Benjamin Admin
4e761c1363
User-Entscheidung Modell C + objective_tags-Safeguard (Tags, keine Klasse). Deterministisch via materialize_capabilities.py: - obligations/capabilities.json: 5 Capabilities (multi_factor_authentication/session_management/ transport_encryption/code_signing/security_monitoring_alerting), realized_by (n:m) + guidance_basis KANONISCH hochgezogen. access_control gedroppt (OVERLAP). - obligations/cra_core.json: 2 CORE-Sicherheitsziele (attack_surface_minimization (2)(j)/CM-7 + software_integrity_protection (2)(f)/SI-7) -> fuellt den #4-NIST-Gap. - DOMAIN specializes->CORE (remote_access_attack_surface_min, component_remote_interface_security, signed_update_integrity, firmware_software_authentication) + objective_tags. - Merge: vuln_remediation_patching -> deprecated_alias von provide_security_updates. - remote_access_data_export_protection bleibt BEST_PRACTICE (pending Data-Act-Scope). - join_keys 93->95 (core 2). Bidirektional validiert. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
253 lines
6.1 KiB
JSON
253 lines
6.1 KiB
JSON
{
|
|
"schema_version": "capability_layer_v1",
|
|
"model": "Modell C (docs-src/development/capability_model_v1.md)",
|
|
"note": "Capability = technische Faehigkeit (regulierungs-agnostisch). realized_by = Obligations, die sie erfuellt (n:m). guidance_basis hier KANONISCH hochgezogen aus den realisierten Obligations (die Obligation-Kopien bleiben vorerst als Legacy; Strip = Folge-Cleanup). Sicherheitsziele sind KEINE Capabilities -> cra_core.json.",
|
|
"dropped": {
|
|
"access_control": "OVERLAP (credential_confidentiality <-> sbom_confidentiality), nicht materialisiert"
|
|
},
|
|
"candidate_capabilities_followup": [
|
|
"automatic_update_delivery",
|
|
"update_rollback",
|
|
"trusted_update_source",
|
|
"hash_verification",
|
|
"secure_boot",
|
|
"least_functionality",
|
|
"credential_storage"
|
|
],
|
|
"capabilities": [
|
|
{
|
|
"capability_id": "multi_factor_authentication",
|
|
"name": "Multi-Factor Authentication",
|
|
"description": "Mehrfaktor-Authentisierung als technische Faehigkeit (Besitz/Wissen/Inhaerenz).",
|
|
"type": "technical_capability",
|
|
"realized_by": [
|
|
"mfa_required",
|
|
"privileged_op_reauth",
|
|
"remote_access_authentication",
|
|
"remote_access_mfa",
|
|
"remote_access_user_validation_ot",
|
|
"supplier_access_auth"
|
|
],
|
|
"realizes_count": 6,
|
|
"guidance_basis": [
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-63B",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "Out-of-Band-Authentifizierung",
|
|
"anchor": "",
|
|
"role": "implementation_guidance",
|
|
"merged_from": "out_of_band_authentication"
|
|
},
|
|
{
|
|
"source": "Hardware-basierte Authentifizierung (AAL3)",
|
|
"anchor": "",
|
|
"role": "implementation_guidance",
|
|
"merged_from": "hardware_authenticators"
|
|
},
|
|
{
|
|
"source": "E-Mail-Authentifizierungsmechanismen (SPF/DKIM/DMARC)",
|
|
"anchor": "",
|
|
"role": "implementation_guidance",
|
|
"merged_from": "email_authentication"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "IA-02",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "IA-02(1)",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "AC-17",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-53 IA-2",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "BSI",
|
|
"anchor": "ICS Security Kompendium",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "ISO",
|
|
"anchor": "ISO 27001 A.5.19",
|
|
"role": "best_practice"
|
|
}
|
|
],
|
|
"domains": [
|
|
"authentication",
|
|
"remote_access"
|
|
],
|
|
"provenance": {
|
|
"source": "cross_domain_relationships.json SHARED_CAPABILITY"
|
|
}
|
|
},
|
|
{
|
|
"capability_id": "session_management",
|
|
"name": "Session Management",
|
|
"description": "Sichere Sitzungsverwaltung: Timeouts, Bindung, Re-Auth, Beendigung.",
|
|
"type": "technical_capability",
|
|
"realized_by": [
|
|
"reauth_after_inactivity",
|
|
"remote_session_management",
|
|
"session_binding_management",
|
|
"temporary_remote_access_mgmt"
|
|
],
|
|
"realizes_count": 4,
|
|
"guidance_basis": [
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-63B 4.3",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-53 AC-12",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "OWASP",
|
|
"anchor": "ASVS V3",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "AC-2(5)",
|
|
"role": "best_practice"
|
|
}
|
|
],
|
|
"domains": [
|
|
"authentication",
|
|
"remote_access"
|
|
],
|
|
"provenance": {
|
|
"source": "cross_domain_relationships.json SHARED_CAPABILITY"
|
|
}
|
|
},
|
|
{
|
|
"capability_id": "transport_encryption",
|
|
"name": "Transport Encryption",
|
|
"description": "Verschluesselter Transport (TLS, mutual-TLS, Zertifikats-Auth, VPN/Tunnel).",
|
|
"type": "technical_capability",
|
|
"realized_by": [
|
|
"encrypted_auth_channel",
|
|
"mutual_authentication",
|
|
"reject_insecure_remote_protocols",
|
|
"remote_access_confidentiality_integrity",
|
|
"remote_access_encryption",
|
|
"service_to_service_auth",
|
|
"tls_certificate_auth"
|
|
],
|
|
"realizes_count": 7,
|
|
"guidance_basis": [
|
|
{
|
|
"source": "BSI",
|
|
"anchor": "TR-02102-2",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "IA-03",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SC-8",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "BSI",
|
|
"anchor": "IT-Grundschutz NET.3.3",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "OWASP",
|
|
"anchor": "API Security Top 10",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "IA-05(2)",
|
|
"role": "best_practice"
|
|
}
|
|
],
|
|
"domains": [
|
|
"authentication",
|
|
"remote_access"
|
|
],
|
|
"provenance": {
|
|
"source": "cross_domain_relationships.json SHARED_CAPABILITY"
|
|
}
|
|
},
|
|
{
|
|
"capability_id": "code_signing",
|
|
"name": "Code & Update Signing",
|
|
"description": "Digitale Signatur + Integritaets-/Authentizitaetspruefung von Firmware/Software/Updates.",
|
|
"type": "technical_capability",
|
|
"realized_by": [
|
|
"firmware_software_authentication",
|
|
"signed_update_integrity"
|
|
],
|
|
"realizes_count": 2,
|
|
"guidance_basis": [
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SI-07",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-147 BIOS Protection",
|
|
"role": "best_practice"
|
|
}
|
|
],
|
|
"domains": [
|
|
"authentication",
|
|
"updates"
|
|
],
|
|
"provenance": {
|
|
"source": "cross_domain_relationships.json SHARED_CAPABILITY"
|
|
}
|
|
},
|
|
{
|
|
"capability_id": "security_monitoring_alerting",
|
|
"name": "Security Monitoring & Alerting",
|
|
"description": "Anomalie-/Bedrohungserkennung und Alarmierung aus Logs/Telemetrie.",
|
|
"type": "technical_capability",
|
|
"realized_by": [
|
|
"log_monitoring_alerting",
|
|
"remote_access_threat_detection"
|
|
],
|
|
"realizes_count": 2,
|
|
"guidance_basis": [
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "AU-6/SI-4",
|
|
"role": "best_practice"
|
|
},
|
|
{
|
|
"source": "NIST",
|
|
"anchor": "SP 800-94",
|
|
"role": "best_practice"
|
|
}
|
|
],
|
|
"domains": [
|
|
"logging",
|
|
"remote_access"
|
|
],
|
|
"provenance": {
|
|
"source": "cross_domain_relationships.json SHARED_CAPABILITY"
|
|
}
|
|
}
|
|
]
|
|
} |