CCMS Manager System --> Misbehavior Authority:
CCMS policies
Definitions
CCMS policies (Information Flow): A set of requirements defining the operation of the CCMS. This may include both machine and human-interpretable content, describing various aspects of CCMS operations including identification and authentication methods of entities performing PKI roles (e.g., electors, certificate authorities), minimum security-related requirements for each role (e.g., personnel controls, network security controls etc.), definition of operational practices related to registration of new and de-registration of old certificates, specification of the certificate trust list (CTL) format and lifecycle management, management of the revocation of trust, and management of distributed credentials (e.g., lifecycle of enrollment, authorization certificates).
CCMS Manager System (Source Physical Object): 'CCMS Manager System' refers to the component of the CCMS whose role is to govern the entire CCMS, including defining and enforcing the certificate and security policies applied to electors and root Cas.
Misbehavior Authority (Destination Physical Object): The 'Misbehavior Authority' is a component of the CCMS that receives reports of malicious or potentially malicious application activities, analyzes them, and determines whether or not to take mitigating actions.
Included In
This Triple is in the following Service Packages:
- None
This triple is associated with the following Functional Objects:
- None
This Triple is described by the following Functional View Data Flows:
- None
This Triple has the following triple relationships:
None |
Communication Solutions
- (None-Data) - Secure Internet (ITS) (43)
Selected Solution
Solution Description
ITS Application Entity
Development needed |
Click gap icons for more info.
|
||
Mgmt
|
Facilities
Development needed |
Security
|
|
TransNet
|
|||
Access
Internet Subnet Alternatives |
Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.
Characteristics
Characteristic | Value |
---|---|
Time Context | Recent |
Spatial Context | Regional |
Acknowledgement | True |
Cardinality | Unicast |
Initiator | Source |
Authenticable | True |
Encrypt | False |
Interoperability | Description |
---|---|
Regional | Interoperability throughout the geopolitical region is highly desirable, but if implemented differently in different transportation management jurisdictions, significant benefits will still accrue in each jurisdiction. Regardless, this Information Flow Triple should be implemented consistently within a transportation jurisdiction (i.e., the scope of a regional architecture). |
Security
Information Flow Security | ||||
---|---|---|---|---|
Confidentiality | Integrity | Availability | ||
Rating | Not Applicable | High | Moderate | |
Basis | By definition this is public information. | Policies impact behavior, action and repurcussions. This information must be correct and coherent to avoid misunderstandings that might remove an entity from the trusted environment. | While this material must be present on all end entity devices, the flow will be infrequently used by any given device. |
Security Characteristics | Value |
---|---|
Authenticable | True |
Encrypt | False |