datatracker.ietf.org
Sign in
Version 5.6.4.p1, 2014-10-20
Report a bug

Security Threats and Security Requirements for the Access Node Control Protocol (ANCP)
RFC 5713

Internet Engineering Task Force (IETF)                       H. Moustafa
Request for Comments: 5713                                France Telecom
Category: Informational                                    H. Tschofenig
ISSN: 2070-1721                                   Nokia Siemens Networks
                                                           S. De Cnodder
                                                          Alcatel-Lucent
                                                            January 2010

           Security Threats and Security Requirements for the
                  Access Node Control Protocol (ANCP)

Abstract

   The Access Node Control Protocol (ANCP) aims to communicate Quality
   of Service (QoS)-related, service-related, and subscriber-related
   configurations and operations between a Network Access Server (NAS)
   and an Access Node (e.g., a Digital Subscriber Line Access
   Multiplexer (DSLAM)).  The main goal of this protocol is to allow the
   NAS to configure, manage, and control access equipment, including the
   ability for the Access Nodes to report information to the NAS.

   This present document investigates security threats that all ANCP
   nodes could encounter.  This document develops a threat model for
   ANCP security, with the aim of deciding which security functions are
   required.  Based on this, security requirements regarding the Access
   Node Control Protocol are defined.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc5713.

Moustafa, et al.             Informational                      [Page 1]
RFC 5713                      ANCP Threats                  January 2010

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction ....................................................3
   2. Specification Requirements ......................................3
   3. System Overview and Threat Model ................................4
   4. Objectives of Attackers .........................................7
   5. Potential Attacks ...............................................7
      5.1. Denial of Service (DoS) ....................................7
      5.2. Integrity Violation ........................................8
      5.3. Downgrading ................................................8
      5.4. Traffic Analysis ...........................................8
      5.5. Management Attacks .........................................8
   6. Attack Forms ....................................................9
   7. Attacks against ANCP ...........................................10
      7.1. Dynamic Access-Loop Attributes ............................11
      7.2. Access-Loop Configuration .................................12
      7.3. Remote Connectivity Test ..................................14
      7.4. Multicast .................................................14
   8. Security Requirements ..........................................16
   9. Security Considerations ........................................16
   10. Acknowledgments ...............................................17
   11. References ....................................................17
      11.1. Normative References .....................................17
      11.2. Informative References ...................................17

Moustafa, et al.             Informational                      [Page 2]
RFC 5713                      ANCP Threats                  January 2010

1.  Introduction

[include full document text]