Thanks for the pointers. The proposed threat model for PAWS is specifically dealing with the following aspect mentioned in Sec 3 of RFC3522: " By contrast, we assume that the attacker has nearly complete control of the communications channel over which the end-systems communicate. This means that the attacker can read any PDU (Protocol Data Unit) on the network and undetectably remove, change, or inject forged packets onto the wire. This includes being able to generate packets that appear to be from a trusted machine. Thus, even if the end-system with which you wish to communicate is itself secure, the Internet environment provides no assurance that packets which claim to be from that system in fact are.
" The intent is to derive a set of requirements that are applicable for the protocol between the master device and the white space database. Most of the actual security work itself will be done in the solution specifications. -Raj On 1/27/12 2:30 PM, "ext Peter Saint-Andre" <[email protected]> wrote: ><hat type='individual'/> > >On 1/27/12 12:39 PM, [email protected] wrote: >> >> Hello, >> >> While discussing the requirements we concluded that it would be useful >>to >> have a threat model for PAWS. Below is an initial writeup of the threat >> model. This threat model can be included in the Security considerations >> section of the Use-case and Requirements I-D. Security requirements can >>be >> derived from this threat model. >> Comments welcome. > >As always, it can be helpful to revisit RFC 3552 and look at some other >protocol specifications that describe threat models (e.g., RFC 3833). > >Peter > >-- >Peter Saint-Andre >https://stpeter.im/ > > _______________________________________________ paws mailing list [email protected] https://www.ietf.org/mailman/listinfo/paws
