1. Outbound web security pattern [Threat Model]

1. Outbound web security pattern [Threat Model] ()

1. Outbound web security pattern [Threat Model]


NORA-4: Back Office
Internal application service
SC-7.b : Content inspection
SC-7.d : URL filtering
SC-7.g : Authentication / Authorization
NORA-6: Client
Endpoint
Browser
SC-7.h: Category blocking
SC-7: Boundary Protection
AU-2: Event Logging
SC-5: Denial-of-service Protection
NORA-1: External
SP-TE-28: Infection from malware, worms or trojans
SP-TE-23: Adversary in the middle attack or network traffic modification
SC-13: Cryptographic Protection
SP-TE-37: Compromise of confidential information or data breach


		NORA-4: Back Office	Internal application service
		Internal application service	NORA-1: External
		SC-7.b : Content inspection	SC-7: Boundary Protection
		SC-7.b : Content inspection	SP-TE-23: Adversary in the middle attack or network traffic modification
		SC-7.d : URL filtering	SC-7: Boundary Protection
		SC-7.d : URL filtering	SP-TE-28: Infection from malware, worms or trojans
		SC-7.g : Authentication / Authorization	SC-7: Boundary Protection
		SC-7.g : Authentication / Authorization	SP-TE-37: Compromise of confidential information or data breach
		NORA-6: Client	Endpoint
		Endpoint	Browser
		Endpoint	Browser
		Browser	NORA-1: External
		SC-7.h: Category blocking	SC-7: Boundary Protection
		SC-7.h: Category blocking	SP-TE-28: Infection from malware, worms or trojans
		AU-2: Event Logging	SP-TE-23: Adversary in the middle attack or network traffic modification
		SC-5: Denial-of-service Protection	SP-TE-23: Adversary in the middle attack or network traffic modification
		SC-13: Cryptographic Protection	SP-TE-23: Adversary in the middle attack or network traffic modification