Hannes Tschofenig Henning Schulzrinne M. Shanmugam

Slides:

Advertisements

Similar presentations

March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.

Advertisements

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Draft-ietf-ecrit-location-hiding-req Location Hiding: Problem Statement and Requirements Henning Schulzrinne, Laura Liess, Hannes Tschofenig, Barbara Stark,

Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

P2P SIP Names & Security Cullen Jennings

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning.

Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.

Computer and Network Security Rabie A. Ramadan. Organization of the Course (Cont.) 2 Textbooks William Stallings, “Cryptography and Network Security,”

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.

Emergency call assurance. Highest-level goals Protect PSAP resources –network resources –call takers Protect first-responder resources –unnecessary dispatch.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Emergency Context Resolution with Internet Technologies BOF (ecrit) Jon Peterson, Hannes Tschofenig BOF Chairs.

Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.

17 February 2016 SIPPING - IEPREP Joint Meeting Fred Baker - IEPREP co-chair Rohan Mahy - SIPPING co-chair.

Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats-01.txt Hannes Tschofenig, Henning Schulzrinne, Murugaraj.

Introduction to Network Systems Security Mort Anvari.

ECRIT requirements update draft-schulzrinne-ecrit-requirements-01 IETF 63 Aug 02, 2005 Roger Marshall

7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.

ECRIT - IETF 62 (March 2005) - Minneapolis 1 Requirements for Emergency Calling draft-schulzrinne-sipping-emergency-req-01 draft-ietf-sipping-sos-01 Henning.

Computer Security Introduction

Cryptography and Network Security

ECRIT WG IETF-75 Trustworthy Location Bernard Aboba

Threat Modeling for Cloud Computing

12th April 2007, SDO Emergency Services Workshop 2007

CSCE 715: Network Systems Security

Phil Hunt, Hannes Tschofenig

SECURING NETWORK TRAFFIC WITH IPSEC

IT443 – Network Security Administration Instructor: Bo Sheng

Outline Basics of network security Definitions Sample attacks

In-network Support for VoIP and Multimedia Applications

Location Configuration at Layer 7

Hannes Tschofenig, Henning Schulzrinne, Bernard Aboba

The study and demonstration on SIP security vulnerabilities

Henning Schulzrinne Stephen McCann Gabor Bajko Hannes Tschofenig

Information and Network Security

Emergency Service Identifiers draft-ietf-ecrit-service-urn-01

Thoughts on VoIP and Emergency Calling

Network Security: IP Spoofing and Firewall

Cyber Issues Facing Medical Practice Managers

COS 561: Advanced Computer Networks

Securing the CASP Protocol

Proposal for a Generic Emergency Call Support

CSCE 715: Network Systems Security

Emergency Calling Services (Calls for police, fire, ambulance, etc.)

Emergency call assurance

Computer Security Introduction

BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)

IEEE Emergency Services

Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation

Security in SDR & cognitive radio

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Outline Basics of network security Definitions Sample attacks

Security Attacks Network Security.

Introduction to Networking Security

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

Hannes Tschofenig Henning Schulzrinne M. Shanmugam Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning Schulzrinne M. Shanmugam ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Terminology Internet Access Provider (IAP) Emergency call routing support = routes calls (e.g., SIP proxy) Directory = maps location to PSAP address Asserted location information = somebody vouches for this information ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Framework location provider (DHCP, …) A(V)SP IAP configuration information directory PSAP ECRIT interim meeting - May 2005

Participant-visible threats Standard problems: eavesdropping (privacy, interference with law enforcement) modification of call content preventing service to single user (burglar-cutting-phone-wire) Since no direct monetary gain, threat model focuses on disruption of emergency service to legitimate users by causing infrastructure failure by tying up call takers by dispatching emergency responders Difference to most other systems PSAP doesn’t care who you are as long as you don’t lie about the location or nature of the emergency ECRIT interim meeting - May 2005

Layers of defense (DOS, crank calls) prevent or limit detect & filter prosecute ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Threats Denial-of-service (resource exhaustion) attacks entities affected: directory call routing infrastructure PSAP resources network bandwidth processing human resources (call takers, first responders) Call identity spoofing primarily to elude DOS attack prosecution ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Authentication Classical requirement: “must be able to place call without authentication” Really? ≠ anonymity! Probably really want place call without being a paying customer of IAP thus, may still be known to service provider former customer third-party cert (e.g., some government authority) device cert (“payphone on corner of Third and Main”) ECRIT interim meeting - May 2005

Details: security threat to one caller Confidentiality Modification to configuration information Modification of call information call signaling media PSAP impersonation ECRIT interim meeting - May 2005

Details: infrastructure threats denial-of-service attacks modification of configuration information ECRIT interim meeting - May 2005

Caller identity spoofing  authentication avoid delays during emergency call setups avoid multiple round-trip times define authentication independent of customer relationships e.g., might only need non-1918 IP address to determine port and customer ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Location spoofing End user provided location IAP provides assertion limited usefulness if wide coverage area Emergency call router inserts retrieved by V(A)SP from IAP must be based on some identifier IAP may sign Need to insert timestamp and identity prevent replay and copy-and-paste attacks identity may not be NAI IP address, MAC address primarily needed for traceability ECRIT interim meeting - May 2005

Location spoofing threat mediation prevent wide-area spoofing avoid global attacks; avoid international jurisdictional issues accountability reasonable chance that the person can be brought to justice future calls from the same person are considered suspect prevent local-area spoofing attacker can’t pretend to be in place X prevent local-area collusion attacker can’t get friend to give him location information for X prevent local-area time cloning attacker can’t pretend to be in X now if they were in X earlier ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Impersonating a PSAP Assurance of reaching an authorized or legitimate PSAP Attacker may intercept directory request or call routing request  Integrity-protect directory and signaling interactions Directory must be authoritative for information may be hard to prove ECRIT interim meeting - May 2005

ECRIT interim meeting - May 2005 Open issues Mixture of threat description and requirements Should requirements be merged into general requirements document (or remove security issues from general requirements document)? ECRIT interim meeting - May 2005