Commit 14bec0b3 authored by Santeri Toikka's avatar Santeri Toikka
Browse files

First requirements

parent 90d85573

EN-304-622.md

+24 −7
Original line number Diff line number Diff line
@@ -634,13 +634,30 @@ A website that is accessed with a browser is not in scope, but a online service 


General risks to consider with RDPS:



- Data integrity and confidentiality

  - Data corruption in transit

  - Lack of data validation

  - MitM

  - Multitenant data leakage

  - Offline fallback

- Unauthorized access and credential missuse

| Category     | Example Threat         | Possible mitigation   | Requirements from this standard                          |

| ------------ | ---------------------- | --------------------- | -------------------------------------------------------- |

| Transmission | Eavesdropping, MITM    | TLS, VPN              | [Secure channel](#521-secure-channel-definition)         |

| Access       | Unauthorized login     | 2FA, RBAC             | [Identity](#531-mitigations-for-user-identity-integrity) |

| Integrity    | Data alteration        | Hashing, encryption   |

| Availability | DoS attacks            | Redundancy, filtering | [High-Availability](#538-high-availability)              |

| Storage      | Multitenant data leaks | Encryption at rest    |

| Internal     | Insider abuse          | Usage monitoring      |



The remote data processing system can be a central component for the PwDE and render the product unusable if not avalaible.

As distruptions in the services are not uncommon, it is important for PwDE architectural design to show how the product functionality changes, if the RDPS is not available. ([REQ-RDPS-0])



Collected data can be a central asset for the PwDE business idea. 

It can be any information that can be digitally transferred to another location.

To fullfill the CRA requirement for data minimization, the contents of the transferred data is important to understand in detail. ([REQ-RDPS-0] [REQ-RDPS-1] [REQ-RDPS-2])

Significant change in the stored data is a significant change in the PwDE, and thus trickers a new evaluation.



RDPS sepcific requirements:



- **[REQ-RDPS-0]** PwDE functionality is described in case connectivity to RDPS is not available.

- **[REQ-RDPS-1]** Data processed or stored in the RDPS is well defined.

- **[REQ-RDPS-2]** Criticality of the processed or stored data is defined.

- **[REQ-RDPS-3]** Important data can be recovered from redundant copies or from backups.





## 5.3 Risk Mitigations