Commit 21fab5ab authored by Sammy Haddad's avatar Sammy Haddad
Browse files

Typos

parent c6537d25

EN-304-624.md

+9 −9
Original line number Diff line number Diff line
@@ -434,7 +434,7 @@ Table 5.3 provides a list of assets for a PKI product that supports certificate 
| GEN11.Key management function         | Used to manage CA and subject private keys |

| GEN12.Certificate generation function | Used for certificate and CRL signing operations |

| GEN21.Certificate generation user interface | E.g., remotely accessible web portal or locally accessible command <br> line interface |

| GEN22.Secure cryprographic device interface | Logical interface for the secure cryptographic device |

| GEN22.Secure cryptographic device interface | Logical interface for the secure cryptographic device |



<strong>Table 5.3.</strong> Certificate generation assets

</div>
@@ -517,12 +517,12 @@ Table 5.5 provides a list of assets for a PKI product that supports certificate 
| T_SYS05.Modifying user authentication credentials or access rights in <br> unprotected user account data | SYS02 | Integrity |

| T_SYS06.Disclosing user authentication credentials in unprotected user <br> account data | SYS02 | Confidentiality |

| T_SYS07.Modifying or deleting events in unprotected event log data | SYS03 | Integrity, <br> Non-repudiation |

| T_SYS08.Accessing settings or sensitive paramters via an unprotected <br> system configuration management function | SYS11 |  Authorisation |

| T_SYS08.Accessing settings or sensitive parameters via an unprotected <br> system configuration management function | SYS11 |  Authorisation |

| T_SYS09.Accessing user authentication credentials or  access rights via <br> an unprotected user account management function | SYS12 |   Authorisation |

| T_SYS10.Accessing event logs via an unprotcted event log management <br> function | SYS13 |   Authorisation |

| T_SYS10.Accessing event logs via an unprotected event log management <br> function | SYS13 |   Authorisation |

| T_SYS11.Disabling or rolling back software updates via an unprotected <br> software update function | SYS14 |  Authorisation |

| T_SYS12.Modifying settings in configuration data transferred via an <br> unprotected remote administration interface | SYS21 | Integrity |

| T_SYS13.Disclosing sensitive parameters in configuration data transferred <br> via an unprotected remoted administration interface | SYS21 | Confidentiality |

| T_SYS13.Disclosing sensitive parameters in configuration data transferred <br> via an unprotected remote administration interface | SYS21 | Confidentiality |

| T_SYS14.Accessing system administration functions via an unprotected <br> remote administration interface | SYS21 | Authentication |

| T_SYS15.Denying system administrator access via an unprotected remote <br> administration interface | SYS21 | Availability |

| T_SYS16.Accessing system administration functions via an unprotected <br> local administration interface | SYS22 | Authentication |
@@ -572,7 +572,7 @@ If the PKI product does not provide support for subscriber management as part of 
 | T_GEN10.Denying system operator access via an unprotected certificate <br> generation user interface | GEN21 | Availability |

 | T_GEN11.Modifying information transferred between the product and a <br> secure cryptographic device via an unprotected secure cryptographic <br> device API | GEN22 | Integrity |

 | T_GEN12.Disclosing sensitive information transferred between the <br> product and a secure cryptographic device via an unprotected secure <br> cryptographic device API | GEN22 | Confidentiality |

 | T_GEN13.Disrupting the operation of a secure cryptographic device via <br> requests from the product over the secure cryographic device API | GEN22 | Impact |

 | T_GEN13.Disrupting the operation of a secure cryptographic device via <br> requests from the product over the secure cryptographic device API | GEN22 | Impact |



<strong>Table 5.8.</strong> Certificate generation threats
@@ -594,11 +594,11 @@ If the product does not support subject key generation or key recovery, the thre 
 | --- | :---: | :---: |

 | T_DIS01.Modifying certificates in unprotected certificate store data | DIS01 | Integrity |

 | T_DIS02.Accessing certificate store data via an unprotected certificate <br> store management function | DIS11 | Authorisation |

 | T_DIS03.Accessing disseminiation service functions via an unprotected <br> dissemination user interface | DIS21 | Authentication |

 | T_DIS03.Accessing dissemination service functions via an unprotected <br> dissemination user interface | DIS21 | Authentication |

 | T_DIS04.Denying system operator access to via an unprotected dissemination <br> user interface | DIS21 | Availability |

 | T_DIS05.Modifying certificates transferred via an unprotected subscriber <br> dissemination interface | DIS22 | Integrity |

 | T_DIS06.Disclosing subject private keys transferred via an unprotected <br> subscriber dissemination interface | DIS22 | Confidentiality |

 | T_DIS07.Modifying certificate look-up repsonses via an unprotected relying <br> party look-up interface | DIS23 | Integrity |

 | T_DIS07.Modifying certificate look-up responses via an unprotected relying <br> party look-up interface | DIS23 | Integrity |

 | T_DIS08.Denying relying party access to an unprotected relying party <br> look-up interface | DIS23 | Availability | 

 

<strong>Table 5.9.</strong> Dissemination threats
@@ -617,7 +617,7 @@ If the PKI product does not support dissemination services and provides a logica 
| T_REV02.Disclosing sensitive information in an unprotected revocation <br> request | REV01 | Confidentiality |

| T_REV03.Approving or denying revocation requests via an unprotected <br> revocation management function | REV11 | Authorisation |

| T_REV04.Modifying information transferred via an unprotected revocation <br> management user interface | REV21 | Integrity |

| T_REV05.Disclosing sensitive information transferred via an uprotected <br> revocation management user interface | REV21 | Confidentiality |

| T_REV05.Disclosing sensitive information transferred via an unprotected <br> revocation management user interface | REV21 | Confidentiality |

| T_REV06.Accessing revocation management functions via an unprotected <br> revocation management user interface | REV21 | Authentication |

| T_REV07.Denying system operator access to an unprotected revocation <br> management user interface | REV21 | Availability |
@@ -636,7 +636,7 @@ The PKI product can support limited revocation management services even if it do 
| T_STA01.Modifying certificate revocation statuses in unprotected certificate <br> status data | STA01 | Integrity, <br> Non-repudiation |

| T_STA02.Accessing certificate revocation statuses via an unprotected certificate <br> status management function | STA11 | Authorisation |

| T_STA03.Accessing certificate status functions via an unprotected certificate <br> status user interface | STA21 | Authentication |

| T_STA04.Denying system operator access to an unproteted certificate status user <br> interface | STA21 | Availability |

| T_STA04.Denying system operator access to an unprotected certificate status user <br> interface | STA21 | Availability |

| T_STA05.Modifying certificate revocation statuses transferred via an unprotected <br> relying party certificate status interface | STA22 | Integrity, <br> Non-repudiation |

| T_STA06.Denyin relying party access to an unprotected relying party certificate <br> status interface | STA22 | Availability |