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Flow Sniffing</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Improper data protection of {source.name} can allow an attacker to read information not intended for disclosure. Review authorization settings.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.DS' and (target is 'GE.P' or target is 'GE.EI')</a:Include></a:GenerationFilters><a:Id>I23</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Improper data protection of {source.name} can allow an attacker to read information not intended for disclosure. Review authorization settings.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Access Control for a Resource</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS' and target.storesCredentials is 'Yes'</a:Include></a:GenerationFilters><a:Id>I24</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Credentials held at the server are often disclosed or tampered with and credentials stored on the client are often stolen. For server side, consider storing a salted hash of the credentials instead of storing the credentials themselves. If this is not possible due to business requirements, be sure to encrypt the credentials before storage, using an SDL-approved mechanism. For client side, if storing credentials is required, encrypt them and protect the data store in which they're stored</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Credential Storage</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Credentials on the wire are often subject to sniffing by an attacker. Are the credentials re-usable/re-playable? Are credentials included in a message? For example, sending a zip file with the password in the email. Use strong cryptography for the transmission of credentials. Use the OS libraries if at all possible, and consider cryptographic algorithm agility, rather than hardcoding a choice.</a:Description><a:GenerationFilters><a:Exclude>flow is 'SE.DF.TMCore.HTTPS' or flow is 'SE.DF.TMCore.IPsec'</a:Exclude><a:Include>source is 'GE.P' and (target is 'GE.P' or target is 'GE.DS') and (flow crosses 'SE.TB.L.TMCore.Machine')</a:Include></a:GenerationFilters><a:Id>I25</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Credentials on the wire are often subject to sniffing by an attacker. Are the credentials re-usable/re-playable? Are credentials included in a message? For example, sending a zip file with the password in the email. Use strong cryptography for the transmission of credentials. Use the OS libraries if at all possible, and consider cryptographic algorithm agility, rather than hardcoding a choice.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Credential Transit</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>I</a:Category><a:Description>Custom authentication schemes are susceptible to common weaknesses such as weak credential change management, credential equivalence, easily guessable credentials, null credentials, downgrade authentication or a weak credential change management system. Consider the impact and potential mitigations for your custom authentication scheme.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.P' and source.implementsAuthenticationScheme is 'Yes'</a:Include></a:GenerationFilters><a:Id>I26</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Information disclosure happens when the information can be read by an unauthorized party.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Custom authentication schemes are susceptible to common weaknesses such as weak credential change management, credential equivalence, easily guessable credentials, null credentials, downgrade authentication or a weak credential change management system. Consider the impact and potential mitigations for your custom authentication scheme.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weak Authentication Scheme</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>DU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Denial Of Service (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>Does {source.Name} or {target.Name} take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'GE.P' and target is 'GE.DS'</a:Include></a:GenerationFilters><a:Id>D2</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Does {source.Name} or {target.Name} take explicit steps to control resource consumption? Resource consumption attacks can be hard to deal with, and there are times that it makes sense to let the OS do the job. Be careful that your resource requests don't deadlock, and that they do timeout.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Excessive Resource Consumption for {source.Name} or {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>{target.Name} crashes, halts, stops or runs slowly; in all cases violating an availability metric.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} crashes, halts, stops or runs slowly; in all cases violating an availability metric.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Potential Process Crash or Stop for {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>An external agent interrupts data flowing across a trust boundary in either direction.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D4</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An external agent interrupts data flowing across a trust boundary in either direction.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Flow {flow.Name} Is Potentially Interrupted</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>D</a:Category><a:Description>An external agent prevents access to a data store on the other side of the trust boundary.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.DS' or target is 'GE.DS') and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>D5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Denial of Service happens when the process or a datastore is not able to service incoming requests or perform up to spec.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An external agent prevents access to a data store on the other side of the trust boundary.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Data Store Inaccessible</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Threat was migrated from V3.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>source is 'ROOT'</a:Include></a:GenerationFilters><a:Id>EU</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Threat was migrated from V3.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation Of Privilege (v3)</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Common SSO implementations such as OAUTH2 and OAUTH Wrap are vulnerable to MitM attacks.</a:Description><a:GenerationFilters><a:Exclude>(target is 'SE.EI.TMCore.AuthProvider' and target.MS is 'Yes')</a:Exclude><a:Include>target is 'SE.EI.TMCore.AuthProvider'</a:Include></a:GenerationFilters><a:Id>E3</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Common SSO implementations such as OAUTH2 and OAUTH Wrap are vulnerable to MitM attacks.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Weakness in SSO Authorization</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>{target.Name} may be able to impersonate the context of {source.Name} in order to gain additional privilege.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>(source is 'GE.EI' or source is 'GE.P') and target is 'GE.P'</a:Include></a:GenerationFilters><a:Id>E5</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{target.Name} may be able to impersonate the context of {source.Name} in order to gain additional privilege.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation Using Impersonation</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>{source.Name} may be able to remotely execute code for {target.Name}.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>E6</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>{source.Name} may be able to remotely execute code for {target.Name}.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>{target.Name} May be Subject to Elevation of Privilege Using Remote Code Execution</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>An attacker may pass data into {target.Name} in order to change the flow of program execution within {target.Name} to the attacker's choosing.</a:Description><a:GenerationFilters><a:Exclude/><a:Include>target is 'GE.P' and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>E7</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>A user subject gains increased capability or privilege by taking advantage of an implementation bug.</b:string></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>An attacker may pass data into {target.Name} in order to change the flow of program execution within {target.Name} to the attacker's choosing.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory i:nil="true"/><a:ShortTitle>Elevation by Changing the Execution Flow in {target.Name}</a:ShortTitle></a:ThreatType><a:ThreatType><a:IsExtension>false</a:IsExtension><a:Category>E</a:Category><a:Description>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</a:Description><a:GenerationFilters><a:Exclude>(source is 'SE.P.TMCore.OSProcess' or source is 'SE.P.TMCore.Thread' or source is 'SE.P.TMCore.KernelThread' or source is 'SE.P.TMCore.WinApp' or source is 'SE.P.TMCore.NetApp' or source is 'SE.P.TMCore.WebServer' or source is 'SE.P.TMCore.Win32Service' or  source is 'SE.P.TMCore.WebSvc' or source is 'SE.P.TMCore.VM' or (source is 'SE.P.TMCore.Modern' and source.internetClientServer is 'No' and source.internetClient is 'No' ) or source is 'SE.EI.TMCore.AuthProvider' or source is 'SE.EI.TMCore.WebSvc' or source is 'SE.EI.TMCore.WebApp' or source is 'SE.EI.TMCore.Megasevrice' or source is 'SE.EI.TMCore.CRT' or source is 'SE.EI.TMCore.NFX' or source is 'SE.EI.TMCore.WinRT' ) or (target is 'SE.P.TMCore.ThickClient' or target is 'SE.P.TMCore.BrowserClient' or target is 'SE.P.TMCore.PlugIn' or target is 'SE.P.TMCore.Modern') or (flow crosses 'SE.TB.L.TMCore.Machine' or flow crosses 'SE.TB.L.TMCore.Kernel' or flow crosses 'SE.TB.L.TMCore.AppContainer' or flow crosses 'SE.TB.B.TMCore.CorpNet' or flow crosses 'SE.TB.B.TMCore.Sandbox')</a:Exclude><a:Include>(source is 'GE.P' or  source is  'GE.EI') and (target is 'GE.P' ) and (flow.authenticatesSource is 'Not Selected' or  flow.authenticatesSource is 'Yes') and (flow.54851a3b-65da-4902-b4e0-94ef015be735 is 'None' or flow.54851a3b-65da-4902-b4e0-94ef015be735 is 'Not Selected' ) and (flow crosses 'GE.TB.L' or flow crosses 'GE.TB.B')</a:Include></a:GenerationFilters><a:Id>8404dcf5-bdd8-4902-abc2-3b6c967b0261</a:Id><a:PropertiesMetaData><ThreatMetaDatum><Name>UserThreatShortDescription</Name><Label>Short Description</Label><HideFromUI>true</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>5d3b996b-aed5-4d95-8cf6-617bb67bf042</Id></ThreatMetaDatum><ThreatMetaDatum><Name>UserThreatDescription</Name><Label>Description</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>Cross-site request forgery (CSRF or XSRF) is a type of attack in which an attacker forces a user's browser to make a forged request to a vulnerable site by exploiting an existing trust relationship between the browser and the vulnerable web site.  In a simple scenario, a user is logged in to web site A using a cookie as a credential.  The other browses to web site B.  Web site B returns a page with a hidden form that posts to web site A.  Since the browser will carry the user's cookie to web site A, web site B now can take any action on web site A, for example, adding an admin to an account.  The attack can be used to exploit any requests that the browser automatically authenticates, e.g. by session cookie, integrated authentication, IP whitelisting, …  The attack can be carried out in many ways such as by luring the victim to a site under control of the attacker, getting the user to click a link in a phishing email, or hacking a reputable web site that the victim will visit. The issue can only be resolved on the server side by requiring that all authenticated state-changing requests include an additional piece of secret payload (canary or CSRF token) which is known only to the legitimate web site and the browser and which is protected in transit through SSL/TLS. See the Forgery Protection property on the flow stencil for a list of mitigations.</b:string></Values><Id>cf377f97-9dea-42d6-ae63-b097c4a8ec4d</Id></ThreatMetaDatum><ThreatMetaDatum><Name>Priority</Name><Label>Priority</Label><HideFromUI>false</HideFromUI><Values xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string i:nil="true"/></Values><Id>bc9c6e2a-15d0-4863-9cac-589e51e4ca1e</Id></ThreatMetaDatum></a:PropertiesMetaData><a:RelatedCategory/><a:ShortTitle>Cross Site Request Forgery</a:ShortTitle></a:ThreatType></a:ThreatTypes></KnowledgeBase><Profile><PromptedKb xmlns=""/></Profile></ThreatModel>