The spectrum access system (SAS) is being deployed as a key component of the emerging spectrum sharing paradigm to address the spectrum crunch facing the U.S. wireless industry. Ensuring security and privacy of this system against potential attacks is a task of paramount importance. In this article, we first introduce the SAS system, describing its three-tier access model, its functional architecture, and the spectrum management protocol. We then provide a comprehensive analysis of a variety of security and privacy attacks that an SAS is vulnerable to, and discuss their countermeasures. We identify key challenges, formalize threat models, and organize the discussion of SAS security into four categories: 1) SAS server security and privacy; 2) citizens broadband radio service device security; 3) security of environment sensing capability; and 4) communication protocol security. Finally, we suggest future research directions for spectrum management security.

中文翻译：

---

保障频谱接入系统安全的挑战和新方向

频谱访问系统（SAS）被部署为新兴频谱共享范例的关键组件，以解决美国无线行业面临的频谱紧缩问题。确保此系统的安全性和隐私性以防潜在攻击是至关重要的任务。在本文中，我们首先介绍SAS系统，描述其三层访问模型，其功能体系结构和频谱管理协议。然后，我们对SAS容易受到的各种安全和隐私攻击进行了全面分析，并讨论了其对策。我们确定了主要挑战，确定了威胁模型的形式，并将对SAS安全性的讨论分为四类：1）SAS服务器安全性和隐私性；2）公民宽带无线电服务设备的安全性；3）环境感知能力的安全性；4）通信协议的安全性。最后，我们建议频谱管理安全性的未来研究方向。