VSC-A Demonstration

‹#›

September 25, 2012

Summary of Highest Risk Levels for SCMS-Directed Attacks

•These risks imply an impact up to a total failure of the security system.

•

•The likelihood of each attack can be reduced by implementing appropriate policy, process and procedures, as is done with similar systems. This would include separation of duties and multiple layers of security.

Type of Attack

Initial

Full

Mitigation

After Mitigation

SCMS - Root CA Compromise

High

High

Policy (see below)

High

(Very Low Probability)

SCMS - Intermediate CA Compromise

High

High

Policy (see below)

High

(Very Low Probability)

Trust Management Compromise

High

High

Policy (see below)

High

(Very Low Probability)