US: TCIP - Guaranteed Secure Internet (ITS)
Description:
This solution is used within Canada and the U.S.. It combines standards associated with US: TCIP with those for I-I: Guaranteed Secure Internet (ITS). The US: TCIP standards include upper-layer standards required to implement transit-related communications. The I-I: Guaranteed Secure Internet (ITS) standards include lower-layer standards that support secure communications with guaranteed delivery between ITS equipment using X.509 or IEEE 1609.2 security certificates.Relevant Regions:
- Canada
- United States
Comm Profile: I-I: Guaranteed Secure Internet (ITS)
Comm Class: WAN - Wide Area Network
Standards in Profile:
| Level | Standard |
|---|---|
| Access | Internet Subnet Alternatives |
| Mgmt | Bundle: SNMPv3 MIB |
| Security | Secure Session Alternatives |
| TransNet | IETF RFC 9293 TCP |
| TransNet | IP Alternatives |
Data Profile: US: TCIP
Standards in Profile:
| Level | Standard |
|---|---|
| Facilities | Encoding Alternatives |
| Facilities | TCIP - Data |
| ITS Application Entity | TCIP - Data |
Solution Issues Severity: 18
The severity issue score calculation only includes issues associated with standards that are included by default.
Solution Issues:
| Default | Severity | Name | Type | Description |
|---|---|---|---|---|
| False | Medium | Option not standardized | Standardization Gap | The option set includes at least one option that is not (yet) defined in a standard. |
| False | Medium | Uncertainty about trust revocation mechanism | Security Gap | The mechanisms used to prevent bad actors from sending authorized messages is unproven. |
| True | Low | Data not defined in standard format | ITS Info Gap | The definition of data concepts should conform to ISO 14817-1 to promote reuse among ITS. |
| True | Medium | Out of date (medium) | Standardization Gap | The standard includes normative references to other standards that have been subject to significant changes that can impact interoperability or security of systems and the industry has not specified if and how these updates should be implemented for deployments of this standard. |
| True | Medium | Outdated security reference | Security Gap | The standard solution includes an outdated security reference. |
| True | Medium | Secure data access not provided | Security Gap | The solution does not define rules on how the application entity authenticates requests to accept or provide data. |
| True | High | Encoding rules not defined | Facility Layer Gap | The standards do not unambiguously define which set of encoding rules to use. |