💵
ITU DFS Security Assurance Framework
  • Acronyms
  • Executive Summary
  • Introduction
  • ITU-T Recommendation X.805 Overview
  • DFS Provider Business Models
  • Elements of DFS ecosystem
  • Security threats
  • DFS Security Assurance Framework
    • Risk assessment methodology
      • Assessment of DFS security vulnerabilities, threats and mitigation Measures
  • DFS security vulnerabilities, threats and mitigation Measures In order to systematical
    • Account and Session Hijacking
    • Attacks against systems and platforms
    • Code Exploitation Attacks
    • Data Misuse
    • Denial of Service Attacks
    • Insider Attacks
    • Man-in-the-middle and social engineering attacks
    • Compromise of DFS Infrastructure
    • Compromise of DFS Services
    • SIM attacks
    • Unauthorized access to DFS data
    • Malware
    • Rogue Devices
    • Unauthorised Access to Mobile Devices
    • Unintended Disclosure of Personal Information
    • Zero-Day Attacks
    • Attacks against credentials
Powered by GitBook
On this page

DFS security vulnerabilities, threats and mitigation Measures In order to systematical

In order to systematically counter the threats and vulnerabilities to the DFS ecosystem described in the above sections, we suggest controls for each of the entities within the ecosystem based on the eight security dimensions aimed at achieving end-to-end security.

Because there are often commonalities in the threats faced by entities throughout the DFS ecosystem, for ease of discussion we first consider a standardized threat that we have identified, the entity affected by the general threat, and the vulnerabilities, risks, and suggested mitigations and controls that can be deployed by that particular entity. We place the vulnerabilities in the context of their impact on the ITU-T X.805 security dimensions (SD).

The diagram in Figure below shows how the security threats identified earlier, are mapped to the 119 security control measures outlined in the sections below (the section number of the report appears in parentheses indicating where the relevant control is discussed).

PreviousAssessment of DFS security vulnerabilities, threats and mitigation MeasuresNextAccount and Session Hijacking

Last updated 2 years ago