Control IncludePhysicalThreats
URI: IncludePhysicalThreats
Package: Physical
Description: Indicates that physical threats from this location should not be ignored. This can only be used at the global inferred location (the World) where hosts are assumed to be if no other location is specified or inferred. This control provides a means for SSM users to signal that physical attacks are to be considered on any host with no other location, i.e. that such hosts are assumed to be in an unspecified (inferred) and insecure location.
A singleton subclass of Public Space representing all unsecured physical locations that are not in any other Space. |
Indicates that threats to Host from space Space should be considered, even though Host has no explicit location and is inferred to be in the global public space (the World). This control strategy is a way to specify that despite Host having no explicitly defined location, physical security is in scope, and the device is considered to be physically insecure. It addresses modelling error threats but not security threats to Host from Space. |
|
Inconsistent controls to resolve treatment of hosts with no explicit location. Used only as a trigger for modelling error threats. |