Consider rephrasing "Logical Access"

OWASP / owasp-istg

The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.

https://owasp.org/www-project-iot-security-testing-guide/

Creative Commons Attribution Share Alike 4.0 International

83 stars 7 forks source link

Consider rephrasing "Logical Access" #1

Closed scriptingxss closed 7 months ago

scriptingxss commented 9 months ago

The term "logical" has a certain connotation thats similar to rational and analytical but in the context of the guide, it feels misaligned creating inertia.

Consider simplifying "Logical Access" to something like “Authorization Access” "Credential Access" or “Permission Access”.

rockhoppersec commented 8 months ago

Good suggestion, and I agree! "Logical Access" is a remnant from the first version of this guide and might be too ambiguous.

In my opinion, "Authorization Access" is the best option. "Permission Access" would result in the same abbreviation as "Physical Access".

scriptingxss commented 7 months ago

Mindmap image of test cases also needs updating https://github.com/OWASP/owasp-istg/blob/main/src/img/Mindmap.png

rockhoppersec commented 7 months ago

@scriptingxss: Updated the mindmap in https://github.com/OWASP/owasp-istg/commit/cfe958a2a0f64ae4894128357f6f6ae3cea739ea. However, the component overview (formerly mindmap) is not affected by the logical > authorization access change. I believe this belongs to https://github.com/OWASP/owasp-istg/issues/4.