A Security Framework for ROLL draft-tsao-roll-security-framework-00.txt T. Tsao R. Alexander M. Dohler V. Daza A. Lozano.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Chris Karlof and David Wagner
Internetworking II: MPLS, Security, and Traffic Engineering
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Group #1: Protocols for Wireless Mobile Environments.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Lecture 1: Overview modified from slides of Lawrie Brown.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Key Management in Cryptography
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.
An Analysis of Bluetooth Security
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
MagicNET: Security System for Protection of Mobile Agents.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.
RPL Applicability Statement for AMI IETF #81, IETF ROLL WG Québec City, Canada July 25-29, 2011 Jorjeta Jetcheva
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Lecture 24 Wireless Network Security
Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Slide #1IETF 71 – Roll WG – March 2008 Routing Requirements for Urban Sensor Networks draft-dohler-r2ln-routing-reqs-00.txt M. Dohler G. Madhusudan G.
IS3220 Information Technology Infrastructure Security
1 On 3GPP2 Femto Security Anand Palanigounder Qualcomm Inc. Notice: Contributors grant a free, irrevocable license to 3GPP2 and its Organization.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.
UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
CS457 Introduction to Information Security Systems
Next Generation: Internet Protocol, Version 6 (IPv6) RFC 2460
Presentation transcript:

A Security Framework for ROLL draft-tsao-roll-security-framework-00.txt T. Tsao R. Alexander M. Dohler V. Daza A. Lozano

IETF 75 - ROLL WG, July of 13 Overview Objective Approach Security needs ROLL issues Threat, attacks, and counters ROLL security features Moving forward

IETF 75 - ROLL WG, July of 13 Objective Enumerate pertinent security issues in LLNs specific to routing Facilitate –Assessment of a routing protocol's security threats –Identification of the necessary features of a secured ROLL protocol –Provide a framework applicable to any generic routing protocol

IETF 75 - ROLL WG, July of 13 Approach (1/3) Four steps –Examine ROLL security issues –Analyze threats and attacks –Consider the countermeasures –Make recommendations for securing ROLL The basis –Identify the assets and points of access of routing –Evaluate their security needs based on the CIA model in the context of LLNs

IETF 75 - ROLL WG, July of 13 Approach (2/3) The CIA principles are widely employed to understand, uncover, and formulate security needs –Confidentiality concerns unauthorized disclosure –Integrity concerns unauthorized alteration –Availability concerns if information and resources are accessible when needed They can be limiting for certain applications –Other views include, e.g., non-repudiation

IETF 75 - ROLL WG, July of 13 Approach (3/3) Data flow diagram decomposition of routing

IETF 75 - ROLL WG, July of 13 Security Needs Routing/topology information –Integrity, confidentiality, and authorized use Neighbor discovery process –Not to undermine routing availability Routing/topology exchange process –Authentication, integrity, and confidentiality Communication channels and node resources –Availability Stored information, and routing and route generation processes –Confidentiality and Integrity

IETF 75 - ROLL WG, July of 13 ROLL Issues Limited energy reserve, memory, and processing resources Large scale of rolled out network Autonomous operations Certain types of networks may have highly directional traffic Unattended locations and limited physical security Support for mobility Support for multicast and anycast

IETF 75 - ROLL WG, July of 13 Threats, Attacks, and Counters Confidentiality –Routing exchange exposure –Routing information (routes and network topology) exposure Integrity –Routing information manipulation –Node identity misappropriation Availability –Routing exchange interference or disruption –Network traffic forwarding disruption –Communications resource disruption –Node resource exhaustion

IETF 75 - ROLL WG, July of 13 ROLL Security Features (1/2) Confidentiality –SHOULD provide payload encryption and privacy, e.g., when geographic information is used –MAY provide tunneling and load balancing Integrity –MUST verify the liveliness of both principals of a connection, message freshness, and message sequence and integrity Availability –MAY restrict neighborhood cardinality, randomly use multiple paths and/or destinations, set quotas to limit transmit or receive volume, and use geographic insights for flow control

IETF 75 - ROLL WG, July of 13 ROLL Security Features (2/2) Additional Considerations –If a LLN employs multicast and/or anycast, it MUST secure these protocols –MUST provide adequate physical tamper resistance to ensure the integrity of stored routing information. –MUST include a process for key and credential distribution; a LLN is encouraged to have procedures for their revocation and replacement

IETF 75 - ROLL WG, July of 13 Moving Forward (1/2) To consider constraints due to operations or application needs –Examples include ease of installation and protection of safety sensitive applications –Do these constraints necessarily translate to different ROLL security needs and strengths? –If so, do we solve it by different security levels, e.g., none, default, and high?

IETF 75 - ROLL WG, July of 13 Moving Forward (2/2) To consider integration of trust mechanisms –How is it relative to authentication? –Does it also address insider attacks? To consider routing in context –Link layer security needed for (D)DOS which also impedes ROLL –Heterogeneous devices of various configurations and the cascade vulnerability problem

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.