Commit 28fe2889 authored by Valerie Aurora's avatar Valerie Aurora
Browse files

Convert remaining two threats into outlines with TODO

parent 3d4c32d1

EN-304-620-1.md

+35 −15
Original line number Diff line number Diff line
@@ -980,15 +980,15 @@ Mitigations for Impact: 


* High to Low: NPII-\*, AUTH-3, AUTH-4, AUTH-5, LOGG-\*, CDST



### C.4.x TH-XXXX: _Short description_

### C.4.x TH-META: Data leaks due to metadata and traffic analysis



_Complete sentence describing the threat._

Attacker may use user metadata such as IP addresses and traffic analysis to gain confidential data.



| Risk factors | Likelihood | Security profiles |

|--------------|------------|-------------------|

|              | High       |                   |

|              | Medium     |                   |

|              | Low        |                   |

| TODO         | High       |                   |

| TODO         | Medium     |                   |

| TODO         | Low        |                   |



| Risk factors      | Impact | Security profiles |

|-------------------|--------|-------------------|
@@ -1000,25 +1000,45 @@ Requirements that mitigate this threat: 


Mitigations for Likelihood:



* Medium to Low: 

* Medium to Low: TODO



* High to Low: 

* High to Low: TODO



Mitigations for Impact:



* Medium to Low: 

* Medium to Low: TODO



* High to Low: 

* High to Low: TODO



> TODO-HAS: Turn below threats into formal threats and mitigations

### C.4.x TH-RDPS: RDPS compromise and isolation



Threat: Deanonymization due to the use of unique egress identifiers (such as IPs)

Attacker may use compromise or isolation errors in remote data processing system to gain access to product assets.



Threat: Metadata and traffic‑analysis risks

| Risk factors | Likelihood | Security profiles |

|--------------|------------|-------------------|

| TODO         | High       |                   |

| TODO         | Medium     |                   |

| TODO         | Low        |                   |



| Risk factors      | Impact | Security profiles |

|-------------------|--------|-------------------|

| DAT = 2 & FUN = 2 | High   | SP-3              |

| all others        | Medium | SP-2, SP-4        |

| DAT = 0 & FUN = 0 | Low    | SP-1              |



Requirements that mitigate this threat: TODO



Mitigations for Likelihood:



* Medium to Low: TODO



* High to Low: TODO



Mitigations for Impact:



  -TR: User interfaces, especially in regard to settings, shall be designed in a manner that prevents unintentional disabling of default security features.

* Medium to Low: TODO



Threat: Manufacturer infra compromise & isolation bugs in a multi-tenant SaaS system

* High to Low: TODO



### C.5.2 Mapping of use cases to risk factors and security profiles