RFC 9055

Deterministic Networking (DetNet) Security Considerations, June 2021

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
INFORMATIONAL
Authors:
E. Grossman, Ed.
T. Mizrahi
A. Hacker
Stream:
IETF
Source:
detnet (rtg)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC9055

Discuss this RFC: Send questions or comments to detnet@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9055


Abstract

A DetNet (deterministic network) provides specific performance guarantees to its data flows, such as extremely low data loss rates and bounded latency (including bounded latency variation, i.e., "jitter"). As a result, securing a DetNet requires that in addition to the best practice security measures taken for any mission-critical network, additional security measures may be needed to secure the intended operation of these novel service properties.

This document addresses DetNet-specific security considerations from the perspectives of both the DetNet system-level designer and component designer. System considerations include a taxonomy of relevant threats and attacks, and associations of threats versus use cases and service properties. Component-level considerations include ingress filtering and packet arrival-time violation detection.

This document also addresses security considerations specific to the IP and MPLS data plane technologies, thereby complementing the Security Considerations sections of those documents.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.