datatracker.ietf.org
Sign in
Version 5.13.0, 2015-03-25
Report a bug

Security Threats and Risks for Open Pluggable Edge Services (OPES)
RFC 3837

Document type: RFC - Informational (August 2004; No errata)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 3837 (Informational)
Responsible AD: Ned Freed
Send notices to: <mrose+mtr.ietf@dbc.mtview.ca.us>, <hofmann@bell-labs.com>

Network Working Group                                          A. Barbir
Request for Comments: 3837                               Nortel Networks
Category: Informational                                       O. Batuner
                                                  Independent consultant
                                                             B. Srinivas
                                                                   Nokia
                                                              M. Hofmann
                                           Bell Labs/Lucent Technologies
                                                                H. Orman
                                               Purple Streak Development
                                                             August 2004

   Security Threats and Risks for Open Pluggable Edge Services (OPES)

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   The document investigates the security threats associated with the
   Open Pluggable Edge Services (OPES) and discusses the effects of
   security threats on the underlying architecture.  The main goal of
   this document is threat discovery and analysis.  The document does
   not specify or recommend any solutions.

Barbir, et al.               Informational                      [Page 1]
RFC 3837               Security Threats for OPES             August 2004

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  OPES Data Flow Threats . . . . . . . . . . . . . . . . . . . .  4
       2.1.  OPES Flow Network Level Threats  . . . . . . . . . . . .  5
             2.1.1.  Connection-Flow Denial-of-Service (DoS). . . . .  6
             2.1.2.  Threats to Network Robustness. . . . . . . . . .  6
       2.2.  OPES Flow Application Level Threats. . . . . . . . . . .  6
             2.2.1.  Unauthorized OPES Entities . . . . . . . . . . .  6
             2.2.2.  Unauthorized Actions of legitimate OPES Entities  7
             2.2.3.  Unwanted Content Transformations . . . . . . . .  7
             2.2.4.  Corrupted Content  . . . . . . . . . . . . . . .  7
             2.2.5.  Threats to Message Structure Integrity . . . . .  8
             2.2.6.  Granularity of Protection  . . . . . . . . . . .  8
             2.2.7.  Risks of Hop-by-Hop Protection . . . . . . . . .  8
             2.2.8.  Threats to Integrity of Complex Data . . . . . .  8
             2.2.9.  Denial of Service (DoS)  . . . . . . . . . . . .  9
             2.2.10. Tracing and Notification Information . . . . . .  9
             2.2.11. Unauthenticated Communication in OPES Flow . . .  9
   3.  Threats to Out-of-Band Data  . . . . . . . . . . . . . . . . .  9
       3.1.  Threats that Endanger the OPES Data Flow . . . . . . . . 10
       3.2.  Inaccurate Accounting Information  . . . . . . . . . . . 10
       3.3.  OPES Service Request Repudiation . . . . . . . . . . . . 11
       3.4.  Inconsistent Privacy Policy  . . . . . . . . . . . . . . 11
       3.5.  Exposure of Privacy Preferences  . . . . . . . . . . . . 11
       3.6.  Exposure of Security Settings  . . . . . . . . . . . . . 11
       3.7.  Improper Enforcement of Privacy and Security Policy  . . 11
       3.8.  DoS Attacks  . . . . . . . . . . . . . . . . . . . . . . 12
   4.  Security Considerations  . . . . . . . . . . . . . . . . . . . 12
   5.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
       5.1.  Normative References . . . . . . . . . . . . . . . . . . 12
       5.2.  Informative References . . . . . . . . . . . . . . . . . 12
   6.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12
   7.  Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 13
   8.  Full Copyright Statement . . . . . . . . . . . . . . . . . . . 14

1.  Introduction

   The Open Pluggable Edge Services (OPES) [1] architecture enables
   cooperative application services (OPES services) between a data
   provider, a data consumer, and zero or more OPES processors.  The
   application services under consideration analyze and possibly
   transform application-level messages exchanged between the data
   provider and the data consumer.  The OPES processor can distribute
   the responsibility of service execution by communicating and
   collaborating with one or more remote callout servers.  The details
   of the OPES architecture can be found in [1].

Barbir, et al.               Informational                      [Page 2]
RFC 3837               Security Threats for OPES             August 2004

[include full document text]