{"draft":"draft-ietf-detnet-security-16","doc_id":"RFC9055","title":"Deterministic Networking (DetNet) Security Considerations","authors":["E. Grossman, Ed.","T. Mizrahi","A. Hacker"],"format":["HTML","TEXT","PDF","XML"],"page_count":"50","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Deterministic Networking","abstract":"A DetNet (deterministic network) provides specific performance\r\nguarantees to its data flows, such as extremely low data loss rates\r\nand bounded latency (including bounded latency variation, i.e.,\r\n\"jitter\"). As a result, securing a DetNet requires that in addition\r\nto the best practice security measures taken for any mission-critical\r\nnetwork, additional security measures may be needed to secure the\r\nintended operation of these novel service properties.\r\n\r\nThis document addresses DetNet-specific security considerations from\r\nthe perspectives of both the DetNet system-level designer and\r\ncomponent designer. System considerations include a taxonomy of\r\nrelevant threats and attacks, and associations of threats versus use\r\ncases and service properties. Component-level considerations include\r\ningress filtering and packet arrival-time violation detection.\r\n\r\nThis document also addresses security considerations specific to the\r\nIP and MPLS data plane technologies, thereby complementing the\r\nSecurity Considerations sections of those documents.","pub_date":"June 2021","keywords":["DetNet","security"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9055","errata_url":null}