forked from usnistgov/mobile-threat-catalogue
-
Notifications
You must be signed in to change notification settings - Fork 0
/
stack.html
87 lines (71 loc) · 4.62 KB
/
stack.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
---
layout: threat-list
title: Mobile Device Technology Stack
---
<p><b><a href="#mobile-operating-system">Mobile Operating System:</a></b> Operating system specifically designed for a mobile device and running mobile applications.</p>
<p><b><a href="#device-drivers">Device Drivers:</a></b> Firmware running on a mobile device often used to interact with device hardware and other peripherals (e.g., camera)</p>
<p><b><a href="#isolated-exec-environ">Isolated Execution Environments:</a></b> Hardware- or Firmware-based environment built into the mobile device that may provide many capabilities such as trusted key storage, code verification, code integrity, and trusted execution for security relevant
processes.</p>
<p><b><a href="#boot-firmware">Boot Firmware:</a></b> The firmware necessary to boot the mobile OS (i.e., bootloader), and may verify additional device initialization code, device drivers used for peripherals, and portions of the mobile OS - all before a user can use the device.</p>
<p><b><a href="#baseband-subsystem">Baseband Subsystem:</a></b> The collection of hardware and firmware used to access the cellular network, and may run a real-time operating system (RTOS).</p>
<p><b><a href="#sim-card">SIM Card:</a></b> This removable hardware token is a System on a Chip (SoC) housing the subscriber identity (i.e., International Mobile Subscriber Identity), pre-shared cryptographic keys, and configuration information needed to obtain access to cellular
networks.</p>
<p><b><a href="#sd-card">Secure Digital (SD) Card:</a></b> A removable peripheral supported by some models of mobile devices. SD cards come in many form factors and are most often used for data storage, and may contain app binaries, app data, or user data. SD System on a Chip (SoC) peripherals, such as a Wi-Fi adapter, also exist.</p>
<h2>Threat List</h2>
<h3 id="mobile-operating-system">Mobile Operating System</h3>
<ul class="threat-list">
{% assign sorted = site.stack-threats | sort:"rawID" %}
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'Mobile Operating System' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="device-drivers">Device Drivers</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'Device Drivers' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="isolated-exec-environ">Isolated Execution Environments</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'Isolated Execution Environments' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="boot-firmware">Boot Firmware</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'Boot firmware' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="baseband-subsystem">Baseband Subsystem</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'Baseband Subsystem' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="sim-card">SIM Card</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'USIM / SIM / UICC security' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>
<h3 id="sd-card">SD Card</h3>
<ul class="threat-list">
{% for stack-threat in sorted %}
{% if stack-threat.ThreatCategory == 'SD Card' %}
<li><a href="{{ site.baseurl }}{{ stack-threat.url }}">{{ stack-threat.ID }}: {{ stack-threat.Threat }} {% if stack-threat.removed %}(DEPRECATED){% endif %}</a></li>
{% endif %}
{% endfor %}
</ul>