An implementation-independent threat model for group communications

Jason Hester, William Yurcik, R H Campbell

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The importance of group communications and the need to efficiently and reliably support it across a network is an issue of growing importance for the next decade. New group communication services are emerging such as multimedia conferencing/groupware, distributed interactive simulations, sensor fusion systems, command and control centers, and network-centric military applications. While a succession of point-to-point unicast routes could provide group communications, this approach is inherently inefficient and unlikely to support the increased resource requirements of these new services. There is the lack of a comprehensive process to designing security into group communications schemes. Designing such protection for group communications is best done by utilizing proactive system engineering rather than reacting with ad hoc countermeasures to the latest attack du jour. Threat modeling is the foundation for secure system engineering processes because it organizes system threats and vulnerabilities into general classes so they can be addressed with known protection techniques. Although there has been prior work on threat modeling primarily for software applications, however, to our knowledge this is the first attempt at implementation-independent threat modeling for group communications. We discuss protection challenges unique to group communications and propose a process to create a threat model for group communication systems independent of underlying implementation based on classical security principles (Confidentiality, Integrity, Availability, Authentication, or CIAA). It is our hope that this work will lead to better designs for protection solutions against threats to group communication systems.

Original languageEnglish (US)
Title of host publicationData Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006
DOIs
StatePublished - Aug 23 2006
EventData Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006 - Kissimmee, FL, United States
Duration: Apr 17 2006Apr 18 2006

Publication series

NameProceedings of SPIE - The International Society for Optical Engineering
Volume6241
ISSN (Print)0277-786X

Other

OtherData Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006
CountryUnited States
CityKissimmee, FL
Period4/17/064/18/06

Keywords

  • Group communications
  • Multicast
  • Security
  • Threat modeling

ASJC Scopus subject areas

  • Electronic, Optical and Magnetic Materials
  • Condensed Matter Physics
  • Computer Science Applications
  • Applied Mathematics
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'An implementation-independent threat model for group communications'. Together they form a unique fingerprint.

  • Cite this

    Hester, J., Yurcik, W., & Campbell, R. H. (2006). An implementation-independent threat model for group communications. In Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006 [62410M] (Proceedings of SPIE - The International Society for Optical Engineering; Vol. 6241). https://doi.org/10.1117/12.664962