"A risk assessment of the Piql Services" by FFI

First page Previous page 64 Next page Last page

Security challenges/vulnerabilities for box.

Box

Security challenges/vulnerabilities for film.

Film

How was the power supply affected?

Power/energy supply

Specified deviations from ISO standard in the vault concerning temperature and relative humidity, and the time duration of the divergence.

Divergence from

ISO standard

Security mechanisms

Brief summary on effects on integrity.

Integrity

Brief summary on effects on availability.

Availability

Brief summary on effects on confidentiality.

Confidentiality

Brief summary on effects on immunity (against attacks on CIA).

Immunity

Recommendations

List the safety or security measures which could alleviate the consequences of the scenario.

Recommended protective measures

References

Relevant literature

Figure 7.1 The template used in the scenario descriptions

The template is based on one already developed at FFI during a previous project, but has been customised to the PreservIA project and developed further. 19 All of the factors which were presented and clarified in chapters 5 and 6 of the report – geography, timeframe, user class and corresponding asset, location and type of storage facility, and, lastly, if the scenario describes an intentional act, the threat actors and their intentions and capacities – are included in the template. By inserting the relevant information, together these factors should give a detailed description of the future event in the scenario. Furthermore, the template presents the ensuing consequences of the event and specifically how the Piql Preservation Services components and surrounding environment are affected. Finally, the effect of the event on the security properties CIA and immunity can be briefly outlined. Thus concludes the complete description of the events unfolding in the scenario and their consequences. The template then allows for a brief listing of recommendations of measures to alleviate the consequences of the event. It should be

19 Based on the template developed in the PRACTICE project, see [46]

62

FFI-RAPPORT 16/00707

Made with FlippingBook Online newsletter