Data confidentiality Security measures
8.1.3.6 Availability
The availability measure ensures that there is no denial of authorized access to various information and services due to events impacting the system. One can also consider disaster recovery mechanisms to be included in this security measure category. Some of the most common techniques for availability measures are to have potential to add parallel andor backup processing services e.g. stand by and fail-over services and capabilities. This includes choosing adequate network design and options. The authorization and authentication measures would also ensure that no disruptive operations are allowed.8.1.3.7 Privacy
The privacy measure provides for the protection of sensitive data that might be derived from the observation of Event Service activities. The privacy measure may also provide the right of entities to determine what information related to them may be collected, stored and disclosed and by which entities and which entities may have access to that information. Examples of this data might include Event Service subscribers or publishers geographic location or some other privacy related information.8.1.3.8 Communication security
The communication security measure ensures that data flows only between the authorized entities. This will also guarantee that the data is not diverted and intercepted as it passes between these entities. If messages are always exchanged between an Event Service and a client without an intermediary, different levels of secure communication may already be achieved using various network layer security protocols e.g. IPSec, HTTPS, TLSSSL, MPLS, VPN.... In situations where messages have to travel over multiple physical nodes over a public network it will be required to protect the message itself, not just between two endpoints. This is the case in a federated brokered Event Service environment. To protect a message from the event publisher to the final consumer, independent of the transport protocol, data confidentiality and data integrity measures must be applied to the message itself.Parts
» OWS-7 Event Architecture Engineering Report
» Scope OWS-7 Event Architecture Engineering Report
» Document contributor contact points
» Revision history OWS-7 Event Architecture Engineering Report
» Future work OWS-7 Event Architecture Engineering Report
» Foreword OWS-7 Event Architecture Engineering Report
» Abbreviated terms OWS-7 Event Architecture Engineering Report
» Resource Class ResourceWithLifetime Class
» ResourceManager Interface ResourceTermination Interface
» AdHocEventChannel Class AggregationChannel Class
» EventChannel Class EventChannelRelationship Class
» EventMetadata Class EventingInformation Class
» Endpoint Class EndpointDeliveryMetadata Class
» Filter Class Notification Class
» PausableSubscription Class Producer Package
» Producer Class Publication Class
» Registration Class Broker Package
» Resources Lifecycle Management Behavior Model
» Managing Subscriptions Behavior Model
» Handling a Pausable Subscription
» Demand Based Publishing Behavior Model
» Introduction Event Channels OWS-7 Event Architecture Engineering Report
» Publish Subscribe Requirements OWS-7 Event Architecture Engineering Report
» Introduction Realization of Publish Subscribe
» Requirements Mapping for WS-Notification
» Summary Realization of Publish Subscribe
» Introduction Event Metadata Example
» The Event Service Discovery Model The Event Service Discovery extension package
» Scenario 1: Find a Service providing Sensor Data that supports Comparison Filters
» Step 2: Scenario 2: Find a Service providing Aviation Data in a specified Area
» Sample Event Service objects Discovery challenges:
» Denial of service Security threats and vulnerabilities
» Message replay Security threats and vulnerabilities
» Message modification Security threats and vulnerabilities
» Spoof of identity Security threats and vulnerabilities
» Intermediary network devices Security threats and vulnerabilities
» Trojan horse type of attacks
» Authorization or access control
» Data confidentiality Security measures
» Data integrity Security measures
» Communication security Security measures
» Mapping security measures to threats
» Threat Mitigation in WS- Environment
» Threat Mitigation in RESTful Environment
» Reliability OWS-7 Event Architecture Engineering Report
» Boolean Result for Filter Statement
» Event Wrapper Potential Pitfalls
» Resolve Content Given By Reference
» Reference System Transformation Potential Pitfalls
» Filter Encoding XPath Filter Processing Languages
» Event Pattern Markup Language
» Spatial Filtering via Bounding Box
» Spatial Filtering of Events Using Dynamic Filter Properties
» Discovery of filter functionality
» Specifying events OWS-7 Event Architecture Engineering Report
» Geosynchronization OWS-7 Event Architecture Engineering Report
» Dynamic Sensor Tracking and Notification Aviation
» Introduction OGC service specifications related to the Event Architecture
» Foreign standards and specifications related to the Event Architecture
» SWE Common AIXM Information models
» Introduction Document object model
» Spatially enabled Common Alert Protocol
» Code lists Common Alert Protocol
» Resource references Other features Interoperability
» Geosynchronization Common Alert Protocol
» Filtering CAP messages Common Alert Protocol
» EDXL-DE Common Alert Protocol
» WXXM Resource Requirements Package
» Consumer Requirements Package Publish Subscribe Requirements Package
» Registrar Requirements Package Information models
» Brokered Publish Subscribe Requirements Package Registering Broker Requirements Package
» Aggregation Channel Requirements Package
» Ad Hoc Channel Requirements Package
» Pausable Provider Requirements Package Demand Based Publication Requirements Package
» CSW-ebRIM Extension Package for Event Service Discovery
» Additional Sample Queries for Event Service Discovery
» XML Schema for Event Metadata
Show more