{
  "draft": "draft-ietf-detnet-security-16",
  "doc_id": "RFC9055",
  "title": "Deterministic Networking (DetNet) Security Considerations",
  "authors": [
    "E. Grossman, Ed.",
    "T. Mizrahi",
    "A. Hacker"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "50",
  "pub_status": "INFORMATIONAL",
  "status": "INFORMATIONAL",
  "source": "Deterministic Networking",
  "abstract": "A DetNet (deterministic network) provides specific performance guarantees to its data flows, such as extremely low data loss rates and bounded latency (including bounded latency variation, i.e., \"jitter\"). As a result, securing a DetNet requires that in addition to the best practice security measures taken for any mission-critical network, additional security measures may be needed to secure the intended operation of these novel service properties.\n\n This document addresses DetNet-specific security considerations from the perspectives of both the DetNet system-level designer and component designer. System considerations include a taxonomy of relevant threats and attacks, and associations of threats versus use cases and service properties. Component-level considerations include ingress filtering and packet arrival-time violation detection.\n\n This document also addresses security considerations specific to the IP and MPLS data plane technologies, thereby complementing the Security Considerations sections of those documents.",
  "pub_date": "June 2021",
  "keywords": [
    "DetNet",
    "security"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9055",
  "errata_url": null
}