Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); TISPAN NGN Security (NGN_SEC); Threat@ Vulnerability and Risk Analysis (V1.2.2)
The present document presents the results of the Threat Vulnerability Risk Analysis (TVRA) for two scenarios of release 1 of the NGN. Those two analysed scenarios are PSTN/ISDN Emulation and NASS-IMS bundled authentication. The present document follows the method and proforma for carrying out a TVRA [5] and incorporates material of the NGN threat and risk analysis herein. The present document identifies security-relevant interfaces in the NGN@ identifies security-relevant scenarios for use in the NGN@ analyses NGN in terms of security threats and risks by performing a security threat and risk analysis@ and classifies the identified vulnerabilities and the associated risk presented to the NGN. This threat and risk analysis makes a number of assumptions that are believed to hold for typical deployment scenarios of NGN R1. Note however@ that depending on actual instantiation of NGN@ some of the made assumptions may not fully hold; this may potentially impact the associated risks. NOTE: Security threats and risks for issues NGN release 2 or later may also be captured in the present document.