Loading EN-304-625.md +61 −2 Original line number Diff line number Diff line Loading @@ -301,18 +301,77 @@ FIXME split into specific use cases * Incoming connections allowed from the entire internet * Multiple users/accounts some of whom may be malicious * Runs servers open to the world (ssh, web, etc.) 1. Special purpose operating system * User is highly knowledgeable * Dedicated functionality * Minimal or no user interface * Might run on custom hardware _The following use cases are more specific (for now). Based on the similarities in their threat models, they can be reduced to common use cases._ 1. Phone * Single user (account), sharing between humans possible * Connects to various networks (home, public, mobile, ..) * Installs and runs applications (from trusted sources?) * Browses the web * Used for sensitive transactions/data storage (e.g. banking, health data) * Collects lots of user/usage data * Travels basically everywhere (risk of loss) * Multiple interfaces (Bluetooth, Wifi, NFC, USB-C ..) 1. Personal laptop * Mostly single user, sometimes shared in a small circle * Connects to various networks (home, public, mobile ..) * Web browsing and applications for personal work/entertainment * Stored/Transmitted data can be sensitive (online banking, account passwords, ..) * Installs and runs applications (from untrusted sources?) * Self-managed by potentially unexperienced users * Not stationary, used for mobile working and travelling * Multiple interfaces (Bluetooth, Wifi, USB-A, USB-C ..) 1. Personal desktop computer (stationary) * Single user (or shared in a small circle) * Connected to a home network behind a rounter's firewall * Web browsing and applications for personal work/entertainment * Stored/Transmitted data can be sensitive (online banking, account passwords, ..) * Self-managed by potentially unexperienced users * Always stationary, access to hardware interfaces unlikely 1. Enterprise laptop * Effectively single user * Connected to enterprise network with firewall, potentially via VPN * Web browsing and office applications * Managed by the enterprise's IT dep. (perhaps with Mobile Device Management) * Transmits and stores business-critical data * System failure can cause monetary loss (if no proper BCM) 1. Enterprise work station (stationary) * Effectively single user (unless shared, but then more likely to be a "stateless terminal"?) * Connected to enterprise network with firewall * Web browsing and office applications * Managed by the enterprise's IT dep. * Transmits and stores business-critical data * System failure can cause monetary loss (if no proper BCM) * Always stationary (and supervised), access to hardware interfaces unlikely 1. Personal server * Single human user, no other user logins (but daemons) * Behind a firewall * But access from anywhere via the internet possible (depending on services running) * Managed by hobbyists (at least some level of experience) * Always stationary, access to hardware interfaces unlikely 1. Stateless multi-user terminal * Multi-user system * Handles different workloads of different users * No local data or session storage * Highly network dependent (likely company network with firewall) Use cases don't include industrial operations, marine, airplane, medical, military, national security, etc. Further use cases that are not (fully?) covered by the previous listing (or not removed yet). * personal laptop * personal desktop/stationary * personal server * corporate versions of above (different levels?) * sun ray situation stateless multi-user terminal * Stateless multi-user terminal (e. g. Sun Ray) * embedded device with low risk * embedded devices with higher risk that are still in scope??? * phone * ??? suggestion: look for most extremely vulnerable use cases and then remove exposure for less vulnerable use cases Loading Loading
EN-304-625.md +61 −2 Original line number Diff line number Diff line Loading @@ -301,18 +301,77 @@ FIXME split into specific use cases * Incoming connections allowed from the entire internet * Multiple users/accounts some of whom may be malicious * Runs servers open to the world (ssh, web, etc.) 1. Special purpose operating system * User is highly knowledgeable * Dedicated functionality * Minimal or no user interface * Might run on custom hardware _The following use cases are more specific (for now). Based on the similarities in their threat models, they can be reduced to common use cases._ 1. Phone * Single user (account), sharing between humans possible * Connects to various networks (home, public, mobile, ..) * Installs and runs applications (from trusted sources?) * Browses the web * Used for sensitive transactions/data storage (e.g. banking, health data) * Collects lots of user/usage data * Travels basically everywhere (risk of loss) * Multiple interfaces (Bluetooth, Wifi, NFC, USB-C ..) 1. Personal laptop * Mostly single user, sometimes shared in a small circle * Connects to various networks (home, public, mobile ..) * Web browsing and applications for personal work/entertainment * Stored/Transmitted data can be sensitive (online banking, account passwords, ..) * Installs and runs applications (from untrusted sources?) * Self-managed by potentially unexperienced users * Not stationary, used for mobile working and travelling * Multiple interfaces (Bluetooth, Wifi, USB-A, USB-C ..) 1. Personal desktop computer (stationary) * Single user (or shared in a small circle) * Connected to a home network behind a rounter's firewall * Web browsing and applications for personal work/entertainment * Stored/Transmitted data can be sensitive (online banking, account passwords, ..) * Self-managed by potentially unexperienced users * Always stationary, access to hardware interfaces unlikely 1. Enterprise laptop * Effectively single user * Connected to enterprise network with firewall, potentially via VPN * Web browsing and office applications * Managed by the enterprise's IT dep. (perhaps with Mobile Device Management) * Transmits and stores business-critical data * System failure can cause monetary loss (if no proper BCM) 1. Enterprise work station (stationary) * Effectively single user (unless shared, but then more likely to be a "stateless terminal"?) * Connected to enterprise network with firewall * Web browsing and office applications * Managed by the enterprise's IT dep. * Transmits and stores business-critical data * System failure can cause monetary loss (if no proper BCM) * Always stationary (and supervised), access to hardware interfaces unlikely 1. Personal server * Single human user, no other user logins (but daemons) * Behind a firewall * But access from anywhere via the internet possible (depending on services running) * Managed by hobbyists (at least some level of experience) * Always stationary, access to hardware interfaces unlikely 1. Stateless multi-user terminal * Multi-user system * Handles different workloads of different users * No local data or session storage * Highly network dependent (likely company network with firewall) Use cases don't include industrial operations, marine, airplane, medical, military, national security, etc. Further use cases that are not (fully?) covered by the previous listing (or not removed yet). * personal laptop * personal desktop/stationary * personal server * corporate versions of above (different levels?) * sun ray situation stateless multi-user terminal * Stateless multi-user terminal (e. g. Sun Ray) * embedded device with low risk * embedded devices with higher risk that are still in scope??? * phone * ??? suggestion: look for most extremely vulnerable use cases and then remove exposure for less vulnerable use cases Loading
