Recommendation ITU-T X.1454 (09/2023) Security measures for location-enabled smart office services
Summary
History
FOREWORD
Table of Contents
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of location-enabled smart office services
7 Typical application scenarios of location-enabled smart office services
     7.1 Smart parking
     7.2 Smart environmental monitoring
     7.3 Smart delivery
8 Security threats to location-enabled smart office service
     8.1 Security threats to data
          8.1.1 Location data eavesdropping
          8.1.2 Location data tampering
          8.1.3 Intercept location data report
          8.1.4 Unauthorized location data invocation
          8.1.5 Unavailable data
          8.1.6 Disclosure of behaviour information
          8.1.7 Positioning without user consent
     8.2 Security threats to the device
          8.2.1 Vulnerability of hardware and software
          8.2.2 Positioning device manipulation
     8.3 Security threats to the interfaces
          8.3.1 Acquisition interface
          8.3.2 Interoperability interface
          8.3.3 Service interface
     8.4 Security threats to the platform
          8.4.1 Vulnerability of hybrid localization technologies
          8.4.2 Capability exposure
     8.5 Security threats to the smart application
          8.5.1 Unauthorized usage
          8.5.2 Trojan horse and virus injection
     8.6 Relationship of security threats to key stakeholders
9 Security requirements of location-enabled smart office service
     9.1 Security requirements for the data
     9.2 Security requirements for the device
     9.3 Security requirements for interfaces
     9.4 Security requirements for the platform
     9.5 Security requirements for the smart application
10 Security functions
     10.1 Data encryption and key management
     10.2 Identity management and access control
     10.3 Integrity verification
     10.4 Software and algorithm(s) integrity verification using cryptographically generated digital signatures mechanism – Security monitoring and security event response
     10.5 User reminder
     10.6 Relationship of security function to security requirements
Bibliography