82 Copyright © 2010 Open Geospatial Consortium, Inc.

8.1.2.1.4 Spoof of identity

Spoof of identity is an attack where an entity pretends to be a different entity. This attack is usually used with some other forms of attacks. For example, an authorized entity with few privileges may use a false identity to obtain extra privileges by impersonating an entity that has those privileges.

8.1.2.1.5 Intermediary network devices

The proxy devices, firewalls, NAT network address translators are devices that act as intermediaries for data flow between various entities. These devices may prevent incoming data flow to be passed to its final destination or other intermediaries in case of a multihop system e.g. data passes thought multiple devices or hops until it reaches its destination. This situation happens but is not limited to delivering notifications to subscribers. For example, a firewall might be configured to only accept a data flow as a response to a request originated from a domain protected by the device itself. NAT device might hide private IP addresses from being exposed into public IP domain. In addition, these problems might be aggravated by frequent usage of DHCP service dynamic IP addressing which allows IP address to be leased from a pool of IP addresses over certain amount of time or per session basis, DNS service i.e. resolving URL symbolic address to actual IP address and any combination of devices, services mentioned above or network topology. This kind of problems could be mitigated by configuring those devices to allow certain types of traffics andor using static IP addresses. For example, NAT static address mapping entry could be added to allow incoming data flow from an entity e.g. Event Service which has a fixed public IP address to be translated to a private IP address of the destination entity e.g. subscriber. A firewall could be configured to allow incoming traffic from entities using fixed IP addresses to be propagated to the final destination. Some protocols could be better designed to handle firewall problems transparently e.g. SOAP over HTTP while some people may argue that is not a good practice.

8.1.2.1.6 Trojan horse type of attacks

Trojan horse attack usually consists of authorized and unauthorized operations and is usually combined with other threats and attacks like unauthorized disclosure of data and message reply. For example, a subscriber may request notifications to be delivered to an entity that is not authorized to receive them.

8.1.3 Security measures

Security features usually increases the system costs. The cost could be reflected in system performance degradation and in increased complexity for implementing, configuring and maintaining the system. Each security threat and vulnerability should be analyzed to determine whether or not an appropriate security measure is required. In addition, some threats might not be realized in practice due to system deployment environment e.g. network topology and trade-off between effort and risks that a particular threat will be exploited.