Data Supply Chain Threat Model

Understanding the unique threats to data integrity, provenance, and privacy that Makoto Levels (DPL) is designed to address.

Threat Categories

Data supply chains face unique threats beyond traditional software supply chain attacks. Makoto Levels defines eight primary threat categories specific to data workflows.

🎭

D1: Source Impersonation

Attacker claims data originates from a trusted source when it doesn't. Examples: Fake sensor readings, forged API responses, spoofed device IDs.

✏️

D2: Data Tampering

Unauthorized modification of data in transit or at rest. Examples: Man-in-the-middle attacks, database manipulation, log injection.

🔗

D3: Lineage Falsification

Creating false records of data transformations or processing history. Examples: Fake processing timestamps, fabricated transformation chains.

D4: Timestamp Manipulation

Altering temporal metadata to misrepresent when data was collected or processed. Examples: Backdating readings, reordering events, replay attacks.

👤

D5: Unauthorized Attribution

Falsely attributing data processing to legitimate processors or systems. Examples: Stolen signing keys, compromised service accounts.

💾

D6: Attestation Forgery

Creating fake attestation documents that appear valid. Examples: Signature bypass, hash collision attacks, certificate forgery.

🔒

D7: Privacy Violation

Extracting sensitive information from attestations or processing metadata. Examples: Correlation attacks, metadata analysis, timing attacks.

🌊

D8: Stream Injection

Inserting malicious events into high-throughput data streams. Examples: Event spoofing, sequence manipulation, window pollution.

Threat Matrix

This matrix maps each threat to its severity, attack vectors, and the DPL level required to mitigate it.

ID Threat Severity Attack Vector Mitigated By
D1 Source Impersonation Critical Spoofed source identifiers, fake device credentials L1 L2 L3
D2 Data Tampering Critical MITM attacks, storage compromise, injection L1 L2 L3
D3 Lineage Falsification High Fabricated transform attestations, log manipulation L2 L3
D4 Timestamp Manipulation High Clock skew exploitation, replay attacks L2 L3
D5 Unauthorized Attribution High Key theft, service account compromise L2 L3
D6 Attestation Forgery Critical Signature bypass, collision attacks, cert forgery L3
D7 Privacy Violation Medium Metadata analysis, correlation attacks Privacy
D8 Stream Injection High Event spoofing, window manipulation L2 L3 Stream

Attack Surface Visualization

Data supply chains have multiple attack surfaces at each stage of the pipeline. DPL attestations provide verification points to detect and prevent attacks.

Data Source Origin point D1: Impersonation Fake source ID Transport In transit D2: Tampering MITM attack Processing Transform D3/D5: Lineage False attribution Storage At rest D6: Forgery Fake attestation Consumer End user D7: Privacy Data leakage Makoto Attestation Protection Layer L1: Origin Provenance exists L2: Signed Authentic provenance L3: Hardware Unforgeable Privacy Layer ZK + Redaction D8: Stream Injection High-throughput streams require Merkle windowing for efficient attestation at scale Stream Window Attestation Merkle roots + individual proofs

Threat Coverage by Level

Each DPL level provides progressive protection against the threat categories. Higher levels include all protections from lower levels plus additional guarantees.

Level 1
Provenance Exists

Basic detection through content hashing and metadata capture

D1 Partial D2 Partial D3 D4 D5 D6 D7 D8
Level 2
Authentic Provenance

Cryptographic signatures bind identity to attestations

D1 ✓ D2 ✓ D3 ✓ D4 ✓ D5 ✓ D6 Partial D7 D8 ✓
Level 3
Unforgeable Provenance

Hardware-backed attestation prevents key compromise

D1 ✓ D2 ✓ D3 ✓ D4 ✓ D5 ✓ D6 ✓ D7 + Privacy D8 ✓

SLSA vs DPL Threat Comparison

While SLSA focuses on software build integrity, Makoto Levels addresses the unique threats in data pipelines. Both frameworks share common security principles but differ in their threat focus.

SLSA Threats (Software)
  • Compromised source repository
  • Modified source after checkout
  • Compromised build platform
  • Uploaded modified package
  • Compromised package registry
  • Dependency confusion
  • Compromised build dependencies
Makoto Threats (Data)
  • D1: Source impersonation
  • D2: Data tampering in transit/rest
  • D3: Lineage falsification
  • D4: Timestamp manipulation
  • D5: Unauthorized processor attribution
  • D6: Attestation forgery
  • D7: Privacy leakage from metadata
  • D8: Stream injection attacks

Shared Principles

Both SLSA and DPL share core security principles:

  • Progressive levels: Start simple, increase security as needed
  • Attestation-based: Verifiable claims about provenance
  • in-toto compatible: Use DSSE envelope format
  • Non-forgeable at highest level: Hardware-backed guarantees
  • Tamper-evident: Modifications are detectable

Defense in Depth

Makoto Levels implements multiple layers of defense. Start with Level 1 for visibility, then progressively enhance security based on your threat model.

🔍 Detection

Content hashing enables detection of any unauthorized modifications

✍️ Authentication

Cryptographic signatures prove who created or transformed data

🔐 Non-repudiation

Hardware-backed keys prevent denial of attestation creation

🕵️ Privacy

Zero-knowledge proofs and redaction protect sensitive metadata