Next: A brief Introduction to
Up: Roadmap
Previous: Global Traffic Disasters
In the scenarios above, the requirements have built upon each other.
- Service protection
- If the connectivity is crucial to the
mission, then sufficient security must be built into the system such
that the probability of a denial of service attack being mounted and
succeeding is less than or equal to the probability of connectivity
being broken through faulty equipment or human error in
configuration or maintenance.
- Data Integrity
- Obviously, if data can be removed, substituted
or appended, then things can go wrong. For video and audio streams,
the results could be anything from embarrassing through to
disastrous - imagine insertion of manipulated images into a video
stream to show someone with rabbit ears.
- Authentication
- It is often required that the sender of a stream
must be authenticated, and additionally, the receivers of a stream
must be authorised to view the media. This requires authentication.
- Confidentiality
- The stream should be protected from prying
eyes, depending upon what is in the stream.
- Key Distribution
- Key distribution should be only to the
authorised users, and on some occasions must scale both in the
number of users and in the rate at which keys change.
- Specialist requirements
- There are many other security
requirements depending upon particular circumstances, such as the
ability to repudiate transmissions in the brain-storming scenario
above. Other possibly requirements include the access control to
the equipment in a video conference such as the cameras and
microphones, and non-repudiation of transmission.
For the individual requirements, the best approach is to separate the
actors within the application and construct their security
requirements. However, in all cases, one must make the engineering
trade-off of the cost of meeting the security requirement against the
cost of not meeting the requirement and being insecure. There may be
occasions when a different means of transmission, such as delivery by
trusted human courier may be preferable.
Next: A brief Introduction to
Up: Roadmap
Previous: Global Traffic Disasters
Jon CROWCROFT
1998-12-03