Security Framework
7 : IISF Functional Viewpoint
Figure 7-3 : Functional Breakdown for Endpoint Protection
Endpoint Protection assures the availability , confidentiality and integrity of the functionality performed by the endpoint .
Endpoint security should consider at least these security functions :
Endpoint Physical Security provides physical protection of the endpoint with anti-tampering and theft prevention mechanisms to prevent uncontrolled changes or removal of the endpoint .
Endpoint Root of Trust provides a foundation to secure other functions at the endpoint , from the hardware to applications including firmware , virtualization layer , operating system , execution environment and application . It also provides confidence on the endpoint identity .
Endpoint Identity is based on the inherent properties of an endpoint that distinguishes it from other endpoints . Identity needs to be supported with evidence or testimonials that confirm the claim of identity , referred as credentials .
Endpoint Integrity Protection ensures the endpoint is in the configuration required to perform its functions predictably .
Endpoint Access Control ensures that proper identification , authentication and authorization is performed prior to granting any resources or services .
Endpoint Secure Configuration and management controls updates of security policy and configuration at the endpoint , including upgrades and patches of known vulnerabilities .
IIC : PUB : G4 : V1.0 : PB : 20160926 - 49 -