This PR makes two relatively small updates: a VLOS flag is added to OperationDetails to indicate whether volumes may overlap (VLOS volumes may be overlapped because the operator is providing visual separation), and the owner field is re-added to the *References so that USSs can detect an attempt to hijack Subscription updates. To address this attack, a USS would be expected to note the owner of each Operation it was aware of at last contact with the DSS, and then verify that any Operation updates came from the owner of the modified Operation (by checking the sub/client_id of the access token). The limits an attack where a malicious USS (or actor within that USS) sends a false Subscription update for an Operation they don't own such that the receiving USS fails to plan around the true Operation.
This PR makes two relatively small updates: a VLOS flag is added to OperationDetails to indicate whether volumes may overlap (VLOS volumes may be overlapped because the operator is providing visual separation), and the
ownerfield is re-added to the *References so that USSs can detect an attempt to hijack Subscription updates. To address this attack, a USS would be expected to note theownerof each Operation it was aware of at last contact with the DSS, and then verify that any Operation updates came from the owner of the modified Operation (by checking thesub/client_idof the access token). The limits an attack where a malicious USS (or actor within that USS) sends a false Subscription update for an Operation they don't own such that the receiving USS fails to plan around the true Operation.