Loading EN-304-620-1.md +88 −91 Original line number Diff line number Diff line Loading @@ -780,18 +780,18 @@ Mitigations for Likelihood: Attacker may gain unauthorised access to an endpoint in a manner not under control of the product, exposing product assets. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.5_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.6_ Loading @@ -815,17 +815,17 @@ Attacker launches denial of service attack on remote data processing solution. | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-4 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1, SP-2 | | RDP = 2 & max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1 | Table: _Table C.7_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.8_ Loading @@ -850,16 +850,16 @@ Attacker may read or modify traffic by capturing and relaying activity to and fr | Risk factors | Likelihood | Security profiles | |-----------------------------|------------|-------------------| | ADM > 0 & max(DAT, FUN) = 2 | High | SP-3, SP-4 | | all others | Medium | SP-2 | | all others | Medium | SP-2, SP-5 | | DAT = 0 & FUN = 0 | Low | SP-1 | Table: _Table C.9_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.10_ Loading @@ -883,15 +883,15 @@ Attacker may read sensitive data sent outside the VPN connection by the product. | Risk factors | Likelihood | Security profiles | |------------------------------|------------|-------------------| | DNC = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DNC = 2 & max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | DNC = 0 or max(DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.11_ | Risk factors | Impact | Security profiles | |--------------|--------|-------------------| | DAT > 0 | High | SP-2, SP-3, SP-4 | |--------------|--------|------------------------| | DAT > 0 | High | SP-2, SP-3, SP-4, SP-5 | | all others | Medium | SP-1 | Table: _Table C.12_ Loading @@ -915,18 +915,18 @@ Mitigations for Impact: Attacker may read sensitive data transmitted without encryption in a single endpoint VPN. | Risk factors | Likelihood | Security profiles | |------------------------------------------------------|------------|-------------------| | CON = 0 & (CFG = 2 or (CFG > 0 & ADM = 2 & COM > 1)) | High | SP-3 | | all others | Medium | SP-1, SP-2 | | CON > 0 or CFG = 0 or (ADM = 0 & COM = 0) | Low | SP-4, SP-5 | |-----------------------------------------|------------|-------------------| | CON = 0 & CFG > 0 & max(DAT, FUN) = 2) | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or CFG = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.13_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON = 0 & DAT = 2 & FUN = 2 | High | SP-3 | | CON = 0 & max(DAT, FUN) = 2 | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-4, SP-5 | | CON > 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.14_ Loading @@ -949,18 +949,18 @@ Mitigations for Impact: Attacker may read sensitive data transmitted without encryption in a VPN which connects multiple endpoints to each other. | Risk factors | Likelihood | Security profiles | |------------------------------------------------------|------------|-------------------| | CON > 0 & (CFG = 2 or (CFG > 0 & ADM = 2 & COM > 1)) | High | SP-4, SP-5 | |-----------------------------------------|------------|-------------------| | CON > 0 & CFG > 0 & max(DAT, FUN) = 2) | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or CFG = 0 or (ADM = 0 & COM = 0) | Low | SP-1, SP-2, SP-3 | | CON = 0 or CFG = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.13_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON > 0 & DAT = 2 & FUN = 2 | High | SP-5 | | all others | Medium | SP-4 | | CON = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-2, SP-3 | | CON > 0 & max(DAT, FUN) = 2 | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.14_ Loading @@ -983,17 +983,17 @@ Mitigations for Impact: Attacker may attempt to authenticate in an unauthorised manner to get access to product assets. | Risk factors | Likelihood | Security profiles | |-----------------------------------|------------|-------------------| | max(DAT, FUN, COM) = 2 & ADM = 2 | High | SP-4 | | all others | Medium | SP-1, SP-2, SP-3 | |-------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-1, SP-2 | Table: _Table C.15_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.16_ Loading @@ -1017,16 +1017,15 @@ Attacker may remove evidence of compromise from the endpoint. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4 | | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Low | SP-1, SP-2 | Table: _Table C.17_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Low | SP-1, SP-2 | Table: _Table C.18_ Loading Loading @@ -1058,9 +1057,9 @@ Table: _Table C.19_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON = 0 & DAT = 2 & FUN = 2 | High | SP-3 | | CON = 0 & max(DAT, FUN) = 2 | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-4 | | CON > 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.20_ Loading Loading @@ -1092,9 +1091,9 @@ Table: _Table C.19_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON > 0 & DAT = 2 & FUN = 2 | High | SP-5 | | all others | Medium | SP-4 | | CON = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-2, SP-3 | | CON > 0 & max(DAT, FUN) = 2 | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.20_ Loading @@ -1112,23 +1111,21 @@ Mitigations for Impact: * High to Low: AUTH-3, AUTH-4, AUTH-5, LOGG-\*, CDST ### C.4.13 TH-META: Data leaks due to metadata and traffic analysis ### C.4.13 TH-META: Compromise of PII due to metadata and traffic analysis Attacker may use user metadata such as IP addresses and traffic analysis to gain confidential data. Attacker may use user metadata such as IP addresses and traffic analysis to compromise personally identifiable information. | Risk factors | Likelihood | Security profiles | |--------------|------------|-------------------| | TODO | High | SP-3 | | TODO | Medium | SP-2, SP-4 | | TODO | Low | SP-1 | |------------------------------|------------|------------------------| | PII = 2 & DATA = 2 & FUN = 2 | High | SP-3, | | all others | Medium | SP-1, SP-2, SP-4, SP-5 | Table: _Table C.21_ Table: _Table C.25_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------|--------|------------------------| | PII = 2 | High | SP-3 | | all others | Medium | SP-1, SP-2, SP-4, SP-5 | Table: _Table C.22_ Loading @@ -1136,15 +1133,15 @@ Requirements that mitigate this threat: Mitigations for Likelihood: * Medium to Low: TODO * Medium to Low: TODO - transfer risk to user * High to Low: TODO * High to Low: TODO - transfer risk to user Mitigations for Impact: * Medium to Low: TODO * Medium to Low: TODO - transfer risk to user * High to Low: TODO * High to Low: TODO - transfer risk to user ### C.4.14 TH-RCOM: RDPS compromise and isolation Loading @@ -1152,7 +1149,7 @@ Attacker may use compromise or isolation errors in remote data processing system | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-4 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1, SP-2 | Loading @@ -1160,7 +1157,7 @@ Table: _Table C.23_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | Loading @@ -1185,16 +1182,16 @@ Mitigations for Impact: Attacker may get unauthorised access to confidential data stored on the product through access to or acquisition of a device containing the used product. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | |------------------------------|------------|-------------------| | ADM > 0 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | | ADM = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-5 | Table: _Table C.25_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | Loading Loading @@ -1247,10 +1244,10 @@ Mitigations for Impact: | Use case | Description | CFG | AUT | DAT | FUN | ADM | RDP | DNC | COM | CON | PII | SP | |----------|-----------------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------| | UC-1 | Individual consumer | 1 | 0 | 0 | 0 | 2 | 2 | 2 | 0 | 0 | 0 | SP-1 | | UC-2 | Privacy conscious household | 1 | 0 | 1 | 1 | 1 | 0 | 2 | 1 | 0 | 1 | SP-2 | | UC-2 | Privacy conscious household | 1 | 0 | 1 | 1 | 1 | 1 | 2 | 1 | 0 | 1 | SP-2 | | UC-3 | Journalist or activist | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 0 | 2 | SP-3 | | UC-4 | Small organisation | 2 | 2 | 2 | 1 | 1 | 1 | 2 | 2 | 1 | 1 | SP-4 | | UC-5 | Large enterprise | 2 | 2 | 2 | 2 | 0 | 1 | 2 | 2 | 2 | 1 | SP-4 | | UC-4 | Small organisation | 2 | 2 | 2 | 1 | 1 | 2 | 2 | 2 | 1 | 1 | SP-4 | | UC-5 | Large enterprise | 2 | 2 | 2 | 2 | 0 | 2 | 2 | 2 | 2 | 1 | SP-4 | Table: _Table C.27 — Use cases mapped to risk factors and security profiles_ Loading Loading
EN-304-620-1.md +88 −91 Original line number Diff line number Diff line Loading @@ -780,18 +780,18 @@ Mitigations for Likelihood: Attacker may gain unauthorised access to an endpoint in a manner not under control of the product, exposing product assets. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.5_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.6_ Loading @@ -815,17 +815,17 @@ Attacker launches denial of service attack on remote data processing solution. | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-4 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1, SP-2 | | RDP = 2 & max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1 | Table: _Table C.7_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.8_ Loading @@ -850,16 +850,16 @@ Attacker may read or modify traffic by capturing and relaying activity to and fr | Risk factors | Likelihood | Security profiles | |-----------------------------|------------|-------------------| | ADM > 0 & max(DAT, FUN) = 2 | High | SP-3, SP-4 | | all others | Medium | SP-2 | | all others | Medium | SP-2, SP-5 | | DAT = 0 & FUN = 0 | Low | SP-1 | Table: _Table C.9_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.10_ Loading @@ -883,15 +883,15 @@ Attacker may read sensitive data sent outside the VPN connection by the product. | Risk factors | Likelihood | Security profiles | |------------------------------|------------|-------------------| | DNC = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DNC = 2 & max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | DNC = 0 or max(DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.11_ | Risk factors | Impact | Security profiles | |--------------|--------|-------------------| | DAT > 0 | High | SP-2, SP-3, SP-4 | |--------------|--------|------------------------| | DAT > 0 | High | SP-2, SP-3, SP-4, SP-5 | | all others | Medium | SP-1 | Table: _Table C.12_ Loading @@ -915,18 +915,18 @@ Mitigations for Impact: Attacker may read sensitive data transmitted without encryption in a single endpoint VPN. | Risk factors | Likelihood | Security profiles | |------------------------------------------------------|------------|-------------------| | CON = 0 & (CFG = 2 or (CFG > 0 & ADM = 2 & COM > 1)) | High | SP-3 | | all others | Medium | SP-1, SP-2 | | CON > 0 or CFG = 0 or (ADM = 0 & COM = 0) | Low | SP-4, SP-5 | |-----------------------------------------|------------|-------------------| | CON = 0 & CFG > 0 & max(DAT, FUN) = 2) | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or CFG = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.13_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON = 0 & DAT = 2 & FUN = 2 | High | SP-3 | | CON = 0 & max(DAT, FUN) = 2 | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-4, SP-5 | | CON > 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.14_ Loading @@ -949,18 +949,18 @@ Mitigations for Impact: Attacker may read sensitive data transmitted without encryption in a VPN which connects multiple endpoints to each other. | Risk factors | Likelihood | Security profiles | |------------------------------------------------------|------------|-------------------| | CON > 0 & (CFG = 2 or (CFG > 0 & ADM = 2 & COM > 1)) | High | SP-4, SP-5 | |-----------------------------------------|------------|-------------------| | CON > 0 & CFG > 0 & max(DAT, FUN) = 2) | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or CFG = 0 or (ADM = 0 & COM = 0) | Low | SP-1, SP-2, SP-3 | | CON = 0 or CFG = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.13_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON > 0 & DAT = 2 & FUN = 2 | High | SP-5 | | all others | Medium | SP-4 | | CON = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-2, SP-3 | | CON > 0 & max(DAT, FUN) = 2 | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.14_ Loading @@ -983,17 +983,17 @@ Mitigations for Impact: Attacker may attempt to authenticate in an unauthorised manner to get access to product assets. | Risk factors | Likelihood | Security profiles | |-----------------------------------|------------|-------------------| | max(DAT, FUN, COM) = 2 & ADM = 2 | High | SP-4 | | all others | Medium | SP-1, SP-2, SP-3 | |-------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-1, SP-2 | Table: _Table C.15_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------------|--------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Medium | SP-2 | | max (DAT, FUN) = 0 | Low | SP-1 | Table: _Table C.16_ Loading @@ -1017,16 +1017,15 @@ Attacker may remove evidence of compromise from the endpoint. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | max(DAT, FUN) = 2 | High | SP-3, SP-4 | | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Low | SP-1, SP-2 | Table: _Table C.17_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | | max(DAT, FUN) = 2 | High | SP-3, SP-4, SP-5 | | all others | Low | SP-1, SP-2 | Table: _Table C.18_ Loading Loading @@ -1058,9 +1057,9 @@ Table: _Table C.19_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON = 0 & DAT = 2 & FUN = 2 | High | SP-3 | | CON = 0 & max(DAT, FUN) = 2 | High | SP-3 | | all others | Medium | SP-2 | | CON > 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-4 | | CON > 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-4, SP-5 | Table: _Table C.20_ Loading Loading @@ -1092,9 +1091,9 @@ Table: _Table C.19_ | Risk factors | Impact | Security profiles | |------------------------------|--------|-------------------| | CON > 0 & DAT = 2 & FUN = 2 | High | SP-5 | | all others | Medium | SP-4 | | CON = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-2, SP-3 | | CON > 0 & max(DAT, FUN) = 2 | High | SP-4, SP-5 | | all others | Medium | none | | CON = 0 or max(DAT, FUN) = 0 | Low | SP-1, SP-2, SP-3 | Table: _Table C.20_ Loading @@ -1112,23 +1111,21 @@ Mitigations for Impact: * High to Low: AUTH-3, AUTH-4, AUTH-5, LOGG-\*, CDST ### C.4.13 TH-META: Data leaks due to metadata and traffic analysis ### C.4.13 TH-META: Compromise of PII due to metadata and traffic analysis Attacker may use user metadata such as IP addresses and traffic analysis to gain confidential data. Attacker may use user metadata such as IP addresses and traffic analysis to compromise personally identifiable information. | Risk factors | Likelihood | Security profiles | |--------------|------------|-------------------| | TODO | High | SP-3 | | TODO | Medium | SP-2, SP-4 | | TODO | Low | SP-1 | |------------------------------|------------|------------------------| | PII = 2 & DATA = 2 & FUN = 2 | High | SP-3, | | all others | Medium | SP-1, SP-2, SP-4, SP-5 | Table: _Table C.21_ Table: _Table C.25_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | |--------------|--------|------------------------| | PII = 2 | High | SP-3 | | all others | Medium | SP-1, SP-2, SP-4, SP-5 | Table: _Table C.22_ Loading @@ -1136,15 +1133,15 @@ Requirements that mitigate this threat: Mitigations for Likelihood: * Medium to Low: TODO * Medium to Low: TODO - transfer risk to user * High to Low: TODO * High to Low: TODO - transfer risk to user Mitigations for Impact: * Medium to Low: TODO * Medium to Low: TODO - transfer risk to user * High to Low: TODO * High to Low: TODO - transfer risk to user ### C.4.14 TH-RCOM: RDPS compromise and isolation Loading @@ -1152,7 +1149,7 @@ Attacker may use compromise or isolation errors in remote data processing system | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3 | | RDP = 2 & DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-4 | | RDP = 0 or DAT = 0 or FUN = 0 | Low | SP-1, SP-2 | Loading @@ -1160,7 +1157,7 @@ Table: _Table C.23_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | Loading @@ -1185,16 +1182,16 @@ Mitigations for Impact: Attacker may get unauthorised access to confidential data stored on the product through access to or acquisition of a device containing the used product. | Risk factors | Likelihood | Security profiles | |-------------------|------------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | |------------------------------|------------|-------------------| | ADM > 0 & DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | | ADM = 0 or DAT = 0 & FUN = 0 | Low | SP-1, SP-5 | Table: _Table C.25_ | Risk factors | Impact | Security profiles | |-------------------|--------|-------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | DAT = 2 & FUN = 2 | High | SP-3, SP-5 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | Loading Loading @@ -1247,10 +1244,10 @@ Mitigations for Impact: | Use case | Description | CFG | AUT | DAT | FUN | ADM | RDP | DNC | COM | CON | PII | SP | |----------|-----------------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|------| | UC-1 | Individual consumer | 1 | 0 | 0 | 0 | 2 | 2 | 2 | 0 | 0 | 0 | SP-1 | | UC-2 | Privacy conscious household | 1 | 0 | 1 | 1 | 1 | 0 | 2 | 1 | 0 | 1 | SP-2 | | UC-2 | Privacy conscious household | 1 | 0 | 1 | 1 | 1 | 1 | 2 | 1 | 0 | 1 | SP-2 | | UC-3 | Journalist or activist | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 0 | 2 | SP-3 | | UC-4 | Small organisation | 2 | 2 | 2 | 1 | 1 | 1 | 2 | 2 | 1 | 1 | SP-4 | | UC-5 | Large enterprise | 2 | 2 | 2 | 2 | 0 | 1 | 2 | 2 | 2 | 1 | SP-4 | | UC-4 | Small organisation | 2 | 2 | 2 | 1 | 1 | 2 | 2 | 2 | 1 | 1 | SP-4 | | UC-5 | Large enterprise | 2 | 2 | 2 | 2 | 0 | 2 | 2 | 2 | 2 | 1 | SP-4 | Table: _Table C.27 — Use cases mapped to risk factors and security profiles_ Loading
