Which aspect of STRIDE refers to unauthorized modifications of data?

Tampering is the aspect of STRIDE that specifically addresses unauthorized modifications of data. In the context of security threats, tampering refers to the malicious alteration of data, which can occur during transit or while it is stored. This could include changing the contents of a configuration file, modifying transaction records in a database, or altering software code.

Understanding tampering is crucial in developing security measures to protect the integrity of data. By identifying potential vulnerabilities that allow for such modifications, organizations can implement safeguards like data encryption, access controls, and integrity checks to ensure that data remains unaltered by unauthorized parties.

In contrast, spoofing involves impersonating a legitimate source, repudiation revolves around denying an action or transaction, and information disclosure pertains to unauthorized access to confidential data. These aspects, while all significant in the realm of security threats, do not specifically relate to the direct alteration of data that tampering signifies.