Commit 819e8e61 authored by Aki Braun's avatar Aki Braun
Browse files

[AB 1] New UC for Enterprise VPN Client solution

parent ee7f5c60

EN-304-620.md

+18 −6
Original line number Diff line number Diff line
@@ -437,6 +437,15 @@ See [\[i.3\]](#_ref_i.3) for formal definitions of micro, small, and medium-size 
    * Critical for business operations

    * Needs to inspect traffic extensively for security



* **UC-6** Enterprise with independent VPN infrastructure

    * All enterprise users with limited technical knowledge

    * Desires partial or full time remote access to enterprise network

    * Accesses one or some remote networks via enterprise gateway

    * Configuration managed by administrators, pushed via gateway and/or third party solution

    * Device managed by administrators, including VPN client lifecycle (install, update, etc....), via dedicated tools

    * Most of security is managed by other components (gateway for network, local EDR for endpoint security, ....)

    * Does not see VPN as critical for core business operations



# 5 Requirements specifications



::include{file=clauses/5.Requirements.md}
@@ -615,15 +624,15 @@ Rationale: Different connectivity requirements create different risks and mitiga 
* **[CON-1]** Usage is one or more endpoints connecting to other endpoints or hosts via a private network

* **[CON-2]** Usage is multiple endpoints connecting to each other via a private network, in addition to connecting to a public network



### C.2.11 RF-PER: Consequences of Personal Data compromise

### C.2.11 RF-PER: Consequences of Protected Data compromise



Description: What the consequences of an attacker acquiring Personal Data via the product are.

Description: What the consequences of an attacker acquiring Protected Data (personal or enterprise) via the product are.



Rationale: Different consequences change the impact of compromise of Personal Data stored or transmitted by the product.

Rationale: Different consequences change the impact of compromise of Protected Data stored or transmitted by the product.



* **[PER-0]** Usage is no or low consequences for compromise of Personal Data stored or transmitted by the product

* **[PER-1]** Usage is moderate consequences for compromise of Personal Data stored or transmitted by the product, e.g. financial or reputational loss

* **[PER-2]** Foreseeable use is high consequences for compromise of Personal Data stored or transmitted by the product, e.g. loss of life or human rights

* **[PER-0]** Usage is no or low consequences for compromise of Protected Data stored or transmitted by the product

* **[PER-1]** Usage is moderate consequences for compromise of Protected Data stored or transmitted by the product, e.g. financial or reputational loss, or disclosure of private enterprise data

* **[PER-2]** Foreseeable use is high consequences for compromise of Protected Data stored or transmitted by the product, e.g. loss of life or human rights, or disclosure of highly confidential enterprise data



## C.3 Assumptions
@@ -1172,6 +1181,7 @@ Mitigations for Impact: 
| UC-3     | Journalist or activist      | 1   | 1   | 2   | 2   | 2   | 2   | 2   | 1   | 0   | 2   | SP-3 |

| UC-4     | Small organisation          | 2   | 2   | 2   | 1   | 1   | 2   | 2   | 2   | 1   | 1   | SP-4 |

| UC-5     | Large enterprise            | 2   | 2   | 2   | 2   | 0   | 2   | 2   | 2   | 2   | 1   | SP-5 |

| UC-6     | Enterprise client software  | 1   | 0   | 2   | 1   | 0   | 0   | 2   | 0   | 1   | 1   | SP-6 |



## C.6 Security profiles
@@ -1185,11 +1195,13 @@ Security profiles are an informative resource to the assessor. Each security pro 


| Security Profile | Description                 | CFG | AUT | DAT | FUN | ADM | RDP | DNC | COM | CON | PER |

|------------------|-----------------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|

| SP-6             | Enterprise client software  | 2   | 0   | 2   | 1   | 0   | 0   | 1   | 0   | 1   | 1   |

| SP-1             | Individual consumer         | 1   | 0   | 0   | 0   | 2   | 2   | 2   | 0   | 0   | 0   |

| SP-2             | Privacy conscious household | 1   | 0   | 1   | 1   | 1   | 0   | 2   | 1   | 0   | 1   |

| SP-3             | Journalist or activist      | 1   | 1   | 2   | 2   | 2   | 2   | 2   | 1   | 0   | 2   |

| SP-4             | Small organisation          | 2   | 2   | 2   | 1   | 1   | 1   | 2   | 2   | 1   | 1   |

| SP-5             | Large enterprise            | 2   | 2   | 2   | 2   | 0   | 1   | 2   | 2   | 2   | 1   |

| SP-6             | Enterprise client software  | 1   | 0   | 2   | 1   | 0   | 0   | 2   | 0   | 1   | 1   |



# Annex D (informative): Risk evaluation guidance

clauses/5.Requirements.md

+38 −1
Original line number Diff line number Diff line
@@ -1287,7 +1287,7 @@ This clause lists all the mitigations necessary to meet requirements for each se 
  1. SUVH

  1. VULH



### 5.3.5 SP-4 Large enterprise required mitigations

### 5.3.5 SP-5 Large enterprise required mitigations



  1. (FZ95 or BTIN or IMSL)

  1. (KEVM or KEVT or SCAN)
@@ -1344,3 +1344,40 @@ This clause lists all the mitigations necessary to meet requirements for each se 
  1. SUSR

  1. SUVH

  1. VULH



### 5.3.6 SP-6 Enterprise independent client mitigations



TODO: update security analysis to better allow for this security profile's needs be met (without overprescribing)



  1. (FZ95 or BTIN or IMSL)

  1. (KEVM or KEVT or SCAN)

  1. TRAF-1 or (TRAF-2 and TRAF-4)

  1. (RSET or INST or DELE)

  1. SUDC

  1. (SUAP or SUAO)

  1. AUTH-1

  1. AUTH-2

  1. CDST

  1. CONF-1

  1. CONF-2

  1. CONF-3

  1. CONF-4

  1. CRYPT-2

  1. DNSL-7 *

  1. IPv6-1

  1. LOGG-1

  1. ROUT-1

  1. ROUT-2

  1. SCFS

  1. SDRF

  1. SDTR

  1. SSCA

  1. SUAU

  1. SUCS

  1. SUED

  1. SUMV

  1. SURC

  1. SURP

  1. SUSR

  1. SUVH

  1. VULH