209
Element to protect Risk D/R/E/A/D rating Examples of Causes Mitigation and relevant Design Choices (for the latter see
Section 5.2.10)
DC S.1,3: service-based data integrity
DC S.19: integrity protection obtained from authentication enforcement at
link layer
Alteration of the return
value upon service
invocation.L/L/M/L/L
enforce weak securityEnd-to-end integrity protection of service-access signalling (data integrity
protection is provided as part of protocol security).
Service-based data integrity
DC S.19: integrity protection obtained from authentication enforcement at
a layer below the service
Jamming wireless
communication channels
can lead to local denial-
of-service attacks that
can be repudiated.M/H/L/M/M
enforce medium
securityJamming denial-of-service attacks can be addressed through physical
means: for instance, once the attack is detected localise and neutralise the
jammer.
DC A.16- 17 : autonomous security could be enabled for detecting this
attack
Attacker gains knowledge
of sensitive, exchanged
data.M/L/M/L/L
enforce medium
securityEnd-to-end confidentiality protection of exchanged data, offered through
protocol security.
DC S.10: encryption schemes
Attacker disrupts
communicationsM/H/L/H/L
enforce medium
securityVarious denial-of-service prevention schemes are available. Their
applicability depends on the communication technology used (anti-
jamming, enforced MAC, etc.). Schemes are offered through security-by-
design of the communication stack.
DC A.16- 17 : autonomous security systems are generally able to deter
denial-of-service attacks, however lightweight schemes are less powerful.
Wrong authorisation
information propagating
from one server to
another.M/L/L/H/M
enforce medium
securityStrong security for server-to-server communications that leverages
individual's credentials (e.g. certificates) instead of group keys, and allows
for revocation (security by design, adequate management policies).