CC-D-1 — Kubernetes pod restarts clear in-memory JTI blacklist
Component: Cross-Cutting. Mitigations: Short token expiry limits window. Action: Use Redis-backed or distributed JTI blacklist for production HA
| Property | Value |
|---|---|
| Section | Denial of Service |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-AUTH-02 | JWT Bearer Token Session Management |
| SID-OPS-07 | Fraud Management |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md