Public Infrastructure Platform
Description
The Public Infrastructure Platform represents externally hosted infrastructure resources used by the Scheol Lab environment. It provides network connectivity, hosting services, and access to public-facing applications, enabling experimentation and external service simulation.
Asset Identification
| Attribute | Value |
|---|---|
| Asset ID | PLT-EXT-01 |
| CI Type | Platform |
| Asset Name | Public Infrastructure Platform |
| Asset Category | External Infrastructure |
| Owner | Operations Role (Ops) |
| Status | Active |
| Location | Public VPS |
| Primary Function | Hosting of external services, supporting public-facing platforms |
Asset Dependencies
| Dependency Type | Asset | Status |
|---|---|---|
| Infrastructure | Public VPS | Active |
| Platform | Proxmox Virtualization Platform | Planned |
| Platform | Network Security Platform | Planned |
Relationships
| Relationship | Target CI |
|---|---|
| Supports | Public-facing applications |
| Depends on | Internal platform services (Proxmox, Network Security) |
| Supports | Testing and development of internet-facing services |
Asset Classification
| Criteria | Level |
|---|---|
| Confidentiality | 🟨 Medium |
| Integrity | 🟥 High |
| Availability | 🟥 High |
Criticality score: 🟥 High
Rationale:
- Integrity is critical to ensure that externally hosted services function correctly and reliably.
- Availability is essential for public-facing experimentation and service continuity.
- Confidentiality is medium: public infrastructure typically does not store sensitive internal data, but some configuration and access credentials must be protected.
Responsibilities
| Role | Responsibility |
|---|---|
| Operations Role (Ops) | Management and monitoring of public infrastructure, service provisioning |
| Security Role (Sec) | Hardening, access control, monitoring integration |
Security Controls (High-Level)
- Access control for service interfaces
- Secure configuration of hosted infrastructure
- Integration with monitoring and logging solutions
- Regular patching and updates for externally hosted services
Security Considerations
Main risks associated with this asset include:
- Misconfiguration leading to public exposure of sensitive services
- Service outages or downtime impacting dependent platforms
- Unauthorized access or compromise of hosted services
Mitigation measures may include:
- Strict access control and credential management
- Network and service monitoring
- Regular updates and vulnerability management
- Clear dependency mapping with internal platforms
Methodological References:
- ISO 27001 - Control 8.3 Information access restriction ; Control 8.16 Monitoring activities ; Control 8.20 Network security.
- NIST CSF - PR.PT Protective Technology ; PR.AC Access Control ; DE.CM Continuous Monitoring.
- EBIOS RM - Public-facing infrastructure platforms as critical exposure assets.