Loading EN-304-626.md +1 −29 Original line number Diff line number Diff line Loading @@ -887,35 +887,7 @@ T.IA.USER: A threat agent might gain access to user data, TSF data or TOE resources with the exception of public objects without being identified and authenticated Additional threats (inspired by ENISA Threat Taxonomy): <mark> FIXME discuss the appropriateness of the following points </mark> <mark> FIXME categorize more clearly </mark> <mark> FIXME check if EMB3D "format" is applicable here</mark> Network-related threats * Interception of information (user data, system data) * Intercepting compromising emmission/interfering radiation/side channel * Replay communication messages * Network traffic manipulation Nefarious activity * Malicious code/software/activity * Abuse of resources * Worms/Trojans * Root kits * Elevation of privileges * Injection attacks * Spyware / deceptive adware * Rogue security software * Exploit kits * Abuse information leaks * Unauthorized installation of software * Target APTs Authentication-based threats * Brute force * Abuse of authorization From [MITRE EMB3D](https://emb3d.mitre.org/): <mark> FIXME list more threats </mark> Loading Loading
EN-304-626.md +1 −29 Original line number Diff line number Diff line Loading @@ -887,35 +887,7 @@ T.IA.USER: A threat agent might gain access to user data, TSF data or TOE resources with the exception of public objects without being identified and authenticated Additional threats (inspired by ENISA Threat Taxonomy): <mark> FIXME discuss the appropriateness of the following points </mark> <mark> FIXME categorize more clearly </mark> <mark> FIXME check if EMB3D "format" is applicable here</mark> Network-related threats * Interception of information (user data, system data) * Intercepting compromising emmission/interfering radiation/side channel * Replay communication messages * Network traffic manipulation Nefarious activity * Malicious code/software/activity * Abuse of resources * Worms/Trojans * Root kits * Elevation of privileges * Injection attacks * Spyware / deceptive adware * Rogue security software * Exploit kits * Abuse information leaks * Unauthorized installation of software * Target APTs Authentication-based threats * Brute force * Abuse of authorization From [MITRE EMB3D](https://emb3d.mitre.org/): <mark> FIXME list more threats </mark> Loading
