()

Client application
API endpoint


Protocol	HTTP



1. API inbound security pattern [Threat Model]



			SP-TE-36: Unauthorized changes or manipulation of information data records
			CAPEC-125: Flooding
			SP-TE-23: Adversary in the middle attack or network traffic modification
			SP-TE-27: Exploit hardware or platform vulnerabilities
			SP-TE-29: Web application attacks or code injection attack