Control DisableInterface
URI: DisableInterface
Package: NetworkConnectivity
Description: Means a host does not connect to a network, unless compromised. This is not the same as FWBlock, which represents a policy to drop messages on a live connection. It means the connection is not made in the first place. Typically used where a host connects to a radio network that is implemented in several locations, but should not be used in some of those locations.
The interface between a Host and a Logical Subnet. Represents a possible point of control and a target for attack. If the Logical Subnet is an IP network, the Interface also represents the existence of an IP address. |
Signifies that device Host will not connect to subnet LogicalSubnet even though such a connection is implied by the system model. This strategy does not represent a contingency plan, but a permanent restriction introduced by design or in accordance with an operational policy or user preference. It also triggers threats representing side effects that would be caused by such a restriction. The most common situation where a connection is possible but is not used is where a mobile device connects to a cellular network which could be done in any location, but the user will avoid it in some locations. |