05 Aug

An attacker positions it's self between a user and the system. The aim is to intercept and alter data traveling between the two parties . 

For example:

Authentication, the attacker would be positioned between claimant and verifier, between registrant and CSP during enrolment, or between subscriber and CSP during authenticator binding.