Loading EN-304-626.md +29 −9 Original line number Diff line number Diff line Loading @@ -1498,13 +1498,15 @@ The product shall require appropriate authorization by default to access securit |---------------------|----------------------| | all | ADEF | ### 5.2.X **TR-CONF**: Confidentiality of assets #### 5.2.X **TR-CDST**: Confidentiality of data stored on the product #### 5.2.X.x **MI-SCNF**: Confidentiality of data stored on the product The product shall protect data stored on the product from unauthorized access. #### 5.2.X.x **MI-CDST**: Protect confidentiality of data stored on the product The product shall protect data stored on the product from unauthorized access. * Reference: TR-CONF * Reference: TR-CDST * Objective: Confidentiality of data Loading @@ -1518,11 +1520,27 @@ The product shall protect data stored on the product from unauthorized access. Guidance: Data may be protected by the environment, permissons, encryption, salting and hashing, offline storage, or hardware-backed secrets. #### 5.2.X.x **MI-TCNF**: Confidentiality of data transmitted by product #### 5.2.X.x Mapping of mitigations to risk factors and security profiles | Risk factors | Requires mitigations | |--------------|----------------------| | SNDS < 1 | none | | all others | CDST | | Security Profile | Requires mitigations | |------------------|----------------------| | LR, IoT-1, | none | | all others | CDST | #### 5.2.X **TR-CDTX**: Confidentiality of data transmitted by product The product shall protect data transmitted by the product from unauthorized access. #### 5.2.X.x **MI-CDTX**: Protect confidentiality of data transmitted by product The product shall protect data transmitted by the product from unauthorized access. * Reference: TR-CONF * Reference: TR-CDTX * Objective: Confidentiality of data Loading @@ -1540,13 +1558,15 @@ Guidance: Data transmitted may be protected by the environment or encryption. | Risk factors | Requires mitigations | |--------------|----------------------| | any | SCNF, TCNF | | | | | SNDT < 1 | none | | all others | CDTX | | Security Profile | Requires mitigations | |------------------|----------------------| | any | SCNF, TCNF | | | | | FIXME | none | | all others | CDTX | > TODO: Rate use cases by sensitivity of data transmitted and update the security profile list above. ### 5.2.X **TR-LMAS**: Minimize exposed interfaces Loading Loading
EN-304-626.md +29 −9 Original line number Diff line number Diff line Loading @@ -1498,13 +1498,15 @@ The product shall require appropriate authorization by default to access securit |---------------------|----------------------| | all | ADEF | ### 5.2.X **TR-CONF**: Confidentiality of assets #### 5.2.X **TR-CDST**: Confidentiality of data stored on the product #### 5.2.X.x **MI-SCNF**: Confidentiality of data stored on the product The product shall protect data stored on the product from unauthorized access. #### 5.2.X.x **MI-CDST**: Protect confidentiality of data stored on the product The product shall protect data stored on the product from unauthorized access. * Reference: TR-CONF * Reference: TR-CDST * Objective: Confidentiality of data Loading @@ -1518,11 +1520,27 @@ The product shall protect data stored on the product from unauthorized access. Guidance: Data may be protected by the environment, permissons, encryption, salting and hashing, offline storage, or hardware-backed secrets. #### 5.2.X.x **MI-TCNF**: Confidentiality of data transmitted by product #### 5.2.X.x Mapping of mitigations to risk factors and security profiles | Risk factors | Requires mitigations | |--------------|----------------------| | SNDS < 1 | none | | all others | CDST | | Security Profile | Requires mitigations | |------------------|----------------------| | LR, IoT-1, | none | | all others | CDST | #### 5.2.X **TR-CDTX**: Confidentiality of data transmitted by product The product shall protect data transmitted by the product from unauthorized access. #### 5.2.X.x **MI-CDTX**: Protect confidentiality of data transmitted by product The product shall protect data transmitted by the product from unauthorized access. * Reference: TR-CONF * Reference: TR-CDTX * Objective: Confidentiality of data Loading @@ -1540,13 +1558,15 @@ Guidance: Data transmitted may be protected by the environment or encryption. | Risk factors | Requires mitigations | |--------------|----------------------| | any | SCNF, TCNF | | | | | SNDT < 1 | none | | all others | CDTX | | Security Profile | Requires mitigations | |------------------|----------------------| | any | SCNF, TCNF | | | | | FIXME | none | | all others | CDTX | > TODO: Rate use cases by sensitivity of data transmitted and update the security profile list above. ### 5.2.X **TR-LMAS**: Minimize exposed interfaces Loading
