Copyright © 2009 Open Geospatial Consortium, Inc. 131
11 Discussion of the applicability of the security requirements and their
relationship to the identified attacks
11.1.1 Applicability of Authentication
In general, the authentication of communication partners is required for implementing access control and authenticity.
In order to mitigate or prevent certain identified attacks, the implementation of authenticity is relevant for the following operations and services:
SPS: GetCapabilities, Submit, DescribeResultAccess, GetFeasibility, GetStatus, Update, and Cancel
SOS: GetCapabilities, GetObservation, RegisterSensor, InsertObservation, GetObservationById, and GetResult
SAS: GetCapabilities, Advertise, RenewAdvertisement, Subscribe, and RenewSubscription
11.1.2 Applicability of Access Control
In order to mitigate or prevent certain identified attacks, the implementation of access control is relevant for the following operation and services:
SPS: Submit, DescribeResultAccess, GetStatus, Update, and Cancel SOS: GetObservation, RegisterSensor, InsertObservation, GetObservationById,
and GetResult SAS: Advertise, RenewAdvertisement, CreateSubscription, and
RenewSubscription
11.1.3 Applicability of Data Integrity
In order to mitigate or prevent certain identified attacks, the implementation of data integrity is relevant for the following operations and services:
SPS: GetCapabilities, DescribeTasking, Submit, DecribeResultAccess, GetFeasibility, GetStatus, Update, and Cancel
SOS: GetCapabilities, DescribeSesor, GetObservation, RegisterSensor, InsertObservation, GetObservationById,and GetResult
SAS: GetCapabilities, Advertise, RenewAdvertisement, Subscribe, and RenewSubscription
132 Copyright © 2009 Open Geospatial Consortium, Inc.
11.1.4 Applicability of Confidentiality
As defined in ISO 10181-5, the purpose of implementing a Confidentiality Service is to ensure that certain information is only available to authorized entities. The main purpose
of the service is to protect the information in a persistent manner by preventing disclosure of the information while the information is
stored in a system, maintained, and
in transit between communication entities
11.1.4.1 Mechanisms to protect stored information
One way of protection for stored information and information in transit can be applied by using encryption. Then, the confidentiality service relies on key management and the
Access Control service that controls access to the keys, which can be used to decrypt the information.
An alternative way of protection that can also be applied as an additional protection mechanism leverages Access Control to control access to the information. Applying
access control also to encrypted information limits the set of entities that can obtain the confidential information in the first place.
11.1.4.2 Mechanisms to protect information in transit
Protecting information in transit towards confidentiality can be applied by securing the communication between entities on different levels of the ISOOSI stack. In cases where
encryption is applied to the transport layer e.g. TLS or SSL, the end-to-end confidentiality is only that strong as the weakest network segment over which the
information is sent. This has implication for ensuring confidentiality for classified information. Here, the maximum end-to-end clearance is only that high as the lowest
clearance of any network segment over which the message could be routed. The lack of protection based on the clearance of the communication channel can be compensated, by
applying appropriate encryption to the information itself, before sending it.
11.1.4.3 Mechanisms to protect the flow of information
Protecting confidential information where different users can readdeletemodify the information, it is essential to control the passing on of the information to unauthorized
users by removing the property of the information that it is confidential. The well-known model for implementing the information flow control towards confidentiality is known
under the term ―Bell – La Padula Model‖.
11.1.5 Applicability to the Sensor Web