Security Threats and Requirements for Emergency Call Marking and Mapping
RFC 5069
Document Type RFC - Informational (January 2008; No errata)
Authors Murugaraj Shanmugam  , Tom Taylor  , Hannes Tschofenig  , Henning Schulzrinne 
Last updated 2018-12-20
Replaces draft-taylor-ecrit-security-threats
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
SECDIR Telechat Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 5069 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Jon Peterson
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                     T. Taylor, Ed.
Request for Comments: 5069                                        Nortel
Category: Informational                                    H. Tschofenig
                                                  Nokia Siemens Networks
                                                          H. Schulzrinne
                                                     Columbia University
                                                            M. Shanmugam
                                                                 Detecon
                                                            January 2008

                 Security Threats and Requirements for
                   Emergency Call Marking and Mapping

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Abstract

   This document reviews the security threats associated with the
   marking of signalling messages to indicate that they are related to
   an emergency, and with the process of mapping locations to Universal
   Resource Identifiers (URIs) that point to Public Safety Answering
   Points (PSAPs).  This mapping occurs as part of the process of
   routing emergency calls through the IP network.

   Based on the identified threats, this document establishes a set of
   security requirements for the mapping protocol and for the handling
   of emergency-marked calls.

Taylor, et al.               Informational                      [Page 1]
RFC 5069              ECRIT Security Requirements           January 2008

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Marking, Mapping, and the Emergency Call Routing Process . . .  3
     3.1.  Call Marking . . . . . . . . . . . . . . . . . . . . . . .  3
     3.2.  Mapping  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   4.  Objectives of Attackers  . . . . . . . . . . . . . . . . . . .  4
   5.  Potential Attacks  . . . . . . . . . . . . . . . . . . . . . .  5
     5.1.  Attacks Involving the Emergency Identifier . . . . . . . .  5
     5.2.  Attacks Against or Using the Mapping Process . . . . . . .  5
       5.2.1.  Attacks Against the Emergency Response System  . . . .  6
       5.2.2.  Attacks to Prevent a Specific Individual from
               Receiving Aid  . . . . . . . . . . . . . . . . . . . .  7
       5.2.3.  Attacks to Gain Information about an Emergency . . . .  7
   6.  Security Requirements Relating to Emergency Marking and
       Mapping  . . . . . . . . . . . . . . . . . . . . . . . . . . .  8
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9
   8.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 10
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 10

1.  Introduction

   Legacy telephone network users can summon help for emergency services
   (such as an ambulance, the fire department, and the police) using a
   well known number (e.g., 911 in North America, 112 in Europe).  A key
   factor in the handling of such calls is the ability of the system to
   determine caller location and to route the call to the appropriate
   Public Safety Answering Point (PSAP) based on that location.  With
   the introduction of IP-based telephony and multimedia services,
   support for emergency calling via the Internet also has to be
   provided.  Two core components of IP-based emergency calling include
   an emergency service identifier and a mapping protocol.  The
   emergency service identifier indicates that the call signaling
   establishes an emergency call, while the mapping protocol translates
   the emergency service identifier and the caller's geographic location
   into an appropriate PSAP URL.

   Attacks against the Public Switched Telephone Network (PSTN) have
   taken place for decades.  The Internet is seen as an even more
   hostile environment.  Thus, it is important to understand the types
   of attacks that might be mounted against the infrastructure providing
   emergency services and to develop security mechanisms to counter
   those attacks.  While this can be a broad topic, the present document
   restricts itself to attacks on the mapping of locations to PSAP URIs
   and attacks based on emergency marking.  Verification by the PSAP

Taylor, et al.               Informational                      [Page 2]
RFC 5069              ECRIT Security Requirements           January 2008

   operator of the truthfulness of a reported incident and various other
   attacks against the PSAP infrastructure related to the usage of faked
   location information are outside the scope of the document.
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools