RFC4081 - Security Threats for Next Steps in Signaling (NSIS)

作者： 来源：www.huixuanbaby.cn 点击： 日期：2007-11-19 11:59:10

Network Working Group                                      H. Tschofenig
Request for Comments: 4081                                D. Kroeselberg
Category: Informational                                          Siemens
                                                               June 2005

Security Threats for Next Steps in Signaling (NSIS)

Status of This Memo

   This memo provides information for the Internet community. It does
   not specify an Internet standard of any kind. Distribution of this
   memo is unlimited.

Abstract

   This threats document provides a detailed analysis of the security
   threats relevant to the Next Steps in Signaling (NSIS) protocol
   suite. It calls attention to, and helps with the understanding of,
   various security considerations in the NSIS Requirements, Framework,
   and Protocol proposals. This document does not describe
   vulnerabilities of specific parts of the NSIS protocol suite.

Table of Contents

   1. IntrodUCtion ....................................................2
   2. Communications Models ...........................................3
   3. Generic Threats .................................................7
      3.1. Man-in-the-Middle Attacks ..................................8
      3.2. Replay of Signaling Messages ..............................11
      3.3. Injecting or Modifying Messages ...........................11
      3.4. Insecure Parameter Exchange and Negotiation ...............12
   4. NSIS-Specific Threat Scenarios .................................12

共32 页首页上一页 [1] [2] [3] [4] [5] 下一页尾页>

上一篇: RFC2665 - Definitions of Managed Objects for the Ethernet-like Interface Types
下一篇: RFC4094 - Analysis of Existing Quality-of-Service Signaling Protocols