Security Requirements

Slides:



Advertisements
Similar presentations
Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –
Advertisements

1 2/20/03 Link Security Scenarios Ali Abaye Charles Cook Norm Finn Russ Housley Marcus Leech Mahalingam Mani Bob Moskowitz Dave Nelson Antti Pietilainen.
Internet Protocol Security (IP Sec)
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
RSVP Cryptographic Authentication "...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.
PlutoPlus: Policy and PKI Plans for FY00 Sheila Frankel Systems and Network Security Group Computer Security Division NIST
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.
Integrated Security Model for SNMPv3 (ISMS) pronounced "is" "miss" David T. Perkins & Wes Hardaker 60 th IETF August 6, 2004.
Session-based Security Model for SNMPv3 (SNMPv3/SBSM) David T. Perkins Wes Hardaker IETF November 12, 2003.
VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
© Synergetics Portfolio Security Aspecten.
An Overview of Cryptography Ying Wang-Suorsa Helsinki University of Technology.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.
A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
CCSDS Security Working Group Application Layer Security Discussion Mike Pajevski NASA/JPL October 2008.
KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.
Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v
1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.
Computer and Network Security
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
Message Authentication Code
Chapter 5 Network Security Protocols in Practice Part I
SBSM BOF Session-Based Security Model for SNMPv3
Wireless Protocols WEP, WPA & WPA2.
OAuth WG Conference Call, 11th Jan. 2013
Phil Hunt, Hannes Tschofenig
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Chapter 18 IP Security  IP Security (IPSec)
Internet and Intranet Fundamentals
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
A Wireless LAN Security Protocol
Hardware Cryptographic Coprocessor
Visit for more Learning Resources
IPSec IPSec is communication security provided at the network layer.
BINF 711 Amr El Mougy Sherif Ismail
Topic 1: Data, information, knowledge and processing
Seraphim : A Security Architecture for Active Networks
SUBMISSION TITLE Srinivas Munigala & Principal QA Engineer
Kerberos.
Virtual Private Networks (VPNs)
IMS & Wireline to Wireless Convergence
PEKM (Post-EAP Key Management Protocol)
March 2001 Optional MAC-Level Security Enhancements for Home WLANs Carlos Rios LinCom Wireless Carlos Rios, LinCom Wireless.
Securing a Connected Transportation System
Chapter 2. Protocols and Architecture
Install AD Certificate Services
Chinese wall model in the internet Environment
Public-Key, Digital Signatures, Management, Security
Jim Schaad August Cellars
Unit 8 Network Security.
Overview of Improvements to Key Holder Protocols
Security in SDR & cognitive radio
Smart Meter Data Privacy: A Survey
Overview of Improvements to Key Holder Protocols
E-business and Network Security
Integrated Security System
Message Authentication
LM 7. Cellular Network Security
Lecture 36.
Lecture 36.
Presentation transcript:

Security Requirements Marcus Leech Nortel Networks

Business-Driven Requirements Theft of service Session authentication Message integrity/authentication Encryption (theft of subscription video, etc) Customer separation Encryption Message integrity

Business-Driven Requirements (contd) Billing ability Session authentication Message integrity Content committment (subscriber auditability, etc) Media/MAC consistency Common key-management architecture and practices Encapsulation (SDE) may be different from media-to-media

Requirements Details Session authentication Individual identity/credential Subscriber/human identity end-point/hardware identification Key management/agreement/distribution Freshness of keying material Flexible credentials Ability to plug into existing infrastructures

Requirement Details (cont) Message Integrity Requires freshness of keying material Strong cryptographic MAC function Replay protection Encryption Flexibility in algorithm choice Negotiation of *fresh* keys Wire speed performance for whatever MAC is in use “reasonable” footprint for skinny hardware

Requirement Details (contd) Key management/agreement Flexibility in credentials Modern, publically analysed/available cryptographic primitives Freshness guarantees PFS? Identity hiding? Key translation/inter-MAC transport?