Threat I.Auth.HBImSG.6

URI: I.Auth.HBImSG.6

Description: Spoofing a device RemoteHost in a Bluetooth pair with device Host in Space: an attacker with access to a location where Host is paired with RemoteHost can spoof the latter to the former. This threat captures the case where SSP is used with a one-sided user confirmation. In principle this can still be spoofed, but it would have to be done where the pair is established, which can be the most secure location they are used (not necessarily in Space where the attacker is present).

Threat Type: Primary Threat

Matching Pattern:

MP-HBImSG

Finds a pair of hosts pairing via Bluetooth, and the spaces in which the pair operates.

(empty)

CSG-SimpleSecurePairing-Local

CSG-SimpleSecurePairing-Remote

NetworkSpoofing at Role_Interface

CSG-IgnorePhysicalThreatsFromWorld

Indicates that threats from as well as to the space Space can be ignored, i.e. that the risk model intentionally does not consider physical attacks from Space. This is only permitted if Space is the inferred global public space (the World) used when no locations are asserted in the model. This control strategy is a way to specify that physical security is out of scope for devices with no explicitly specified location(s), i.e. that they are considered physically secure.

CSG-SimpleSecurePairing-Full

Simple Secure Pairing (SSP) is used between RemoteHost and Host, following the Numeric Comparison or PassKey association model, in which the connection is confirmed by the user by entering a shared key or confirming successful sharing of such a key by the two devices.

Threat I.Auth.HBImSG.6

MP-HBImSG

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (2)

Misbehaviour Sets (1)

Control Strategies (2)