Copyright © 2010 Open Geospatial Consortium, Inc. 87

8.1.4 Mapping security measures to threats

The Yes in a table designate that a particular security threat is mitigated by a corresponding security measure. It is usually a combination of security measures which can mitigate certain threats e.g. both authentication and authorization. Table 35 and Table 36 show in which way each of the security threats and vulnerabilities discussed in section 8.1.2.1 is mitigated by the security measures described in section 8.1.3. This way, solutions to enable event security can be discussed in a technology independent way. The sections 8.1.5 and 0 describe how the necessary security measures can be realized in WS- and RESTful environments. Table 35: Mapping security measures to threats – part one Security Measure\Threat Data destruction Unauthorized creation of malicious subscriptions Unauthorized modification and corruption of data Authentication Yes Verify the identity of the entity attempting to delete data. Yes Ensure that only authenticated entities can create subscriptions. This is in particular important if subscriptions are possible using on behalf of. Yes Verify the identity of the entity attempting to modify data. Authorization Yes Ensure that only authorized entities can delete data. Yes Ensure that only authorized entities can create subscriptions. This is in particular important if subscriptions are possible using on behalf of. Yes Ensure that only authorized entities can modify data. 88 Copyright © 2010 Open Geospatial Consortium, Inc. Security Measure\Threat Data destruction Unauthorized creation of malicious subscriptions Unauthorized modification and corruption of data Non-repudiation Yes Provide a proof that certain operations related to data deletion actually happened e.g. secure log, notarization, signatures.... Yes Provide a proof that certain operation related to subscription creation actually happened e.g. secure log, notarization, signatures.... Yes Provide a proof that certain operation related to data modification and corruption actually happened e.g. secure log, notarization, signatures.... Data confidentiality No Encrypted data can be deleted. No Encryption is not applicable here. No Certain encryption algorithms allow modification of data without actually decrypting data. Data integrity Yes The Event Service can provide a proof that data or part of the data has been deleted e.g. storage, processing and transmission of data by applying certain cryptographic techniques. NA Integrity of subscriptions is ensured by authorization. Yes The Event Service can provide a proof that data or part of the data has been modified e.g. storage, processing and transmission of data by applying certain cryptographic techniques. Availability No No No Privacy No No No