STRIDE is a model for identifying computer security threats[1] developed by Praerit Garg and Loren Kohnfelder at Microsoft.
It is used in conjunction with a model of the target system that can be constructed in parallel.
[5] Today it is often used by security experts to help answer the question "what can go wrong in this system we're working on?"
Each threat is a violation of a desirable property for a system: Repudiation is unusual because it's a threat when viewed from a security perspective, and a desirable property of some privacy systems, for example, Goldberg's "Off the Record" messaging system.
This is a useful demonstration of the tension that security design analysis must sometimes grapple with.