@@ -386,8 +386,6 @@ How the retake of the authority is implemented is between the product and the de
### 5.2.7 Remote Data Processing Systems
<mark>AMS: August and Daniel are working on this. Skip for now.</mark>
## 5.3 Risk Mitigations
The following sections describe how technical cybersecurity requirement in previous [Section 5.2](#52-technical-cybersecurity-requirements-specifications) are mapped to the risk factors in [Section 4.5 Risk Factors](#45-risk-factors).
@@ -399,12 +397,11 @@ See [5.2.6 Role based authorisation](#526-role-based-authorisation)
### 5.3.2 Mitigations for ingested data integrity and confidentiality
***[REQ-INGEST-0]** The product shall protect the system against data poisoning or other adversial attacks.
***[REQ-INGEST-1]** The collected network element monitoring data shall be verifiable.
***[REQ-INGEST-1]** The collected network element monitoring data shall be integrity and confidentiality protected.
***[REQ-INGEST-2]** The product shall protect data at rest.
***[REQ-INGEST-3]** The product shall protect data in transit.
***[REQ-INGEST-4]** When data relevant to monitoring, control, or security functions is transferred over connections not controlled by the product, the product shall provide measures appropriate to the intended and reasonably foreseeable use to protect the integrity and, where required, the confidentiality of that data.
Every time a data is transported through an undefined connection, the product needs to be certain, that integrity and confidentiality of the data is not compromised.
### 5.3.3 Mitigations for managed device configuration integrity and confidentiality