Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Threat Analysis of the Geopriv Protocol (RFC3694)

IP.com Disclosure Number: IPCOM000021968D
Original Publication Date: 2004-Feb-01
Included in the Prior Art Database: 2004-Feb-18
Document File: 19 page(s) / 44K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Danley: AUTHOR [+4]

Abstract

This document provides some analysis of threats against the Geopriv protocol architecture. It focuses on protocol threats, threats that result from the storage of data by entities in the architecture, and threats posed by the abuse of information yielded by Geopriv. Some security properties that meet these threats are enumerated as a reference for Geopriv requirements.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group M. Danley

Request for Comments: 3694 D. Mulligan

Category: Informational Samuelson Law, Technology & Public Policy Clinic

J. Morris

Center for Democracy & Technology

J. Peterson

NeuStar

February 2004

Threat Analysis of the Geopriv Protocol

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

This document provides some analysis of threats against the Geopriv

protocol architecture. It focuses on protocol threats, threats that

result from the storage of data by entities in the architecture, and

threats posed by the abuse of information yielded by Geopriv. Some

security properties that meet these threats are enumerated as a

reference for Geopriv requirements.

Danley, et al. Informational [Page 1]

RFC 3694 Threat Analysis of the Geopriv Protocol February 2004

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3

2. Habitat of the Geopriv Protocol . . . . . . . . . . . . . . . 3

3. Motivations of Attackers of Geopriv . . . . . . . . . . . . . 4

4. Representative Attacks on Geopriv . . . . . . . . . . . . . . 5

4.1. Protocol Attacks . . . . . . . . . . . . . . . . . . . . 5

4.1.1. Eavesdropping and/or Interception . . . . . . . 5

4.1.2. Identity Spoofing . . . . . . . . . . . . . . . 6

4.1.3. Information Gathering . . . . . . . . . . . . . 7

4.1.4. Denial of Service . . . . . . . . . . . . . . . 8

4.2. Host Attacks . . . . . . . . . . . . . . . . . . . . . . 9

4.2.1. Data Stored at Servers . . . . . . . . . . . . . 9

4.2.2. Data Stored in Devices . . . . . . . . . . . . . 9

4.2.3. Data Stored with the Viewer . . . . . . . . . . 10

4.2.4. Information Contained in Rules . . . . . . . . . 10

4.3. Usage Attacks . . . . . . . . . . . . . . . . . . . . . 11

4.3.1. Threats Posed by Overcollection . . . . . . . . 11

5. Countermeasures for Usage Violations . . . . . . . . . . . . . 12

5.1. Fair Information Practices . . . . . . . . . . . . . . . 12

6. Security Properties of the Geopriv Protocol . . . . . . . . . 13

6.1. Rules as Countermeasures . . . . . . . . . . . . . . . . 13

6.1.1. Rule Maker Should Define Rules . . . . . . . . . 13

6.1.2. Geopriv Should Have Default Rules . . . . . . . 14

6.1.3. Location Recipient Should Not Be Aware of All

Rules. . . . . . . . . . . . . . . . . . . . . . 14

6.1.4. Certain Rules Should Travel With the LO . . . . 14

6.2. Protection of Identities . . . . . . . . . . . . . . . . 14

6.2.1. Short-Lived Identifiers May Protect Target's

Identity . . . . . . . . . . . . . . . . . . . . 15

6.2.2. Unlinked Pseudonyms May Protect the Location

Recipients' Identity . . . . . . . . . . . . . . 15

6.3. Security During Transmission of Data . . . . . . . . . . 15

6.3.1. Rules May Disallow a Certain Frequency of

Requests . . . . . . . . . . . . . . . . . . . . 15

6.3.2. Mutual...