[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Related discussion in the IETF related EDXL, CAP, etc
The GeoPriv WG of the IETF has an ongoing dialogue that may be germane to
the work of the OASIS EM TC. This has to do with Threat analysis and use cases
for alerts. An example is:
Based on the discussion today, some notes, first on the threat model. At
a high level, for this discussion, we care about users that place calls using wrong location information, for one of two purposes: (1) dispatching resources to a wrong place (here, resources can be anything from AAA towtrucks to Domino's Pizza to a fire engine) = crank call; (2) flooding call centers with lots of calls apparently from different individuals and different locations, to overwhelm call takers that need to answer the call, determine that there's no human there (but maybe a recording) = DOS. The first case relies on the ability to spoof locations, possibly on a small scale, while the second relies on the ability to create lots of different-looking calls in short order. It is easy to filter out lots of calls coming from the same caller and/or exact same location, so that type of replay attack is not as major a concern. We can probably agree that dealing with zombie PCs that report their correct location and identity, but have been owned by a worm, are beyond what GEOPRIV can fix and is best left to Microsoft and kin. (There are some things one could do at the application layer if there's an attack, such as some kind of Turing test to ascertain that the caller is a live human being. I suspect it is not easy to make this work with sufficiently low failure rates for children and those with limited command of English.) For both cases above, there are two related issues: (1) limiting the ability to perform the attack; (2) prosecuting the attacker, as this is likely to act as a deterrent. It would be helpful to converge on the threat model, without discussing solutions. It may well be that either threat cannot be addressed in all cases. Carl Reed, PhD
CTO and Executive Director Specification Program OGC The OGC: Helping the World to Communicate Geographically ---------------------
This communication, including attachments, is for the exclusive use of
addressee and may contain proprietary, confidential or privileged information.
If you are not the intended recipient, any use, copying, disclosure,
dissemination or distribution is strictly prohibited. If you are not the
intended recipient, please notify the sender immediately by return email
and delete this communication and destroy all copies.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]