Share Email Print

Proceedings Paper

An implementation-independent threat model for group communications
Author(s): Jason Hester; William Yurcik; Roy Campbell
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The importance of group communications and the need to efficiently and reliably support it across a network is an issue of growing importance for the next decade. New group communication services are emerging such as multimedia conferencing/groupware, distributed interactive simulations, sensor fusion systems, command and control centers, and network-centric military applications. While a succession of point-to-point unicast routes could provide group communications, this approach is inherently inefficient and unlikely to support the increased resource requirements of these new services. There is the lack of a comprehensive process to designing security into group communications schemes. Designing such protection for group communications is best done by utilizing proactive system engineering rather than reacting with ad hoc countermeasures to the latest attack du jour. Threat modeling is the foundation for secure system engineering processes because it organizes system threats and vulnerabilities into general classes so they can be addressed with known protection techniques. Although there has been prior work on threat modeling primarily for software applications, however, to our knowledge this is the first attempt at implementation-independent threat modeling for group communications. We discuss protection challenges unique to group communications and propose a process to create a threat model for group communication systems independent of underlying implementation based on classical security principles (Confidentiality, Integrity, Availability, Authentication, or CIAA). It is our hope that this work will lead to better designs for protection solutions against threats to group communication systems.

Paper Details

Date Published: 18 April 2006
PDF: 12 pages
Proc. SPIE 6241, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006, 62410M (18 April 2006); doi: 10.1117/12.664962
Show Author Affiliations
Jason Hester, Univ. of Illinois at Urbana-Champaign (United States)
William Yurcik, Univ. of Illinois at Urbana-Champaign (United States)
Roy Campbell, Univ. of Illinois at Urbana-Champaign (United States)

Published in SPIE Proceedings Vol. 6241:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top