Risk analysis of host identity protocol: using risk Identification Method based on Value Chain Dynamics Toolkit

Authors:
Juha Sääskilahti;Mikko Särelä
Affiliations:
Ericsson, Oy L M Ericsson Ab, Jorvas, Finland;Ericsson, Oy L M Ericsson Ab, Jorvas, Finland
Venue:
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Year:
2010

Citing 2
Cited 2

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
SP 800-30. Risk Management Guide for Information Technology Systems

SP 800-30. Risk Management Guide for Information Technology Systems

Adoption barriers of network layer protocols: The case of host identity protocol

Computer Networks: The International Journal of Computer and Telecommunications Networking
Suitability analysis of existing and new authentication methods for future 3GPP Evolved Packet Core

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we develop a Risk Identification Method based on Value Chain Dynamics Toolkit (VCDT) and apply it to a Risk Analysis of Host Identity Protocol (HIP) in a simple host-server scenario. The HIP Risk Analysis revealed no new risks inherent to the protocol itself. A number of potential risks in a typical deployment were identified. These risks should be analyzed and mitigated in the actual HIP deployment. The new Risk Identification method provided benefits, particularly in the knowledge transfer, structuring of the interviews and visualization of the value chain. Further study is needed on how to cover trust- and privacy aspects, how to improve ease of documentation and how to proceed from risk identification to security testing.