|
| General issues | Goals |
| Which particular aspect of privacy is at stake? |
| Which kind of data are privacy-sensitive? |
| Threats |
| Which are the data privacy threats (if any)? |
| Which are the entity privacy threats (if any)? |
|
| Network decisions | Sensor |
| How limited their resources are? |
| May they move? If so, are there any boundaries? |
| Are they placed following any strategy or randomly scattered? |
| Sink |
| How many of them are there? |
| If they are several, do they cooperate? |
| How powerful is it? |
| Network |
| Is any topology assumed (e.g., ring, tree) or it may work for any topology? |
| Is the network organized in some way (e.g., cluster, areas)? |
| If so, is this organization permanent? |
| Trusted elements |
| Are sensors trusted? If so, to what extent? |
| Are sinks trusted? If so, to what extent? |
| Are communications trusted? Which ones (e.g., sensor-sensor, sensor-sink, and sensor-user)? To what extent? |
| Are there Trusted Third Parties? If so, what are they trusted for? |
|
| Attacker-related decisions | Coverage |
| Where is it placed? Is it internal, external, or both? |
| Does it have global view? If so, how? |
| Does it move over time? |
| Nature |
| Is it active, passive, or both? |
| Presence |
| If it involves internal nodes, is there any upper/lower limit? |
| Knowledge |
| Which information does it know? Does this information change over time? |
| Behavior and resources |
| Does it have any attack pattern? Is it honest? |
| Does it attack for a given benefit to a particular subset of nodes? |
| If it involves several entities, do they cooperate? To what extent? |
|
