Loading EN-304-626.md +13 −13 Original line number Diff line number Diff line Loading @@ -450,7 +450,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * **UC-IoT-1** A non-internet-connected device such as a bluetooth speaker * does not store any user-specific data * has no means to connect directly to the internet * has no means to connect directly to a public network * not intended to support hardware, software, or operating system changes * **UC-IoT-2** An internet-enabled power switch Loading Loading @@ -501,7 +501,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * does not have accessible I/O ports and is not user-modifiable * connects to a central service, operated by the device manufacturer, for remote data processing * connections are proxied by a trusted device, such as a mobile phone * is not exposed to the internet * is not exposed to a public network * **UC-ST-1** Stateless multi-user terminal * effectively a keyboard, mouse, and display connected to remote server Loading @@ -514,13 +514,13 @@ _The following use cases are provided to assist manufacturers in selecting risk * **UC-PC-1** A personal computer in a fixed and generally safe location * hardware, software and operating system may be configured and modified by the end-user * the user may not be either highly skilled or an authorized representative of the manufacturer * foreseeably connects to the internet and to low-trust local networks, but is not reachable from the open internet * foreseeably connects to a public network and to low-trust local networks, but is not reachable from the open internet * stores personal information and arbitrary files * **UC-PC-2** An enterprise workstation in a fixed and generally safe location * installed in an access-controlled workspace * serviced by trained professionals who may modify both software and hardware * connected to the internet with external mitigations, such as enterprise-grade firewalls * connected to a public network with external mitigations, such as enterprise-grade firewalls * connects to trusted local networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage * used for web browsing Loading @@ -530,7 +530,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * hardware, software and operating system may be configured and modified by the end-user * device is a foreseeable target of theft and tampering by untrusted 3rd parties * stores personal information and arbitrary files * unrestricted connection to the internet * unrestricted connection to a public network * is frequently connected to untrusted networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage Loading @@ -539,23 +539,23 @@ _The following use cases are provided to assist manufacturers in selecting risk * serviced by trained professionals who may modify both software and hardware * device is a foreseeable target of theft and tampering by untrusted 3rd parties * stores business data, personal information and arbitrary files * unrestricted connection to the internet * unrestricted connection to a public network * is frequently connected to untrusted networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage * **UC-PS-1** Personal server * one or a small number of trusted users * installed in a fixed location at home or in a cohosting facility * connected to the internet with a firewall * connected to a public network with a firewall * connects to trusted local network * limited access permitted from the internet for specific services * limited access permitted from a public network for specific services * semi-professional semi-automated management by one or a few people * always stationary, access to hardware interfaces unlikely * **UC-SE-1** An enterprise server in a datacenter with no user accounts * installed in a monitored and secured facility * serviced by trained professionals who may modify both software and hardware * connected to the internet with external mitigations, such as enterprise-grade firewalls * connected to a public network with external mitigations, such as enterprise-grade firewalls * connects to trusted local networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage Loading Loading @@ -702,15 +702,15 @@ FIXME add the separate concept of users apart from accounts * DVCS-1: foreseeable use includes only trusted and safe peripheral devices * DVCS-2: foreseeable use allows for arbitrary peripheral device attachment #### 4.5.1.13 Access To The Internet #### 4.5.1.13 Access to a Public Network **[RF-TNET]:** Likelihood that the device will initiate connections to public networks. * TNET-0: foreseeable use has no mechanism to reasonably connect to the internet * TNET-0: foreseeable use has no mechanism to reasonably connect to a public network * TNET-1: foreseeable use allows internet access for only highly restricted functions, such as retrieving security updates * TNET-2: foreseeable use allows for arbitrary access to the internet, such as by browsing the web * TNET-2: foreseeable use allows for arbitrary access to a public network, such as by browsing the web #### 4.5.1.14 Accessed From Untrusted Networks Including The Internet #### 4.5.1.14 Accessed From Untrusted Networks Including a Public Network **[RF-FNET]:** Likelihood that the device will be exposed to incoming traffic from public networks. Loading Loading
EN-304-626.md +13 −13 Original line number Diff line number Diff line Loading @@ -450,7 +450,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * **UC-IoT-1** A non-internet-connected device such as a bluetooth speaker * does not store any user-specific data * has no means to connect directly to the internet * has no means to connect directly to a public network * not intended to support hardware, software, or operating system changes * **UC-IoT-2** An internet-enabled power switch Loading Loading @@ -501,7 +501,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * does not have accessible I/O ports and is not user-modifiable * connects to a central service, operated by the device manufacturer, for remote data processing * connections are proxied by a trusted device, such as a mobile phone * is not exposed to the internet * is not exposed to a public network * **UC-ST-1** Stateless multi-user terminal * effectively a keyboard, mouse, and display connected to remote server Loading @@ -514,13 +514,13 @@ _The following use cases are provided to assist manufacturers in selecting risk * **UC-PC-1** A personal computer in a fixed and generally safe location * hardware, software and operating system may be configured and modified by the end-user * the user may not be either highly skilled or an authorized representative of the manufacturer * foreseeably connects to the internet and to low-trust local networks, but is not reachable from the open internet * foreseeably connects to a public network and to low-trust local networks, but is not reachable from the open internet * stores personal information and arbitrary files * **UC-PC-2** An enterprise workstation in a fixed and generally safe location * installed in an access-controlled workspace * serviced by trained professionals who may modify both software and hardware * connected to the internet with external mitigations, such as enterprise-grade firewalls * connected to a public network with external mitigations, such as enterprise-grade firewalls * connects to trusted local networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage * used for web browsing Loading @@ -530,7 +530,7 @@ _The following use cases are provided to assist manufacturers in selecting risk * hardware, software and operating system may be configured and modified by the end-user * device is a foreseeable target of theft and tampering by untrusted 3rd parties * stores personal information and arbitrary files * unrestricted connection to the internet * unrestricted connection to a public network * is frequently connected to untrusted networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage Loading @@ -539,23 +539,23 @@ _The following use cases are provided to assist manufacturers in selecting risk * serviced by trained professionals who may modify both software and hardware * device is a foreseeable target of theft and tampering by untrusted 3rd parties * stores business data, personal information and arbitrary files * unrestricted connection to the internet * unrestricted connection to a public network * is frequently connected to untrusted networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage * **UC-PS-1** Personal server * one or a small number of trusted users * installed in a fixed location at home or in a cohosting facility * connected to the internet with a firewall * connected to a public network with a firewall * connects to trusted local network * limited access permitted from the internet for specific services * limited access permitted from a public network for specific services * semi-professional semi-automated management by one or a few people * always stationary, access to hardware interfaces unlikely * **UC-SE-1** An enterprise server in a datacenter with no user accounts * installed in a monitored and secured facility * serviced by trained professionals who may modify both software and hardware * connected to the internet with external mitigations, such as enterprise-grade firewalls * connected to a public network with external mitigations, such as enterprise-grade firewalls * connects to trusted local networks * hardware likely contains tamper-evident indicators and secure elements for cryptographic storage Loading Loading @@ -702,15 +702,15 @@ FIXME add the separate concept of users apart from accounts * DVCS-1: foreseeable use includes only trusted and safe peripheral devices * DVCS-2: foreseeable use allows for arbitrary peripheral device attachment #### 4.5.1.13 Access To The Internet #### 4.5.1.13 Access to a Public Network **[RF-TNET]:** Likelihood that the device will initiate connections to public networks. * TNET-0: foreseeable use has no mechanism to reasonably connect to the internet * TNET-0: foreseeable use has no mechanism to reasonably connect to a public network * TNET-1: foreseeable use allows internet access for only highly restricted functions, such as retrieving security updates * TNET-2: foreseeable use allows for arbitrary access to the internet, such as by browsing the web * TNET-2: foreseeable use allows for arbitrary access to a public network, such as by browsing the web #### 4.5.1.14 Accessed From Untrusted Networks Including The Internet #### 4.5.1.14 Accessed From Untrusted Networks Including a Public Network **[RF-FNET]:** Likelihood that the device will be exposed to incoming traffic from public networks. Loading
