Merge branch 'val/update-mitm' into 'main'

  * User may lack advanced security knowledge

* **UC-2** Privacy conscious household

  * All VPN infrastructure owned, rented, or managed by the user

  * Client installed on router or other network level

  * Obfuscating traffic and IP to avoid tracking by ISPs, data brokers

### C.4.3 List of threats and risk assessments

> TODO-HAS: Renumber C.x tables

> TODO-HAS: Add below threats

- Data leaks

**[TH-MITM]:** Attacker attempts to read or modify traffic by capturing and relaying activity between endpoints

| Risk factors       | Likelihood |

|--------------------|------------|

| CFG > 1 or ADM = 2 | High       |

| CFG > 1 or ADM = 1 | Medium     |

| CFG = 0 & ADM = 0  | Low        |

| Risk factors | Likelihood | Security profile |

|--------------|------------|------------------|

| ADM = 2      | High       | SP-1, SP-3       |

| all others   | Medium     | SP-2             |

| ADM = 0      | Low        | SP-4             |

_Table C.4_

| Risk factors                 | Impact |

|------------------------------|--------|

| max(DAT, FUN) = 2 or RDP > 0 | High   |

| max(DAT, FUN) = 1            | Medium |

| max(DAT, FUN) = 0            | Low    |

| Risk factors      | Impact | Security profile |

|-------------------|--------|------------------|

| max(DAT, FUN) = 2 | High   | SP-3, SP-4       |

| max(DAT, FUN) = 1 | Medium | SP-2             |

| max(DAT, FUN) = 0 | Low    | SP-1             |

_Table C.5_

Requirements: CRYPT-1, CRYPT-2

Requirements: CRYPT, NPII, LOGG

| Likelihood | Impact     | Mitigation                     | Security profile |

|------------|------------|--------------------------------|------------------|

| High       | High       | CRYPT-1, CRYPT-2, NPII-2, LOGG | SP-3             |

| all others | all others | CRYPT-2, LOGG                  | SP-1, SP-2, SP-4 |

**[TH-LEAK]:** Attacker reads sensitive data sent outside the VPN connection by the product.

* High to Low: NPII-\*, NPII- LOGG

**[TH-XXXX]:** 

| Risk factors | Likelihood | Security profile |

|--------------|------------|------------------|

| CNC = 2      | High       | SP-\*            |

| CNC = 1      | Medium     | none             |

| CNC = 0      | Low        | none             |

_Table C.4_

| Risk factors      | Impact | Security profile |

|-------------------|--------|------------------|

| max(DAT, FUN) = 2 | High   | SP-3             |

| max(DAT, FUN) = 1 | Medium | SP-2, SP-4       |

| max(DAT, FUN) = 0 | Low    | SP-1             |

Requirements that mitigate this threat: 

Mitigations for Likelihood:

* Medium to Low: 

* High to Low: 

Mitigations for Impact:

* Medium to Low: 

* High to Low: 

### C.5. Mapping of use cases to risk factors and security profiles

| Use case | Description                 | CFG | AUT | DAT | FUN | ADM | RDP | CNC | SP   |

|----------|-----------------------------|-----|-----|-----|-----|-----|-----|-----|------|

| UC-1     | Individual consumer         | 1   | 0   | 0   | 0   | 2   | 2   | 2   | SP-1 |

| UC-2     | Privacy conscious household | 1   | 0   | 1   | 1   | 1   | 2   | 2   | SP-2 |

| UC-3     | Journalist or activist      | 1   | 1   | 2   | 2   | 1   | 2   | 2   | SP-3 |

| UC-4     | Small organization          | 2   | 1   | 1   | 1   | 0   | 1   | 2   | SP-4 |

| UC-2     | Privacy conscious household | 1   | 0   | 1   | 1   | 1   | 0   | 2   | SP-2 |

| UC-3     | Journalist or activist      | 1   | 1   | 2   | 2   | 2   | 2   | 2   | SP-3 |

| UC-4     | Small organization          | 2   | 1   | 2   | 1   | 0   | 1   | 2   | SP-4 |

_Table C.TODO — Use cases mapped to risk factors and security profiles_