Emergency Security Group
The "Emergency" group includes architecture flows that support emergency response and related critical public safety activities. These flows have critical availability and integrity requirements.
Security Services
| Service | Importance | Service Description |
| Confidentiality |
Medium |
The system should prevent unauthorized disclosure of information deemed sensitive. |
| Integrity |
High |
The system should ensure that information is protected from unauthorized intentional or unintentional modifications. |
| Availability |
High |
The system should protect critical ITS services in order to prevent degradation or denial of the ITS services to users of the services. Single points of failure should be avoided. |
| Accountability |
High |
The system should provide protection against a sender of an information transmission later denying that they sent the information. The system should provide protection against a receiver of an information transmission later denying that they received the information. This concept is known as Non-Repudiation or Accountability. |
| Authentication |
High |
The system should verify the identity of a user and/or other system prior to granting access to a requested resource. |
| Auditing |
High |
The system should have the capability to trace ITS subsystem and individual user actions and activities. The auditing function of the system places the actions and activities in an audit trail that is protected from unauthorized access and modification. |
| Access Control |
High |
The system should limit access to the resources of a subsystem to only those users and other subsystems that are properly authorized. After authenticating an entity, the system should have the capability to limit system access to information or resources based on that entity’s access privileges. The system should limit software modifications and upgrades to users and other systems that have authorization. |
Security Objectives
| Objective |
Classification |
Class Description |
| Confidentiality |
Medium |
Information that is sensitive and is intended for use only by specified ITS personnel |
| Integrity |
High |
Unauthorized or unintended modification of the information could result in degradation of public safety. |
| Availability |
High |
Loss of the information could jeapordize public safety. |
Security Threats
| Threat |
Importance |
Threat Description |
| Deception |
High |
A circumstance or event that may result in an authorized entity receiving false data and believing it to be true. |
| Disclosure |
Medium |
A circumstance or event whereby an entity gains access to data for which the entity is not authorized. |
| Disruption |
High |
A circumstance or event that interrupts or prevents the correct operation of system services and functions. |
Architecture flows
