Copyright © 2009 Open Geospatial Consortium, Inc. 73 Likelihood Medium Impact on Asset None Impact on User Direct affect on asset. Potential NA Reason Sabotage Requirement Authenticity of the response to allow the user client to determine that the response came from another service. Service Authentication. Table 64: Redirect RegisterSensor request Cause Eavesdropping Effect NA Result Adversary obtains detailed information about a sensor and the AssignedSensorId. Scope No application specific knowledge is required to exercise this attack. Example Likelihood Medium Impact on Asset None Impact on User None Potential The adversary can use the AssignedSensorId to inject fictitious observations to the SOS. Reason Espionage Requirement Confidentiality Table 65: Record RegisterSensor requestresponse

9.6.5 InsertObservation operation

Asset: observation offerings Cause Man-In-The-Middle Effect SOS will receive fraudulent InsertObservation request 74 Copyright © 2009 Open Geospatial Consortium, Inc. Result SOS will provide fraudulent observation offerings to other users. Scope Application specific knowledge required. Example Likelihood Medium Impact on Asset Direct affect on asset. Impact on User Direct impact effective to all users of the SOS. Potential NA Reason Sabotage Requirement Integrity Table 66: Modify InsertObservation request Cause Man-In-The-Middle Effect User client will receive fraudulent InsertObservation response, in particular a fraudulent ObservationId URI Result User might use wrong ObservationId URI to obtain observation data via GetObservationById request. Scope Application specific knowledge required. Example Likelihood Medium Impact on Asset None Impact on User Direct impact on the further use of the asset effective to the active client. Potential NA Reason Sabotage Requirement Integrity Table 67: Modify InsertObservation response Cause Adversary’s client is able to execute SOS Effect InsertObservation operation of the SOS is invoked. Copyright © 2009 Open Geospatial Consortium, Inc. 75 Result The fraudulent observation might overwrite a correct observation. But in order for that to happen, the created request must match an existing AssignedSensorId URI. Scope Application specific knowledge required. In particular, the attacker has to know a valid AssignedSensorId URI. Example Likelihood Low Impact on Asset Direct affect on asset. Impact on User Direct impact effective to all users of the SOS. Reason Sabotage Requirement Access Control to prevent unauthorized insertion of observations. Table 68: Create InsertObservation request Cause Eavesdropping Effect Adversary’s client will send recorded InsertObservation request to SOS Result SOS InsertObservation operation is invoked and observation is updated with values from the old request. Scope No application specific knowledge required. Example Likelihood High Impact on Asset Potentially affecting asset. In cases, where new observations have been send by the sensor since the recording time of the replayed request, they get ―updated‖ with the old values. Impact on User Impact on all users that access this observation. Potential NA Reason Sabotage Requirement Unique request Id and time-stamp. Table 69: Replay InsertObservation request 76 Copyright © 2009 Open Geospatial Consortium, Inc. Cause Man-In-The-Middle Effect User client’s InsertObservation request will be send to adversary’s SOS Result The adversary’s SOS will receive the observation data. Scope Application specific knowledge required, as the request must be answered properly. Example Likelihood High Impact on Asset Direct affect on the asset as the actual SOS has not received the observation data and will therefore serve outdated values to the registered clients. Impact on User Impact to all users at registered clients. Potential NA Reason Sabotage Requirement Service authentication and authenticity of the response. Table 70: Redirect InsertObservation request Cause Eavesdropping Effect NA Result The adversary’s client receives the observation data. Scope No application specific knowledge required. Example Likelihood High Impact on Asset None Impact on User None Potential NA Reason Espionage Requirement Confidentiality Table 71: Record InsertObservation requestresponse Copyright © 2009 Open Geospatial Consortium, Inc. 77

9.6.6 GetObservationById operation