Copyright © 2009 Open Geospatial Consortium, Inc. 63

9.6.1 GetCapabilities operation

Asset: Observation Offerings Cause Man-In-The-Middle Effect User client will receive fraudulent observation offerings. This can include fictitious offerings or removed offerings or an empty list of offerings ObservationOfferingList. Result User might not find the expected required offering even though it might exist. Scope Application specific knowledge is required. Example Likelihood Medium Impact on Asset None Impact on User Affect on the use of the asset effective to the active client, as existing offerings might be fraudulent or removed, an indirect affect on use of assets exists. Potential NA Reason Sabotage Denial of Service use if the ObservationOfferingList is empty Requirement Integrity Table 46: Modify GetCapabilities response Cause Adversary’s client can execute SOS. Effect Adversary’s client will send GetCapabilities messages to SOS and receive service offerings. Result Adversary can use the obtained information to execute other service operations. Scope Very little application specific knowledge is required to create the request. But full application specific knowledge is required to understand the response and how to use it in future attacks. Example Likelihood High Impact on Asset None 64 Copyright © 2009 Open Geospatial Consortium, Inc. Impact on User None Potential The adversary obtains information about offerings served by the SOS that can be used in future attacks. Reason Espionage Possible intent to sabotage as the information from the capabilities document is the baseline for other attacks. Requirement None Table 47: Create GetCapabilites request Cause Eavesdropping and adversary’s client can execute SOS. Effect Adversary’s client will send recorded GetCapabilities request to SOS Result Adversary obtains information about the available offerings. Scope No application specific knowledge required. Example Likelihood High Impact on Asset None Impact on User None Potential NA Reason Espionage Possible intent to sabotage as the information from the capabilities document is the bases for everything else. Requirement None Table 48: Replay GetCapabilites request Cause Eavesdropping Effect Adversary’s client will record GetCapabilities requestresponse to SOS. Result Adversary’s client receives SOS capabilities. Scope No application specific knowledge required to exercise this attack. Copyright © 2009 Open Geospatial Consortium, Inc. 65 Example Likelihood High Impact on Asset None Impact on User None Potential Important for exercising other attacks, requiring sensor metadata and information about observation offerings as input. Reason Future Espionage, Sabotage, DoS Requirement Allow execution of GetCapabilities for authenticated users only and protect response with confidentiality to prevent unveiling of the metadata. Table 49: Record GetCapabilites requestresponse

9.6.2 DescribeSensor operation