WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.
@@ -158,7 +158,7 @@ The present document covers the specification of Security Profiles (SP) for the
Different uses cases represent different deployment with different sets of architectures, functionalities and thus associated threats and risk. The document specifies requirements to cover or mitigate those risks in conformity with the CRA.
It covers main PKI able to support the management of public keys able to support authentication, encryption, integrity or non-repudiation services including public/open, private, C-ITS and machine-to-machine PKIs.
It covers main PKI able to support the management of public keys able to support authentication, encryption, integrity or Traceability services including public/open, private, C-ITS and machine-to-machine PKIs.
# 2 References
*Editor's note: This section's structure is stable. More references are to be added.*
@@ -590,11 +590,11 @@ Table 4.7.1.1.6-1 provides a list of assets for a PKI product that supports cert
| T_SYS04.Exploiting insecure user authentication credentials or access <br> rights in default user account data | SYS02 | Secure by<br> Default |
| T_SYS05.Modifying user authentication credentials or access rights in <br> unprotected user account data | SYS02 | Integrity |
| T_SYS06.Disclosing user authentication credentials in unprotected user <br> account data | SYS02 | Confidentiality |
| T_SYS07.Modifying or deleting events in unprotected event log data | SYS03 | Integrity, <br>Non-repudiation |
| T_SYS08.Accessing settings or sensitive parameters via an unprotected <br> system configuration management function | SYS11 | Authorisation |
| T_SYS09.Accessing user authentication credentials or access rights via <br> an unprotected user account management function | SYS12 | Authorisation |
| T_SYS10.Accessing event logs via an unprotected event log management <br> function | SYS13 | Authorisation |
| T_SYS11.Disabling or rolling back software updates via an unprotected <br> software update function | SYS14 | Authorisation |
| T_SYS07.Modifying or deleting events in unprotected event log data | SYS03 | Integrity, <br>Traceability |
| T_SYS08.Accessing settings or sensitive parameters via an unprotected <br> system configuration management function | SYS11 | Integrity, Traceability |
| T_SYS09.Accessing user authentication credentials or access rights via <br> an unprotected user account management function | SYS12 | Integrity, Traceability |
| T_SYS10.Accessing event logs via an unprotected event log management <br> function | SYS13 | Integrity, Traceability|
| T_SYS11.Disabling or rolling back software updates via an unprotected <br> software update function | SYS14 | Integrity, Traceability |
| T_SYS12.Modifying settings in configuration data transferred via an <br> unprotected remote administration interface | SYS21 | Integrity |
| T_SYS13.Disclosing sensitive parameters in configuration data transferred <br> via an unprotected remote administration interface | SYS21 | Confidentiality |
| T_SYS14.Accessing system administration functions via an unprotected <br> remote administration interface | SYS21 | Authentication |
@@ -617,8 +617,8 @@ Table 4.7.1.1.6-1 provides a list of assets for a PKI product that supports cert
| T_REG01.Modifying information in unprotected subscriber data | REG01 | Integrity |
| T_REG02.Disclosing sensitive information in unprotected subscriber data | REG01 | Confidentiality |
| T_REG04.Accessing information via an unprotected subscriber management <br> function | REG 11 | Authorisation |
| T_REG05.Approving a certificate request via an unprotected certificate <br> request management function | REG12 | Authorisation |
| T_REG04.Accessing information via an unprotected subscriber management <br> function | REG 11 | Integrity, Traceability |
| T_REG05.Approving a certificate request via an unprotected certificate <br> request management function | REG12 | Integrity, Traceability |
| T_REG06.Modifying information in subscriber data or certificate requests <br> transferred via an unprotected registration user interface | REG21 | Integrity |
| T_REG07.Disclosing sensitive information in subscriber data transferred via <br> an unprotected registration user interface | REG21 | Confidentiality |
| T_REG08.Accessing registration service functions via an unprotected <br> registration user interface | REG21 |Authentication |
@@ -646,8 +646,8 @@ If the PKI product does not provide support for subscriber management as part of
| T_GEN04.Modifying subject private keys in unprotected subject key data | GEN02 | Integrity |
| T_GEN05.Disclosing subject private keys in unprotected subject key data | GEN02 | Confidentiality |
| T_GEN06.Deleting subject private keys in unprotected subject key data | GEN02 | Availability |
| T_GEN07.Accessing CA or subject private keys via an unprotected key <br> management function | GEN11 | Authorisation |
| T_GEN08.Accessing signing operations via an unprotected certificate <br> generation function | GEN12 | Authorisation |
| T_GEN07.Accessing CA or subject private keys via an unprotected key <br> management function | GEN11 | Integrity, Traceability |
| T_GEN08.Accessing signing operations via an unprotected certificate <br> generation function | GEN12 | Integrity, Traceability |
| T_GEN09.Accessing certificate generation functions via an unprotected <br> certificate generation user interface | GEN21 | Authentication |
| T_GEN10.Denying system operator access via an unprotected certificate <br> generation user interface | GEN21 | Availability |
| T_GEN11.Modifying information transferred between the product and a <br> secure cryptographic device via an unprotected secure cryptographic <br> device API | GEN22 | Integrity |
@@ -676,7 +676,7 @@ If the product does not support subject key generation or key recovery, the thre
| Threat | Asset | Property |
| --- | :---: | :---: |
| T_DIS01.Modifying certificates in unprotected certificate store data | DIS01 | Integrity |
| T_DIS02.Accessing certificate store data via an unprotected certificate <br> store management function | DIS11 | Authorisation |
| T_DIS02.Accessing certificate store data via an unprotected certificate <br> store management function | DIS11 | Integrity, Traceability |
| T_DIS03.Accessing dissemination service functions via an unprotected <br> dissemination user interface | DIS21 | Authentication |
| T_DIS04.Denying system operator access to via an unprotected dissemination <br> user interface | DIS21 | Availability |
| T_DIS05.Modifying certificates transferred via an unprotected subscriber <br> dissemination interface | DIS22 | Integrity |
@@ -700,7 +700,7 @@ If the PKI product does not support dissemination services and provides a logica
| --- | :---: | :---: |
| T_REV01.Modifying information in an unprotected revocation request | REV01 | Integrity |
| T_REV02.Disclosing sensitive information in an unprotected revocation <br> request | REV01 | Confidentiality |
| T_REV03.Approving or denying revocation requests via an unprotected <br> revocation management function | REV11 | Authorisation |
| T_REV03.Approving or denying revocation requests via an unprotected <br> revocation management function | REV11 | Integrity, Traceability |
| T_REV04.Modifying information transferred via an unprotected revocation <br> management user interface | REV21 | Integrity |
| T_REV05.Disclosing sensitive information transferred via an unprotected <br> revocation management user interface | REV21 | Confidentiality |
| T_REV06.Accessing revocation management functions via an unprotected <br> revocation management user interface | REV21 | Authentication |
@@ -721,11 +721,11 @@ The PKI product can support limited revocation management services even if it do
| Threat | Asset | Property |
| --- | :---: | :---: |
| T_STA01.Modifying certificate revocation statuses in unprotected certificate <br> status data | STA01 | Integrity, <br>Non-repudiation |
| T_STA02.Accessing certificate revocation statuses via an unprotected certificate <br> status management function | STA11 | Authorisation |
| T_STA01.Modifying certificate revocation statuses in unprotected certificate <br> status data | STA01 | Integrity, <br>Traceability |
| T_STA02.Accessing certificate revocation statuses via an unprotected certificate <br> status management function | STA11 | Integrity, Traceability |
| T_STA03.Accessing certificate status functions via an unprotected certificate <br> status user interface | STA21 | Authentication |
| T_STA04.Denying system operator access to an unprotected certificate status user <br> interface | STA21 | Availability |
| T_STA05.Modifying certificate revocation statuses transferred via an unprotected <br> relying party certificate status interface | STA22 | Integrity, <br>Non-repudiation |
| T_STA05.Modifying certificate revocation statuses transferred via an unprotected <br> relying party certificate status interface | STA22 | Integrity, <br>Traceability |
| T_STA06.Denyin relying party access to an unprotected relying party certificate <br> status interface | STA22 | Availability |
@@ -1145,8 +1145,7 @@ a) the version field shall contain the integer 2;
b) the serialNumber shall be unique with respect to the issuing Certification Authority;
c) the validity field shall specify a notBefore value that does not precede the current time and a notAfter
value that does not precede the value specified in notBefore;
c) the validity field shall specify a notBefore value that does not precede the current time and a notAfter value that does not precede the value specified in notBefore;
d) if the issuer field contains a null Name (e.g., a sequence of zero relative distinguished names), then the
certificate shall contain a critical issuerAltName extension;
@@ -1416,7 +1415,7 @@ Verify the audit record contains the identity of the user that caused the event.
a) The identity of the given user used for the test;
a) the way the event was triggered and at what time, and the corresponding audit record.
b) the way the event was triggered and at what time, and the corresponding audit record.
@@ -1548,7 +1547,7 @@ c) the way the signatures, keyed hashes or authentication codes were verified, a
d) the way the audit record of the triggered event was modified;
d) the way the second-to-last signature, keyed hash or authentication code was modified.
e) the way the second-to-last signature, keyed hash or authentication code was modified.
