[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xcbf] WSS-XCBF threat model
Monica, Following the lead of the WSS-X509 dcoument, I note that WSS-XCBF does not mention threat model and countermeasures as done in WSS.X509 section 3.6. Perhaps we should add a section for this. I suggest the following mimicing the text in WSS-X509: The use of XCBF messages in an XCBF security token introduces no new threats beyond those already identified for other types of WS- Security tokens. Message alteration and eavesdropping are addressed directly in the XCBF message that forms the token content by using the integrity and privacy mechanisms described in XCBF. Replay attacks can be addressed by using message timestamps and caching, as well as other application- specific tracking mechanisms. For XCBF messages ownership is verified by use of keys and man-in-the-middle attacks are generally mitigated. It is strongly recommended that XCBF token content be protected by use of one of the integrity object choice alternatives defined in XCBF. While it is possible that transport-level security could be used to protect the overall message and the XCBF security token, great care must be taken to protect biometric information. It is strongly recommended that XCBF token content be protected by use of one of the privacy object choice alternatives defined in XCBF. Phil
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC