FT-D-1 — Biometric endpoint flooded to exhaust FaceTec capacity
Component: Biometric Verification. Mitigations: Per-IP rate limit + concurrency semaphore (
MaxConcurrentBiometric); 503 when full; 10 MB body cap. Action: None required.
| Property | Value |
|---|---|
| Section | Denial of Service |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-HARD-02 | Input Validation and Injection Prevention |
| SID-HARD-07 | Resource Upload Constraints |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md