Doc.: IEEE 802.19-10/0098r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide 1 802.19.1 Security Procedures Notice: This document has been.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /0165r1 SubmissionPäivi Ruuska, NokiaSlide 1 Implementation aspects of a coexistence system Notice: This document has been.
Advertisements

Doc.: IEEE /0129r0 Submission July 2012 Mika Kasslin, NokiaSlide 1 How to accommodate different CE-CM interaction approaches in IEEE ?
Submission doc.: IEEE /XXXXr0 Month Year John Doe, Some CompanySlide 1 Insert Presentation Title Here Date: YYYY-MM-DD Authors: Notice: This document.
Submission doc.: IEEE /0032r0 April 2015 Sho Furuichi, SonySlide 1 The new coexistence use cases for IEEE Date: Authors: Notice:
xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: LB1c-handover-issues.ppt Title: MIH Security – What is it? Date Submitted:
Doc: IEEE xxx Submission April 2015 Woongsoo Na, et al., Chung-Ang University Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE /0021r0 Submission May 2012 Mika Kasslin, NokiaSlide 1 Coexistence system in a cognitive radio testbed Notice: This document has been.
Doc.: IEEE /0508r0 Submission May 2007 Matthew Gast, Trapeze NetworksSlide 1 EAP Method Requirements for Emergency Services Notice: This document.
Security Support for Multi-cast Traffic in M2M communication Document Number: IEEE C802.16p-10/0022 Date Submitted: Source: Inuk Jung, Kiseon.
Doc.: IEEE /0104r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide 1 Channel Selection Support in TVWS Date: Authors:
21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH Protocol Security Date Submitted: December, 2007 Presented.
July 2014doc.: IEEE Submission Qing Li (InterDigital) Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
Doc.: IEEE /0115r1 Submission July 2012 Mika Kasslin, NokiaSlide 1 Design Principles for Entity Responsibilities Notice: This document has been.
Doc.: IEEE xxxxx Submission doc. : IEEE Nov 2012 Slide 1 Project: IEEE P Working Group for Wireless Personal Area.
IEEE MEDIA INDEPENDENT HANDOVER DCN: MuGM Title: TGd Message Signing Proposal Date Submitted: Presented at IEEE d session.
sec1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: TGa_Proposal_Antonio_Izquierdo (Protecting the Information Service.
Doc.: IEEE /123r0 Submission February, 2002 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area.
Doc.: IEEE /0262r1 Submission March 2010 Ha-Nguyen Tran et al., NICTSlide 1 Requirements and Amendment Regarding TVWS Database Access Notice:
Doc.: IEEE /0164r0 SubmissionSlide Protocols Notice: This document has been prepared to assist IEEE It is offered as a basis.
Doc.: IEEE /0287r0 Submission March 2011 Slide 1Hyunduk Kang, et al, ETRI Overview and Issues Notice: This document has been prepared.
Doc.: IEEE /0132r0 Submission November 2011 Yunjung Yi, LGESlide 1 Comment Resolutions (CID 40, 43, 44) Notice: This document has been prepared.
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx-00-MuGM Title: Outline of MuGM Date Submitted: January, 15th, 2013 Presented at IEEE.
Doc.: IEEE /0099r0 Submission Sept Slide 1 Geo-location Database Issues of CEPT Date: Authors: Notice: This document has been.
Doc.: IEEE /0152r0 Submission November 2010 Alex Reznik, et. al. (InterDigital)Slide 1 Device Security Standards Overview Notice: This document.
Submission doc.: IEEE /0097r0 November 2015 Sho Furuichi, SonySlide 1 Information exchange between independent IEEE systems Date: xx.
Doc: IEEE xxx Submission March 2015 Jeongseok Yu et al., Chung-Ang University Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE /0310r0 Submission Sept 2007 Srinivas Sreemanthula Slide 1 IEEE MEDIA INDEPENDENT HANDOVER DCN: MIH-Security-Options.ppt.
Doc.: IEEE /0061r0 Submission June 2011 Mika Kasslin, NokiaSlide 1 Discovery system overview Notice: This document has been prepared to assist.
Submission doc.: IEEE /0011r2 January 2016 Sho Furuichi, SonySlide 1 System architecture for information exchange between independent IEEE
Doc.: IEEE /41r0 SubmissionSlide 1 P System Architecture Notice: This document has been prepared to assist IEEE It is offered.
Doc.: IEEE /20rev0 SubmissionSlide 1 P Assumptions and Architecture Notice: This document has been prepared to assist IEEE It.
Doc.: IEEE /0013r0 Submission January 2012 Mika Kasslin, NokiaSlide 1 Motivation for Monitor WSO Notice: This document has been prepared to assist.
November 2005doc.: IEEE /1079r0 Stuart GoldenNovember Notice: This document has been prepared to assist IEEE It is offered as a.
Doc.: IEEE /129r0 Submission September 2010 Junho Jo/Jihyun Lee, LG ElectronicsSlide 1 IEEE System description Notice: This document.
Submission doc.: IEEE /0015r0 January 2016 Sho Furuichi, SonySlide 1 Proposal for CM discovery/selection/ association as CE operation Date:
Doc.: IEEE /0037r0 Submission February 2010 Joe Kwak (InterDigital)Slide 1 TVWS Architecture for SDD Date: Authors: Notice: This document.
Doc.: IEEE /0019r0 Submission February 2010 Mika Kasslin, NokiaSlide 1 High Level Architecture View Notice: This document has been prepared to.
Doc.: IEEE /0013r0 Submission January 2010 Mika Kasslin, NokiaSlide 1 Coexistence architecture of Notice: This document has been prepared.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IEEE as a Media Independence Service Layer Date Submitted: July 13, 2010.
Doc.: IEEE /0085r1 Submission June 2010 Tuncer Baykas, NICTSlide TG1 and System Design Document Notice: This document has been prepared.
IEEE MEDIA INDEPENDENT HANDOVER DCN: hwnm Title: Thoughts on IEEE relation with IEEE Date Submitted: May 13, 2010.
21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx Title: MIH security issues Date Submitted: July, 02, 2007 Presented at.
Doc.: IEEE /0199r0 Submission March 2005 Kapil Sood, Intel; Bob O’Hara, AirespaceSlide 1 Policy Enforcement For Resources and Security Notice:
Doc.: IEEE /0162r0 Submission November 2010 Jihyun Lee, LG ElectronicsSlide 1 TVWS Coexistence Procedures and Protocols Notice: This document.
Requirements and Amendments Regarding TVWS Database Access
January 15th Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security protocol for Body area networks]
Reference Model Proposal
Channel Classification for Logical Entities
Interfaces Date: Authors: September 2010
<May,2009> doc.: IEEE <doc .....> <July 2009>
Channel Set Transition for Logical Entities
Channel Classification for Logical Entities
July Tutorial – Possible Solutions
Design Principles for Entity Responsibilities
Abstract: Relationship between and
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx
Secure WNM Requirements
Concept of Operation Date: Authors: July 2010
TG1 and System Design Document
July Tutorial – Possible Solutions
Logical Entities Date: Authors: September 2010
Requirements Date: Authors: March 2010 Month Year
Procedures Date: Authors: November 2010
Security Requirements for an Abbreviated MSA Handshake
Possible Action Items Date: Author:
Coexistence Decision Making Topologies
Location Capability Negotiation
EAP Method Requirements for Emergency Services
List of Remaining Proposals for Downselection
Robert Moskowitz, Verizon
Presentation transcript:

doc.: IEEE /0098r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide Security Procedures Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Date: Authors:

doc.: IEEE /0098r0 Submission Abstract We propose a set of security procedures for –Address SDD Requirement –Consistent with our concept of operation Presented in contribution July 2010 Alex Reznik, et. al. (InterDigital)Slide 2

doc.: IEEE /0098r0 Submission Concept of Operation Necessary Procedures –Discovery –Access Control –Policy Negotiation –Policy Enforcement Normal Operations –May also include policy updates and changes –Includes all other coexistence mechanisms July 2010 Alex Reznik, et. al. (InterDigital)Slide 3

doc.: IEEE /0098r0 Submission Where is Security Required Access (request to join) –Authentication and access negotiation Policy commitment (and de-commitment) –Needs to include “proof” that policies will be followed All exchanges –Needs standard integrity/confidentiality protection –Can leverage mechanisms provided by the transport means used –Not discussed here anymore July 2010 Alex Reznik, et. al. (InterDigital)Slide 4

doc.: IEEE /0098r0 Submission Authentication Procedures Centralized architectures –Can use standard approaches (e.g X) –CDIS is the natural entity to provide authentication server Distributed architectures –Leverage the fact that every “master” device needs to authenticate itself to the TVWS Database. –Use TVWS DB identity to provide proof of successful authentication to the TVWS DB –Can use the same for centralized architectures as well Avoids the need to have authentication server in the CDIS –Doing this will require the use of Trusted Environments (TEs) July 2010 Alex Reznik, et. al. (InterDigital)Slide 5

doc.: IEEE /0098r0 Submission Trust Establishment What is it? –Measurement of the trustworthiness of the functionality in the New Entrant to “behave in an expected manner” How is it achieved? –Perform internal self check of the trust state of the New Entrant HW and SW self check based upon integrity measurements of the SW components in the New Entrant How is the trust state communicated? –A signed token from the Trust Environment (TE), of the outcome of the (local) integrity checks is sent in a message from the New Entrant How is the token verified? –The System validates the token based upon the identity of the TE in the token (and hence the New Entrant) and referring to a Trust Third Party (TTP) verifier –TTP provides security profile/capabilities information about the New Entrant based upon its identity July 2010 Alex Reznik, et. al. (InterDigital)Slide 6

doc.: IEEE /0098r0 Submission Integrity based Verification The integrity of the TE in the New Entrant is checked by the hardware anchored Root of Trust (RoT) –RoT and TE itself is trusted via its public key and traceability to a TTP for its security profile/capabilities information TE is loaded and executed Then, the TE prepares a list of the loading order of the modules or groups of components of the New Entrant to verify and load The TE then creates and signs a token to distribute to the System to attest to its trustworthy state –The token is signed by the private key of the TE –The trust nature of the TE in the device and hence the token may be verified by reference to the TTP The System then decides on access authorization based upon the integrity verification information The System and the New Entrant perform mutual authentication The TE in the New Entrant, after authentication, is free to distribute the token to other System entities to assure them of its trustworthy state July 2010 Alex Reznik, et. al. (InterDigital)Slide 7

doc.: IEEE /0098r0 Submission Chain of Trust Illustration July 2010 Proceed with desired operation Stage 1 (TrE) Alex Reznik, et. al. (InterDigital)Slide 8

doc.: IEEE /0098r0 Submission Trust-Based Authentication in a Distributed Setting The challenge –No centralized server for authentication –How does the system “know” who the new entrant is? Address the challenge using the available resources –Assume existence of a trust system –Assume secure authentication/registration with Regulatory TVWS Database How do we leverage these resources? July 2010 Alex Reznik, et. al. (InterDigital)Slide 9

doc.: IEEE /0098r0 Submission Trust-Based Authentication in a Distributed Setting Pre-authentication procedue –STEP 1: New Entrant performs internal self-check and produces attestation of platform integrity –STEP 2: New Entrant access TVWS Database. This access is secure –STEP 3: New Entrant uses a secure, trusted process to produce a certificate of successful registration with Regulatory Database using a specific database ID –STEP 4: authentication procedure Authentication procedure –NEW ENTRANT requests access/participation in a system –NEW ENTRANT produces a verifiable certificate of its platform integrity –New Entrant identifies itself to the system using the same ID used to register with regulatory DB and signed with a certificate of success DB registration system can assess trust in NEW ENTRANT as follows –It verifies NEW ENTRANT’s platform integrity –Platform integrity ensures that New Entrant Regulator DB ID is honestly produced database Id is associated with a PKI key pair to allow signing of the token with the private key of the TE –Platform integrity ensures that the token of successful DB registration is honestly produced –If all of these pass, can trust that new entrant did indeed successfully register with a (known) regulatory DB and can use that fact as a basis of trust and authentication Note –This process does not require the regulatory DB to provide any services other then those it is required to provide July 2010 Alex Reznik, et. al. (InterDigital)Slide 10

doc.: IEEE /0098r0 Submission Chain of Trust For Initial Access July 2010 Initiate Access Request RoT Root of Trust Baseline Platform Integrity OK Reg. DB ID is honest Reg. DB Registration OK Alex Reznik, et. al. (InterDigital)Slide 11

doc.: IEEE /0098r0 Submission Policy Commitment: Threat Models Policy modification during transmission –To be addressed by transport security (integrity/confidentiality) –Not discussed further Device tampering –Device commits to policy, but “does not intend” to implement it –Device commits to policy and tries to implement it but can’t because it was tampered with Addressing device tampering threats –requires device security (TE) mechanisms July 2010 Alex Reznik, et. al. (InterDigital)Slide 12

doc.: IEEE /0098r0 Submission Policy Commitment: System Example From M. Sherman, “Policy Engine Architecture and Certification,” IEEE SCC41 Document Slide 13 Alex Reznik, et. al. (InterDigital)

doc.: IEEE /0098r0 Submission Policy Commitment: How to use TEs We need a 2-step approach Step 1: Prove that the device has not been tampered with –Do it once, as part of access/registration procedure –Generate a token which can be circulated to other entities Step 2: use a TE-based attestation of honesty with every policy commitment (and de-commitment) –Requires intermittent, but infrequent use of TE functionality –With proof of platform integrity during Step 1 (token generation and passing) this is sufficient to prove that policies that were committed to will be followed July 2010 Alex Reznik, et. al. (InterDigital)Slide 14

doc.: IEEE /0098r0 Submission Initial Attachment: Potential Approach 1.New entrant performs a secure start-up by measuring and checking integrity of all system components 2.New entrant sends a report to the System (generate token) relating to self-check and security profile/capabilities information System analyzes information in the report to assess trustworthiness System responds by allowing access System may disallow access if the device is deemed untrustworthy based upon the information supplied in the report 5.New entrant performs policy negotiation 6.New entrant broadcasts policy commitments 7.New entrant executes coexistence mechanisms Report Access Control Decision July 2010 Alex Reznik, et. al. (InterDigital) Slide 15

doc.: IEEE /0098r0 Submission Policy Changes: Potential Process 1.New entrant sends a report to the System relating to self-check (token) and security profile information Monitor policy update messages and perform policy re-negotiation AND/OR Broadcast updated policy commitments 2.New entrant executes coexistence mechanisms Report Access Control Decision July 2010 Alex Reznik, et. al. (InterDigital) Slide 16

doc.: IEEE /0098r0 Submission Conclusions Discussed how to satisfy security requirement in the SDD Proposed security features to be included July 2010 Alex Reznik, et. al. (InterDigital)Slide 17

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.