a)I propose a little bit of rewording on this paragraph
"These threats affect the quality and integrity of data that the
applications either produce or consume. On the other hand, the
security risks can also be categorized into trust within the system
(i.e. OPES service providers) and protection of the system from
threats imposed by outsiders such as hackers and attackers. Insiders
are those parties that are part of the OPES system. Outsiders are
those entities that are not participating in the OPES system."
These threats affect the quality and integrity of data that the
applications either produce or consume. -->On the other hand, the
security risks can also be categorized into those originating
inside the system (i.e. OPES service providers) and those
originated by outsiders such as hackers and attackers<-- Insiders
are those parties that are part of the OPES system. Outsiders are
those entities that are not participating in the OPES system.
With the rewording the last 3 sentences flow better since the inside and
outside
words are used in the sentence to categorize the threats.
b) Correct if I'm wrong here but it seems to me the (original?) idea of this
document was to document the *additional/specific* security threats the
addtion of an OPES impose. The document as it stands today basically lists
more or less all attacks known to man.
Take eavesdropping for example (2.1.4). The additional risk IMO is only when
somebody breaks into the OPES system and use that to eavesdrop the traffic.
Otherwise eavesdropping a network was and is always possible.
Other examples such as a malign device impersonating a callout server seems
a little bit far-fetched since I would assume mutual authentication and the
like would make this a configuration error instead of a threat...oh
well...everything is posssible.
c) "A serious problem is posed by the very fact that the OPES
architecture is based on widely adopted protocols (HTTP is used as an
example)."
Is this really a problem? It seems to me it would be problem is it is
(widely deployed + not mature and/or not open), such as some P2P protocols.
Widely deployed alone does not make it a security problem.