[Threat Modelling] Enforce encrypted communication with strict certificate validation to 3rd party services

[tobiscr]

Description

To avoid spoofing attacks, any communication between the Compass Manager and 3rd party services has to be encrypted.. The Compass Manager has to enforce and strictly validate the TLS communication to 3rd party services (e.g. Compass Director GraphQL and access to Kubernetes API on KCP and SKR side).

AC:

• Verify the communication to the Compass Director GraphQL service and enforce + validate the TLS communication used by the client API
• Verify the communication to the KCP / SKR Kubernetes API and make sure an encrypted and validated communication is used by the Kubernetes Client API.

Steps to exploit

Attacker can use a man-in-the-middle attack to spoof network traffic.

Risk assessment

Part of the Threat Modelling workshop from 2023-11-29.

Proposed mitigation

Review the used source code and ensure that only encrypted communication to the 3rd party service (e.g. Kubernetes API, Compass Directory GraphQL) is possible and enforce a strict validation of the SSL certificate.

[tobiscr]

Mural Board: https://app.mural.co/t/sap10/m/sap10/1701162989605/93d8a5cfd1937c1ed568d324926d51d6d4c96669?sender=u03d165e43fbc397bd7057627