@@ -397,23 +397,24 @@ However, system operators might have limited experience running critical compone
#### 4.2.6.1 System administration
Table 4.1 provides a list of system administrations assets for the PKI product.
Table 4.1 provides a list of system administration assets for the PKI product.
<divalign="center">
| Asset | Description |
|---|---|
| SYS01: System configuration data | Includes settings for software updates, event logging, component <br> services, and the secure cryptographic device, if used |
| SYS01: System configuration data | Includes settings for software updates, event logging, component <br> services, and the secure cryptographic device, if applicable |
| SYS02: User account data | Includes user authentation credentials and access rights |
| SYS03: Event log data | Includes system administration and component service event logs|
| SYS11: System configuration management <br> function | Used to change to system configuration settings and reset to <br>default values |
| SYS12: User account management function | Used to create new accounts, and change authentication credentials <br>and access rights for existing accounts |
| SYS03: Event log data | Includes system administration and component service event data|
| SYS11: System configuration management <br> function | Used to change system configuration settings and reset to default <br>values |
| SYS12: User account management function | Used to create and delete accounts, and change authentication <br>credentials and access rights |
| SYS13: Event log management function | Used to view event log data |
| SYS14: Software update function | Used to manage installation of a software updates |
| SYS14: Software update function | Used to manage installation of software updates |
| GEN11: Key management function | Used to manage CA and subject private keys |
| GEN12: Certificate generation function | Used to sign certificates and CRLs |
| GEN12: Certificate generation function | Used for certificate and CRL signing operations |
| GEN21: Certificate generation user interface | E.g., remotely accessible web portal or locally accessible command <br> line interface |
| GEN22: Secure cryprographic device interface | Logical interface for the secure cryptographic device |
@@ -568,7 +569,7 @@ Table 4.5 provides a list of assets for a PKI product that supports certificate
</div>
If the PKI product does not provide support for subscriber management as part of its registration services, then the threats to the subscriber data (T_REG01, T_REG02) and subscriber management function (T_REG04) are not present.
If the PKI product does not provide support for subscriber management as part of its registration services, then the threats to the subscriber data (T_REG01 and T_REG02) and subscriber management function (T_REG04) are not present.
#### 4.2.7.3 Certificate generation service
@@ -596,7 +597,7 @@ If the PKI product does not provide support for subscriber management as part of
NOTE 1: Accessing the functionality of the secure cryptographic device via an API that does not provide authentication or authorisation is a threat to the secure cryptographic device, not to the cyber security of the PKI product.
NOTE 2: Denying access to the secure cryptographic device via an API that does not provide availability is a threat to the secure cryptographic device, not to the cyber security of the PKI product. However, if the operation of the secure cryptographic device is impacted by, for example, the number of signing requests from the PKI product then this is relevant to the cyber security of the PKI product as it violates the principle of minimising the impact of the product on other devices and networks (T_GEN13).
NOTE 2: Denying access to the secure cryptographic device via an API that does not provide availability is a threat to the secure cryptographic device, not to the cyber security of the PKI product. However, if the operation of the secure cryptographic device is impacted by, for example, the number of signing requests from the PKI product then this is relevant to the cyber security of the PKI product as it is not minimising its impact on other devices or networks (T_GEN13).
If the PKI product does not support the use of a secure cryptographic device, then the threats to the secure cryptographic device interface (T_GEN11 and T_GEN12) will not be present.
@@ -649,11 +650,11 @@ The PKI product can support limited revocation management services even if it do
| Threat | Asset | Property |
| --- | :---: | :---: |
| T_STA01: Modifying a certificate revocation status in unprotected certificate <br> status data | STA01 | Integrity, <br> Non-repudiation |
| T_STA02: Accessing certificate revocation status via an unprotected certificate <br> status management function | STA11 | Authorisation |
| T_STA01: Modifying certificate revocation statuses in unprotected certificate <br> status data | STA01 | Integrity, <br> Non-repudiation |
| T_STA02: Accessing certificate revocation statuses via an unprotected certificate <br> status management function | STA11 | Authorisation |
| T_STA03: Accessing certificate status functions via an unprotected certificate <br> status user interface | STA21 | Authentication |
| T_STA04: Denying system operator access to an unproteted certificate status user <br> interface | STA21 | Availability |
| T_STA05: Modifying a certificate revocation status transferred via an unprotected <br> relying party certificate status interface | STA22 | Integrity, <br> Non-repudiation |
| T_STA05: Modifying certificate revocation statuses transferred via an unprotected <br> relying party certificate status interface | STA22 | Integrity, <br> Non-repudiation |
| T_STA06: Denyin relying party access to an unprotected relying party certificate <br> status interface | STA22 | Availability |
<strong>Table 4.11.</strong> Certificate status threats
