1. Use case
- Authenticate the user of parking is “Aliens” status, a yes/no decision
- Grant usage duration
- Disclaim loss/damage responsibilities
2. Enforcement
- If yes: allow
- If not: reject
- If violate: consequence
3. Somehow, vulnerabilities exist:
- Identity provider is compromised
- Method of authentication is circumvented
- Result of authentication is manipulated
- Barrier to the authorized resource (parking lot) fails and being bypassed without authentication
4. Consequence:
- False negative: non-alien is mistaken as alien for fraudulent use
- False positive: genuine alien is mistaken as non-alien resulting into denial of service
5. Counter-measure:
- Protect identity provider
- Secure communication from end point to identity provider
- Ensure authentication result integrity
- Conduct periodic system health-check
- Perform regular patrol of parking lot
- Post terms of use and consequence of violation (e.g. tow away at vehicle owner’s expense)