Threat model for the thin-edge.io

[PradeepKiruvale]

Is your feature improvement request related to a problem? Please describe. Assess the threat model for the thing-edge. Mainly for the child devices. STRIDE model of threats for the communication between the child devices and the thin-edge device.

Mainly what kind of operations can be carried out by the child device on a thin edge via MQTT or HTTP.

Describe the solution you'd like List out the actions that can be carried out by the child device on thin-edge device List out the kind of access control, authentication, and rate limit per MQTT connection or HTTP connection

Describe alternatives you've considered

Additional context

[didier-wenzek]

I would not restrict the STRIDE threat model on the communication between the child devices and thin-edge, but also include the device itself and the communication with the cloud.

As for the outcome, I expect a list of potential security vulnerabilities before trying to list security mechanisms.