NFR - Prevent SPI from malware or backdoor attacks #1684
DanielaWuensch
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Feature Request
Non-functional requirement - Prevent SPI from malware or backdoor attacks
As a company, which operates the EDC, I want to ensure that no malware can be dynamically loaded via the EDC SPI.
Therefore I would like to ensure that only Classes are dynamically loaded during runtime have been defined at build time. Ensure that no additional libraries that have not been defined at build-time can be loaded at runtime.
Therefore adequate tooling/framework support need to be in place to prevent those attacks. (i.e. Whitelisting of Modules/Extensions)
Which Areas Would Be Affected?
all, including DPF, CI, build, transfer, etc._
Why Is the Feature Desired?
Security Requirement
Solution Proposal
adequate tooling/framework support need to be in place to prevent those attacks. (i.e. Whitelisting of Modules/Extensions)
Type of Issue
non-functional requirement
Checklist
Ensure that no additional libraries that have not been defined at build-time can be loaded at runtime.
Describe how this will be prevented.
Beta Was this translation helpful? Give feedback.
All reactions