There are multiple aspects to this pull request. Many of them are refactoring and having attack steps behave according to a common pattern, in this respect this pull request is very relevant as a template for the future #77 effort.
First, have attack steps on Data propagate to Data contained in Data based on the impact attack steps(Read, Write, Delete, and Deny) rather than propagating Access.
Second, as a result of the above mentioned change, a small bug was fixed that meant that Data contained in Data was not properly impacted if it was compromised via SpecificAccess and an Identity that provided the privileges.
Third, have the Data impact attack steps themselves propagate the disruption one level at a time rather than using the * recursion.
Fourth, rename the attack steps to fit the new IAMObject superclass concept from Identity[Read|Write|Delete] to Authorized[Read|Write|Delete].
There are multiple aspects to this pull request. Many of them are refactoring and having attack steps behave according to a common pattern, in this respect this pull request is very relevant as a template for the future #77 effort.
First, have attack steps on
Datapropagate toDatacontained inDatabased on the impact attack steps(Read,Write,Delete, andDeny) rather than propagatingAccess.Second, as a result of the above mentioned change, a small bug was fixed that meant that
Datacontained inDatawas not properly impacted if it was compromised viaSpecificAccessand anIdentitythat provided the privileges.Third, have the
Dataimpact attack steps themselves propagate the disruption one level at a time rather than using the*recursion.Fourth, rename the attack steps to fit the new
IAMObjectsuperclass concept fromIdentity[Read|Write|Delete]toAuthorized[Read|Write|Delete].