Add CON risk factor, large enterprise use case, update tables etc. (9c9821ad) · Commits · STAN4CRA / EN 304 620 Virtual Private Networks Part 1

EN-304-620-1.md

+34 −13

Original line number	Diff line number	Diff line
		@@ -478,7 +478,16 @@ See [i.3] for formal definitions of micro, small, and medium-sized enterprises.
		* Limited or no full-time IT/network administration
		* Seeking secure connections primarily to SaaS products
		* Requires managed service for configuration and maintenance
		* Does not connect endpoints with other endpoints directly
		* Connects endpoints with other endpoints directly
		* Not critical for core business operations

		* UC-5 Large enterprise
		* Full-time IT/network administration
		* Connects many endpoints to private network with many hosts
		* Requires managed service for configuration and maintenance
		* Connects endpoints with other endpoints directly
		* Critical for business operations
		* Needs to inspect traffic extensively for security

		# 5 Requirements specifications

		@@ -648,6 +657,16 @@ Rationale: More features mean more code and more interfaces mean attack surface.
		* [COM-1] Foreseeable use requires a few additional features related to tunnelling encrypted traffic
		* [COM-2] Foreseeable use requires many additional features

		### C.2.10 RF-CON: Connectivity offered

		Description: Whether the VPN connects different endpoints to each other via a private network or simply provides a tunnel from a single endpoint to a public netowrk

		Rationale: Different connectivity requirements create different risks and mitigations.

		* [CON-0] Foreseeable use is a single endpoint connecting only to a public network
		* [CON-1] Foreseable use is one or more endpoints connecting to other endpoints or hosts via a private network
		* [CON-2] Foreseeable use is multiple endpoints connecting to each other via a private network, in addition to connecting to a public network

		## C.3 Assumptions

		### C.3.1 Platform
		@@ -1119,12 +1138,13 @@ Mitigations for Impact:

		## C.5 Mapping of use cases to risk factors and security profiles

		\| Use case \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| SP \|
		\|----------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|------\|
		\| UC-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| SP-1 \|
		\| UC-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| SP-2 \|
		\| UC-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| SP-3 \|
		\| UC-4 \| Small organisation \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| SP-4 \|
		\| Use case \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| CON \| SP \|
		\|----------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|------\|
		\| UC-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| 0 \| SP-1 \|
		\| UC-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| 0 \| SP-2 \|
		\| UC-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 0 \| SP-3 \|
		\| UC-4 \| Small organisation \| 2 \| 2 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| SP-4 \|
		\| UC-5 \| Large enterprise \| 2 \| 2 \| 2 \| 2 \| 0 \| 1 \| 2 \| 2 \| 2 \| SP-4 \|

		Table: _Table C.27 — Use cases mapped to risk factors and security profiles_

		@@ -1136,12 +1156,13 @@ Security profiles are an informative resource to the assessor. Each security pro

		### C.6.2 Mapping of security profiles to risk factors

		\| Security profile \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \|
		\|------------------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|
		\| SP-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \|
		\| SP-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \|
		\| SP-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \|
		\| SP-4 \| Small organisation \| 2 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 2 \|
		\| Security profile \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| CON \|
		\|------------------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|
		\| SP-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| 0 \|
		\| SP-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| 0 \|
		\| SP-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 0 \|
		\| SP-4 \| Small organisation \| 2 \| 2 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \|
		\| SP-5 \| Large enterprise \| 2 \| 2 \| 2 \| 2 \| 0 \| 1 \| 2 \| 2 \| 2 \|

		Table: _Table C.28 — Security profiles mapped to risk factors_

Original line number	Diff line number	Diff line
		@@ -478,7 +478,16 @@ See [i.3] for formal definitions of micro, small, and medium-sized enterprises.
		* Limited or no full-time IT/network administration
		* Seeking secure connections primarily to SaaS products
		* Requires managed service for configuration and maintenance
		* Does not connect endpoints with other endpoints directly
		* Connects endpoints with other endpoints directly
		* Not critical for core business operations

		* UC-5 Large enterprise
		* Full-time IT/network administration
		* Connects many endpoints to private network with many hosts
		* Requires managed service for configuration and maintenance
		* Connects endpoints with other endpoints directly
		* Critical for business operations
		* Needs to inspect traffic extensively for security

		# 5 Requirements specifications

		@@ -648,6 +657,16 @@ Rationale: More features mean more code and more interfaces mean attack surface.
		* [COM-1] Foreseeable use requires a few additional features related to tunnelling encrypted traffic
		* [COM-2] Foreseeable use requires many additional features

		### C.2.10 RF-CON: Connectivity offered

		Description: Whether the VPN connects different endpoints to each other via a private network or simply provides a tunnel from a single endpoint to a public netowrk

		Rationale: Different connectivity requirements create different risks and mitigations.

		* [CON-0] Foreseeable use is a single endpoint connecting only to a public network
		* [CON-1] Foreseable use is one or more endpoints connecting to other endpoints or hosts via a private network
		* [CON-2] Foreseeable use is multiple endpoints connecting to each other via a private network, in addition to connecting to a public network

		## C.3 Assumptions

		### C.3.1 Platform
		@@ -1119,12 +1138,13 @@ Mitigations for Impact:

		## C.5 Mapping of use cases to risk factors and security profiles

		\| Use case \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| SP \|
		\|----------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|------\|
		\| UC-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| SP-1 \|
		\| UC-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| SP-2 \|
		\| UC-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| SP-3 \|
		\| UC-4 \| Small organisation \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| SP-4 \|
		\| Use case \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| CON \| SP \|
		\|----------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|------\|
		\| UC-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| 0 \| SP-1 \|
		\| UC-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| 0 \| SP-2 \|
		\| UC-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 0 \| SP-3 \|
		\| UC-4 \| Small organisation \| 2 \| 2 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| SP-4 \|
		\| UC-5 \| Large enterprise \| 2 \| 2 \| 2 \| 2 \| 0 \| 1 \| 2 \| 2 \| 2 \| SP-4 \|

		Table: _Table C.27 — Use cases mapped to risk factors and security profiles_

		@@ -1136,12 +1156,13 @@ Security profiles are an informative resource to the assessor. Each security pro

		### C.6.2 Mapping of security profiles to risk factors

		\| Security profile \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \|
		\|------------------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|
		\| SP-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \|
		\| SP-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \|
		\| SP-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \|
		\| SP-4 \| Small organisation \| 2 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 2 \|
		\| Security profile \| Description \| CFG \| AUT \| DAT \| FUN \| ADM \| RDP \| DNC \| COM \| CON \|
		\|------------------\|-----------------------------\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|-----\|
		\| SP-1 \| Individual consumer \| 1 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 0 \| 0 \|
		\| SP-2 \| Privacy conscious household \| 1 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 1 \| 0 \|
		\| SP-3 \| Journalist or activist \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 0 \|
		\| SP-4 \| Small organisation \| 2 \| 2 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \|
		\| SP-5 \| Large enterprise \| 2 \| 2 \| 2 \| 2 \| 0 \| 1 \| 2 \| 2 \| 2 \|

		Table: _Table C.28 — Security profiles mapped to risk factors_