Copyright © 2009 Open Geospatial Consortium, Inc. 59 Impact on Asset None Impact on User None Potential Adversary can obtain assignment parameters for a sensor and taskID that can be used for future attacks. Reason Espionage Requirement Confidentiality Table 40: Record Update requestresponse

9.5.9 Cancel operation

Asset: sensor assignment task Cause Man-In-The-Middle Effect SPS receives fraudulent Cancel request. Result SPS will cancel the processing of a running task according to the fraudulent taskID if valid. Intended task to be cancelled remains active. Scope Application specific knowledge is required. And the attacker has to know the taskID to be sabotaged. Example Likelihood Medium Impact on Asset Immediate affect on asset if taskID is valid. Impact on User Immediate impact on at least one user as his running task might be the one cancelled by the attack. Potential NA Reason Sabotage Requirement Integrity Table 41 : Modify Cancel request Cause Man-In-The-Middle Effect User client will receive fraudulent response on success status of the requested 60 Copyright © 2009 Open Geospatial Consortium, Inc. assignment cancellation. Result User will not know the correct status of the request to cancel the assignment. Scope Application specific knowledge required. Example Likelihood Medium Impact on Asset None Impact on User Potential affect on further use of the asset effective to the active client. as the user does not know if the request was accepted or rejected by the SPS. Therefore, a potential erroneous processing of the Cancel request could not become aware to the user. Potential NA Reason Sabotage Requirement Integrity Table 42: Modify Cancel response Cause Adversary’s client is able to execute SPS. Effect Adversary’s client will send Cancel request to the SPS. Result The SPS might cancel the processing of a running assignment task if the fraudulent request from the adversary’s client is applicable to a task. Scope Application specific knowledge is required. In addition, the attacker needs to know the taskID to be sabotaged. Example Likelihood Low Impact on Asset Immediate affect on asset. Impact on User Immediate impact to potentially all users as the attack might have cancelled his task. Reason Sabotage Requirement Access control to ensure cancellation of a running task is possible for task owner only. Table 43: Create Cancel request Copyright © 2009 Open Geospatial Consortium, Inc. 61 Cause Eavesdropping and adversary’s client can execute SPS Effect Adversary’s client will send recorded Cancel requests to SPS. Result SPS will try to cancel assignment that has already be cancelled. Scope No application specific knowledge required. Example Likelihood High Impact on Asset None as the request is already cancelled. Impact on User None Potential NA Reason Sabotage Requirement The SPS shall not submit the same taskID twice. Table 44: Replay Cancel request Cause Eavesdropping Effect NA Result NA Scope No application specific knowledge is required. Example Likelihood High Impact on Asset None Impact on User None Potential None Reason Espionage Requirement None Table 45 : Record Cancel requestresponse 62 Copyright © 2009 Open Geospatial Consortium, Inc.

9.5.10 Summary of the Attacks