Enhancing Security in International Data Spaces: A STRIDE Framework Approach
Round 1
Reviewer 1 Report
Comments and Suggestions for AuthorsThe authors of this paper conduct a STRIDE-based threat analysis on the International Data Spaces (IDS) framework, assessing its vulnerability to both traditional and emerging cybersecurity threats. They identify several novel attack vectors, including Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors. The paper emphasizes vulnerabilities at the trust boundary between users and the IDS system, such as Denial of Service (DoS) risks and weaknesses in key management. The authors propose targeted mitigation strategies and recommendations to enhance the security and resilience of IDS, providing foundational insights for the development of more secure data exchange architectures.
There are numerous platforms available for IDS analysis; however, it would be helpful to explain why your STRIDE-based approach offers advantages over existing ones.
While the paper provides a thorough STRIDE analysis of the identified vulnerabilities, the mitigation strategies outlined in Table 9 tend to be general and high-level. For instance, the strategy for mitigating SIM swapping (v03, v17, v22) suggests actions like "monitoring mobile accounts for unusual activities" or "enforcing strict identity verification," but it lacks concrete tools, processes, or examples that would help organizations practically implement these strategies. Providing more specific, actionable recommendations, such as utilizing multi-factor authentication beyond SMS or integrating with identity management systems, would make the paper’s findings more practically applicable.
The methodology section lacks sufficient detail. It would be beneficial to provide the model or mathematical framework of your approach in a separate section.
Additionally, offering pseudocode or a flowchart for your framework would improve understanding and clarity.
While the authors mention GDPR and NIS2 in the abstract and Background and Related Work sections, these regulations are not discussed in the Methodology section. A more detailed exploration of how your framework aligns with or addresses these regulations would enhance the paper's relevance and applicability.
Finally, the conclusion should emphasize the novelty of your approach and how it advances the field in comparison to existing solutions.
Author Response
The authors of this paper conduct a STRIDE-based threat analysis on the International Data Spaces (IDS) framework, assessing its vulnerability to both traditional and emerging cybersecurity threats. They identify several novel attack vectors, including Man-in-the-Middle (MitM) attacks, compromised end-user devices, SIM swapping, and potential backdoors. The paper emphasizes vulnerabilities at the trust boundary between users and the IDS system, such as Denial of Service (DoS) risks and weaknesses in key management. The authors propose targeted mitigation strategies and recommendations to enhance the security and resilience of IDS, providing foundational insights for the development of more secure data exchange architectures.
Comment 1: There are numerous platforms available for IDS analysis; however, it would be helpful to explain why your STRIDE-based approach offers advantages over existing ones.
Response 1: We have further clarified our choice of methodology in the related work section (2.2). STRIDE is a simple and well-established methodology, and we do not see a need to use more advanced techniques to analyze a framework that is not even fully operational yet.
Comment 2: While the paper provides a thorough STRIDE analysis of the identified vulnerabilities, the mitigation strategies outlined in Table 9 tend to be general and high-level. For instance, the strategy for mitigating SIM swapping (v03, v17, v22) suggests actions like "monitoring mobile accounts for unusual activities" or "enforcing strict identity verification," but it lacks concrete tools, processes, or examples that would help organizations practically implement these strategies. Providing more specific, actionable recommendations, such as utilizing multi-factor authentication beyond SMS or integrating with identity management systems, would make the paper’s findings more practically applicable.
Response 2: We have improved the mitigation strategy explanations, narrowing them down to more specific examples and providing more practical advice.
Comment 3: The methodology section lacks sufficient detail. It would be beneficial to provide the model or mathematical framework of your approach in a separate section. Additionally, offering pseudocode or a flowchart for your framework would improve understanding and clarity.
Response 3: We have added a more detailed description and pseudocode describing the process of applying the STRIDE methodology to the IDS. The additions were made to the existing methodology section.
Comment 4: While the authors mention GDPR and NIS2 in the abstract and Background and Related Work sections, these regulations are not discussed in the Methodology section. A more detailed exploration of how your framework aligns with or addresses these regulations would enhance the paper's relevance and applicability.
Response 4: Our methodology section focuses on the technical STRIDE-based threat modeling process rather than compliance aspects. GDPR is a major factor behind the necessity for the IDS, which will be affected by the NIS2 directive. However, these regulations are inherent to the IDS design, and we can only discuss how our findings (threats) may affect the IDS’ compliance. To address the GDPR and NIS2, we have added several sentences in the Discussion section, where we elaborate on how the identified threats could impact the IDS’ ability to maintain compliance.
Comment 5: Finally, the conclusion should emphasize the novelty of your approach and how it advances the field in comparison to existing solutions.
Response 5: The conclusion has been improved. At the time being, there are no other solutions since nobody else has performed a threat analysis of the IDS. The novelty and advancement of our work lie in addressing the novel threats that have already affected large corporations and might as well affect the IDS once it is operational unless they are anticipated.
Reviewer 2 Report
Comments and Suggestions for AuthorsThis paper discusses a STRIDE threat analysis on IDS to assess its susceptibility to traditional and emerging cybersecurity threats. The idea seems interesting. However, the following comments are provided to clarify the work and enhance the paper.
Comments:
1. The abstract should focus on specific vulnerabilities identified in IDS, such as key management weaknesses or Denial of Service (DoS) risks. Mentioning these aspects early on would better establish the problem statement. Furthermore, the abstract should explicitly state the contributions, such as identifying the most significant threats through STRIDE analysis. Additionally, ensure that all abbreviations are fully spelled out upon first mention to maintain clarity and consistency for readers unfamiliar with the terminology.
2. The flow of ideas in the literature review, particularly in Section 2.1 (“IDS Security”), needs improvement. Currently, the transitions between topics are abrupt, resulting in a fragmented narrative. Refining this section for smoother and more logical progression will enhance the reader's comprehension.
3. The proposed mitigation strategies should be specifically tailored to the needs of IDS, rather than relying on generic industry practices. For instance, consider recommending endpoint security mechanisms that address the unique characteristics of IDS, such as ensuring data sovereignty during information exchanges.
4. The discussion on mitigation strategies lacks empirical evidence. Highlight how these mitigations perform under controlled conditions and provide data to support their effectiveness.
5. While the results section lists various threats and mitigation strategies, it does not include a quantitative assessment to facilitate effective risk prioritization. Introducing a risk-ranking framework would significantly enhance the value by identifying the most critical threats requiring immediate action.
Author Response
- The abstract should focus on specific vulnerabilities identified in IDS, such as key management weaknesses or Denial of Service (DoS) risks. Mentioning these aspects early on would better establish the problem statement. Furthermore, the abstract should explicitly state the contributions, such as identifying the most significant threats through STRIDE analysis. Additionally, ensure that all abbreviations are fully spelled out upon first mention to maintain clarity and consistency for readers unfamiliar with the terminology.
Response 1: We have made the proposed improvements to our abstract. Two of the last sentences now clearly state contributions. Abbreviations have been double-checked, and a few mistakes have been fixed. Key mismanagement and DoS attacks are traditional threats and were just some of the identified ones in addition to MitM, backdoors, SIM swapping, and compromised end-user devices, which we introduced in two sentences before. We addressed the latter as “the mentioned novel threats” to avoid repetitiveness.
- The flow of ideas in the literature review, particularly in Section 2.1 (“IDS Security”), needs improvement. Currently, the transitions between topics are abrupt, resulting in a fragmented narrative. Refining this section for smoother and more logical progression will enhance the reader's comprehension.
Response 2: Section 2 has been rearranged for a more comprehensible flow of topics and a smoother transition between the paragraphs.
- The proposed mitigation strategies should be specifically tailored to the needs of IDS, rather than relying on generic industry practices. For instance, consider recommending endpoint security mechanisms that address the unique characteristics of IDS, such as ensuring data sovereignty during information exchanges.
Response 3: The nature of the discussed threats is also general. The companies affected in the recent incidents belong to entirely different domains. The IDS already has mechanisms for securing stored data and data in transit (we added this to the manuscript to clarify it). The threat to data in transit may appear if the encryption keys are compromised via some of the discussed attacks. The IDS-specific threats come from the fact that data sovereignty may not hold if the components responsible for it are compromised or unavailable. However, defending these components is pretty straightforward.
- The discussion on mitigation strategies lacks empirical evidence. Highlight how these mitigations perform under controlled conditions and provide data to support their effectiveness.
Response 4: We have significantly expanded the discussion section regarding the mitigation strategies and included a few references from research and industry to validate the effectiveness of some of these measures.
- While the results section lists various threats and mitigation strategies, it does not include a quantitative assessment to facilitate effective risk prioritization. Introducing a risk-ranking framework would significantly enhance the value by identifying the most critical threats requiring immediate action.
Response 5: Our study is limited to threat modeling. Risk assessment requires introducing another methodology, which is currently out of our scope due to the lack of data. The IDS testbed is not fully functional yet, and we would lack the data required for a proper assessment, such as the deployment environments, user patterns, and system reliability metrics. However, we agree with this statement, and we have addressed the need for risk assessment in future work and the reasoning behind our decision not to conduct one.
Reviewer 3 Report
Comments and Suggestions for Authors1. Introduction – Strengthen Context and Justification (Page 1, Lines 15–30):
- The introduction establishes the relevance of IoT and data security well but lacks detailed justification for using the STRIDE methodology over alternatives such as LINDDUN or OCTAVE.
- Suggestion: Include a comparison of these methodologies and justify why STRIDE is the most suitable for IDS systems.
2. Research Gap – Clearly State the Problem (Page 1, Lines 31–40):
- The problem statement is implied but not explicitly stated.
- Suggestion: Clearly articulate the research gap, such as: “Existing IDS frameworks do not comprehensively address threat identification in dynamic IoT environments.”
3. Figures – Improve Annotations (Page 3, Figures 1–2):
- The diagrams lack detailed annotations and labels for some components, reducing clarity.
- Suggestion: Add labels and a legend to explain technical terms and abbreviations used in the figures, making them more accessible.
4. Dataset Description – Expand Details (Page 4, Lines 70–85):
- The manuscript briefly mentions the IDS testbed but does not elaborate on its scale, configuration, or diversity.
- Suggestion: Provide a detailed description of the dataset, including the number of devices, data volume, and types of threats simulated.
5. STRIDE Analysis – Explain Threat Enumeration (Page 5, Lines 100–130):
- The steps for enumerating threats using STRIDE are underexplained.
- Suggestion: Include an example step-by-step process of how a specific threat (e.g., spoofing) is identified and mitigated.
6. Evaluation Metrics – Define Clearly (Page 6, Lines 150–160):
- Terms like "accuracy of threat identification" and "response times" are mentioned but not quantified.
- Suggestion: Clearly define evaluation metrics, such as percentage accuracy or latency, and provide a benchmark for comparison.
7. Security Validation – Include Threat Examples (Page 6, Lines 170–180):
- The security validation lacks examples of identified threats and their mitigation strategies.
- Suggestion: Provide concrete examples, such as a detected replay attack, its implications, and how it was mitigated.
8. Real-World Applicability – Discuss Challenges (Page 7, Lines 200–215):
- The practical challenges of implementing the proposed system, such as scalability and hardware limitations, are not discussed.
- Suggestion: Address these challenges and propose solutions, e.g., incorporating distributed systems or cloud integration.
9. Figures and Tables – Add Comparative Analysis (Page 7, Lines 190–220):
- The results are presented but lack a comparison with existing systems or benchmarks.
- Suggestion: Include a table comparing the proposed system with other IDS frameworks in terms of accuracy, cost, and performance.
10. Discussion – Address Ethical Concerns (Page 8, Lines 230–240):
- Ethical considerations, such as the potential for false positives or misuse of IDS data, are not addressed.
- Suggestion: Include a subsection discussing these concerns and how they can be mitigated.
11. Future Work – Provide Measurable Objectives (Page 8, Lines 250–260):
- The future work section is generic and lacks specific goals.
- Suggestion: Propose measurable objectives, such as reducing response time below a certain threshold or expanding testbeds to 100+ devices.
12. References – Add Recent Works (Page 9, References):
- The references are relevant but lack recent studies from 2022–2024.
- Suggestion: Include newer studies on IoT security frameworks and advancements in STRIDE methodology.
13. Terminology – Define Technical Terms (Throughout):
- Terms like "threat modeling," "context diagram," and "testbed configuration" are used without definition.
- Suggestion: Add a glossary or define these terms when they first appear.
14. Abstract – Add Specific Results (Page 1, Lines 1–12):
- The abstract provides a general overview but lacks specific results.
- Suggestion: Include quantitative findings, e.g., “The system identified 98% of threats with an average response time of 1.2 seconds.”
15. Grammar and Style – Simplify Complex Sentences (Throughout):
- Some sentences are overly complex and difficult to follow. For example, on Page 3, Line 80, rewrite:
“The identified threats can be mitigated using customized solutions tailored to the unique testbed configuration.”
Simplified: “Identified threats are mitigated using tailored solutions for the testbed.”
Author Response
- Introduction – Strengthen Context and Justification (Page 1, Lines 15–30):
- The introduction establishes the relevance of IoT and data security well but lacks detailed justification for using the STRIDE methodology over alternatives such as LINDDUN or OCTAVE.
- Suggestion: Include a comparison of these methodologies and justify why STRIDE is the most suitable for IDS systems.
Response 1: We have added a few sentences regarding the justification of STRIDE methodology in related work (2.2). It is the oldest and most well-established methodology, and while others offer different approaches to threat modeling, we do not see a need for it in the case of the IDS testbed. This is because the newer methodologies take additional factors into consideration, and we do not possess any such data at the time being. Hence, other methodologies would not serve their purpose and be used to their full extent.
- Research Gap – Clearly State the Problem (Page 1, Lines 31–40):
- The problem statement is implied but not explicitly stated.
- Suggestion: Clearly articulate the research gap, such as: “Existing IDS frameworks do not comprehensively address threat identification in dynamic IoT environments.”
Response 2: We have improved the introduction section and explicitly stated that there is no threat assessment of the IDS due to the novelty of the system and the discussed threats.
- Figures – Improve Annotations (Page 3, Figures 1–2):
- The diagrams lack detailed annotations and labels for some components, reducing clarity.
- Suggestion: Add labels and a legend to explain technical terms and abbreviations used in the figures, making them more accessible.
Response 3: The first diagram was taken directly from the IDS testbed GitHub with the addition of trust boundaries that we added. We added the missing abbreviations in the text shortly before the figure's introduction. Since there are many abbreviations, we think it is better to introduce them before the image, as doing so in the image would overload it with text.
The second figure is a standard representation of an attack tree showing how a hacker can achieve the hacking goal, which is stated as the tree's root. We added a description of the attack tree in the sentence following the introduction of the figure. We used different box colors to signify different levels in the tree hierarchy.
- Dataset Description – Expand Details (Page 4, Lines 70–85):
- The manuscript briefly mentions the IDS testbed but does not elaborate on its scale, configuration, or diversity.
- Suggestion: Provide a detailed description of the dataset, including the number of devices, data volume, and types of threats simulated.
Response 4: The IDS testbed referenced is an open-source conceptual framework rather than a deployed system with a dataset of devices or simulated attacks. In our work, we performed a manual STRIDE threat modeling exercise on the proposed architecture, relying on documentation and architectural descriptions rather than empirical data or simulations. As such, there are no specific details to provide regarding the number of devices, data volume, or configuration diversity because we did not use any physical hardware, networked devices, or synthetic datasets. The analysis was theoretical, identifying potential vulnerabilities based on the envisioned structure of the IDS and general security principles rather than on real-world measurements or test results from a deployed system. We updated the methodology section to address this misunderstanding.
- STRIDE Analysis – Explain Threat Enumeration (Page 5, Lines 100–130):
- The steps for enumerating threats using STRIDE are underexplained.
- Suggestion: Include an example step-by-step process of how a specific threat (e.g., spoofing) is identified and mitigated.
Response 5: We added an algorithm (pseudocode) describing the entire STRIDE analysis process, including threat identification. We also updated the methodology section to say that this process is typically conducted manually by a cybersecurity analyst who considers many factors, requiring critical thinking, expertise, and judgment to translate high-level guidelines into actionable threat insights and appropriate countermeasures.
- Evaluation Metrics – Define Clearly (Page 6, Lines 150–160):
- Terms like "accuracy of threat identification" and "response times" are mentioned but not quantified.
- Suggestion: Clearly define evaluation metrics, such as percentage accuracy or latency, and provide a benchmark for comparison.
Response 6: It appears there may be a misunderstanding. Our manuscript does not reference "accuracy of threat identification" or "response times," nor do we present any metrics along those lines. Our work focuses on applying the STRIDE methodology to identify potential vulnerabilities conceptually rather than measuring or comparing performance metrics.
- Security Validation – Include Threat Examples (Page 6, Lines 170–180):
- The security validation lacks examples of identified threats and their mitigation strategies.
- Suggestion: Provide concrete examples, such as a detected replay attack, its implications, and how it was mitigated.
Response 7: We have significantly enhanced the discussion section and included more papers from research and industry regarding threat mitigation strategies and effectiveness.
- Real-World Applicability – Discuss Challenges (Page 7, Lines 200–215):
- The practical challenges of implementing the proposed system, such as scalability and hardware limitations, are not discussed.
- Suggestion: Address these challenges and propose solutions, e.g., incorporating distributed systems or cloud integration.
Response 8: Our work focuses on conducting a threat analysis rather than evaluating the practical deployment, scalability, or hardware requirements of the IDS framework. Questions about scaling, hardware constraints, and deployment in distributed or cloud-based environments depend on how organizations choose to implement the framework in their infrastructures. At this stage, the IDS specification does not prescribe fixed hardware or deployment models. Instead, it provides guidelines and standards that can be adapted. Future adopters may incorporate distributed architectures, virtualization, or cloud services to address their unique scalability and performance challenges. Without concrete, real-world deployments to analyze, we cannot meaningfully discuss these aspects. Instead, our focus remains on identifying potential security vulnerabilities relevant to any implementation of the IDS. We added a brief discussion regarding additional costs and tradeoffs induced by additional security measures.
- Figures and Tables – Add Comparative Analysis (Page 7, Lines 190–220):
- The results are presented but lack a comparison with existing systems or benchmarks.
- Suggestion: Include a table comparing the proposed system with other IDS frameworks in terms of accuracy, cost, and performance.
Response 9: Our study focuses on threat modeling for the envisioned IDS framework rather than benchmarking its performance or cost against other implementations. Since we are not evaluating an operational system and have not gathered performance metrics or cost data, such a comparative analysis is outside the scope of this work.
- Discussion – Address Ethical Concerns (Page 8, Lines 230–240):
- Ethical considerations, such as the potential for false positives or misuse of IDS data, are not addressed.
- Suggestion: Include a subsection discussing these concerns and how they can be mitigated.
Response 10: Our work is focused on the technical aspects of threat identification using STRIDE, which is not designed to directly address ethical considerations such as data misuse or false positives. While the IDS architecture (including components like ParIS and RBAC mechanisms) provides administrators with tools to manage access control and policy enforcement, the ethical handling of data, the potential for misuse, and the implications of false positives fall outside the immediate scope of our threat modeling efforts. To acknowledge these concerns, we have added a brief note in the Discussion section, emphasizing that ethical issues, policy decisions, and proper oversight are critical for preventing misuse and ensuring responsible data handling.
- Future Work – Provide Measurable Objectives (Page 8, Lines 250–260):
- The future work section is generic and lacks specific goals.
- Suggestion: Propose measurable objectives, such as reducing response time below a certain threshold or expanding testbeds to 100+ devices.
Response 11: Our study is conceptual and focuses solely on manually conducted threat modeling within a theoretical IDS environment. We have not deployed a fully operational system and thus cannot define or measure objectives like response times or device count. Our future work section outlines logical next steps, such as conducting a more detailed analysis once the software matures rather than committing to specific quantitative targets. As the IDS evolves and real-world parameters become available, such performance-related objectives may become more appropriate.
- References – Add Recent Works (Page 9, References):
- The references are relevant but lack recent studies from 2022–2024.
- Suggestion: Include newer studies on IoT security frameworks and advancements in STRIDE methodology.
Response 12: We agree that recent research is important, and we have tried to keep our references as fresh as possible. However, studies from 2022, especially from 2023 to 2024, are very limited. Additionally, while conducting our literature review, we found that most foundational advancements in STRIDE methodology were established in prior years, with relatively fewer major studies published in the specified time frame. To address this suggestion, we revisited the literature and included a reference to recent mitigation strategies published in 2024 and an industry report on DDoS attacks from Q3 2024. We have also added recent system and application security references in the related work section.
- Terminology – Define Technical Terms (Throughout):
- Terms like "threat modeling," "context diagram," and "testbed configuration" are used without definition.
- Suggestion: Add a glossary or define these terms when they first appear.
Response 13: We added sentences that define the mentioned terms and the term “Threat.” However, we believe there has been a misunderstanding regarding the term “testbed configuration,” which we did not use in our manuscript.
- Abstract – Add Specific Results (Page 1, Lines 1–12):
- The abstract provides a general overview but lacks specific results.
- Suggestion: Include quantitative findings, e.g., “The system identified 98% of threats with an average response time of 1.2 seconds.”
Response 14: We have refined the abstract to clarify our approach and highlight the key threats and vulnerabilities identified. However, our study is conceptual, and we manually performed a STRIDE-based threat analysis to an envisioned IDS environment rather than an operational, measurable system. As a result, it is not possible to provide quantitative metrics like detection accuracy percentages or response times. Therefore, while we incorporated some suggestions to improve clarity, we cannot include the requested specific quantitative results.
- Grammar and Style – Simplify Complex Sentences (Throughout):
- Some sentences are overly complex and difficult to follow. For example, on Page 3, Line 80, rewrite:
“The identified threats can be mitigated using customized solutions tailored to the unique testbed configuration.”
Simplified: “Identified threats are mitigated using tailored solutions for the testbed.”
Response 15: We agree that certain sentences can be made more concise. While we strive for clarity and simplicity, we also follow academic writing guidelines that encourage the active voice (rather than passive) and detailed context. Additionally, we used Grammarly to proofread the manuscript.
Reviewer 4 Report
Comments and Suggestions for AuthorsThis paper deals with an exciting topic. The article has been read carefully, and some minor issues have been highlighted in order to be considered by the author(s).
(1) The manuscript offers valuable insights into the vulnerabilities of the IDS framework using STRIDE analysis. However, it would significantly benefit from a comparative evaluation with other cybersecurity threat analysis methodologies or frameworks. By benchmarking the findings against alternative approaches, the study could provide a broader context and a more robust justification for the chosen method and its contributions.
(2) The paper should include an assessment of the computational and resource requirements associated with the proposed threat analysis and mitigation strategies. For instance, evaluating the time complexity of detecting threats or the computational overhead introduced by the recommended mitigation strategies would provide a clearer understanding of their scalability and practicality in real-world applications.
(3) To strengthen the analysis, an ablation study that isolates and evaluates the impact of specific vulnerabilities—such as key management weaknesses, Denial of Service (DoS) risks, or compromised end-user devices—would be highly valuable. This approach would clarify the relative severity of each threat and the effectiveness of corresponding mitigation strategies, offering actionable insights for prioritizing security enhancements.
(4) It would be beneficial to briefly introduce related research on system security from a security perspective.
Author Response
(1) The manuscript offers valuable insights into the vulnerabilities of the IDS framework using STRIDE analysis. However, it would significantly benefit from a comparative evaluation with other cybersecurity threat analysis methodologies or frameworks. By benchmarking the findings against alternative approaches, the study could provide a broader context and a more robust justification for the chosen method and its contributions.
Response 1: We acknowledge the potential value of comparing the STRIDE analysis with alternative methodologies. In the manuscript, we have expanded our reasoning behind choosing this methodology over others. However, applying multiple threat modeling frameworks simultaneously is uncommon, especially when the system is still under development and lacks comprehensive operational data. More complex or data-intensive methodologies would remain underutilized and yield similar conclusions at this stage. As the IDS matures and more concrete data becomes available, future research can explore and benchmark different threat analysis approaches.
(2) The paper should include an assessment of the computational and resource requirements associated with the proposed threat analysis and mitigation strategies. For instance, evaluating the time complexity of detecting threats or the computational overhead introduced by the recommended mitigation strategies would provide a clearer understanding of their scalability and practicality in real-world applications.
Response 2: STRIDE threat modeling is generally performed manually by a skilled cybersecurity analyst rather than executed by a computer, making computational or time-complexity assessments less applicable at this stage. We introduced the pseudocode to the manuscript to clarify the process for reproducibility and transparency. Additionally, we have expanded our discussion to address scalability considerations and the potential costs associated with the recommended mitigation strategies, providing a more practical perspective on their real-world applicability.
(3) To strengthen the analysis, an ablation study that isolates and evaluates the impact of specific vulnerabilities—such as key management weaknesses, Denial of Service (DoS) risks, or compromised end-user devices—would be highly valuable. This approach would clarify the relative severity of each threat and the effectiveness of corresponding mitigation strategies, offering actionable insights for prioritizing security enhancements.
Response 3: We understand the interest in isolating and evaluating the impact of individual vulnerabilities. However, conducting an ablation study or similarly detailed comparative risk assessment requires the system to be more mature, with stable operational data and defined usage patterns. At this stage, our work is limited to conceptual threat modeling rather than quantitative risk evaluation. As the IDS evolves and real-world parameters become available, a more granular analysis, such as determining the relative severity of each threat, would be more meaningful and will be considered in future work. We have incorporated this insight into our discussion section.
(4) It would be beneficial to briefly introduce related research on system security from a security perspective.
Response 4: We have added a paragraph in the related work section to address this request. It includes four relevant and recent references that briefly introduce the broad aspect of system and application security.
Round 2
Reviewer 1 Report
Comments and Suggestions for AuthorsThe authors have improved the paper.
Reviewer 3 Report
Comments and Suggestions for AuthorsThe author might include this into the section on 'Further Improvement' of version 2 as other threat modeling methodologies in comparison with STRIDE, for further improvement of version 2. The advantage of this would be to give readers a more broad view of the possible pros and cons of using STRIDE within the framework of present developments as in the International Data Spaces (IDS). In addition to this, incorporating novel case studies or real world examples of how STRIDE might be applied in analogous technological frameworks would increase the practical value of the paper. The real world relevancy of such methodology could thus be illustrated as the same time while also helping to validate proposed security measures and mitigation strategies. By following this approach, the reader would have a deeper understanding of the subject matter and further interest to apply it on the field of cybersecurity for data spaces.
In addition, incorporating user feedback or expert reviews of the early iterations of the implementation of these security measures provides additional credibility and insight. Then, the author could demonstrate how these strategies perform in operational environments to identify opportunities to close gaps and to propose modifications which strengthen the resilience of IDS against advanced attacks. Furthermore, a section future research directions with the emphasis to the directions in which further investigations might lead to significant improvement in IDS security is good to include. This proactive approach would make the paper a leader in staying relevant to new emerging threats, but also stimulates further research and collaboration in the cybersecurity community.
Reviewer 4 Report
Comments and Suggestions for AuthorsI recommend the acceptance.