Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Internet Protocol Security (IPSec)
Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.
Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Adaptive Trust Negotiation and Access Control Tatyana Ryutov, et.al. Presented by: Carlos Caicedo.
Crossing firewalls Liane Tarouco Leandro Bertholdo RNP POP/RS.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)
Module 9: Fundamentals of Securing Network Communication.
A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.
Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.
A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Grid technology Security issues Andrey Nifatov A hacker.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Advanced Client/Server Authentication in TLS
Virtual Private Networks and IPSec
IPSecurity.
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Private Facebook Chat Chris Robison, Scott Ruoti, Tim van der Horst, Kent Seamons Internet Security Research Lab Computer Science Department Brigham Young.
Simple Authentication for the Web
Kent Seamons Brigham Young University Marianne Winslett, Ting Yu
Grid Security.
SECURING NETWORK TRAFFIC WITH IPSEC
Secure Sockets Layer (SSL)
Security Issues.
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx
Module 8: Securing Network Traffic by Using IPSec and Certificates
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
Virtual Private Networks (VPN)
THE STEPS TO MANAGE THE GRID
CS691 M2009 Semester Project PHILIP HUYNH
Chapter 3: Windows7 Part 4.
CS691 M2009 Semester Project PHILIP HUYNH
Thor: The Hybrid Online Repository
Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
Module 8: Securing Network Traffic by Using IPSec and Certificates
AAA: A Survey and a Policy- Based Architecture and Framework
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
ONLINE SECURE DATA SERVICE
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Protecting Privacy During On-line Trust Negotiation
Policy Language Requirements for Trust Negotiation
Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8
ISO Open system Requirements and IT Needs
Lecture 36.
Lecture 36.
Presentation transcript:

Mobile Trust Negotiation Authentication and Authorization in Dynamic Mobile Networks Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson Internet Security Research Lab Brigham Young University http://isrl.cs.byu.edu Say who I am joint work with colleaues in the ISRL base on what has happened previously Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security 15-18 September 2004

Outline Motivation Trust Negotiation Surrogate Trust Negotiation How to adapt trust negotiation for mobile devices Conclusions Future Work

Motivation Mobile devices often operate outside their trusted domain Have a greater need to determine whether a stranger can be trusted Identity is often irrelevant to the access control decision Access control attributes: citizenship, clearance, job classification, group memberships, licenses, role within an organization, etc.

Trust Negotiation Provides authentication based on attributes rather than identity Establishes trust through the gradual and iterative exchange of credentials. Exchange is governed by access control policies Ideal for open systems Participants are not in the same security domain The credential is not released until the policy protecting it is satisfied.

Trust Negotiation Example Fire Chief Fred the Fire Chief 1 City of “Far Away” Server Info 2 Step 1: Fred requests information from Server Step 2: Server returns access control policy for the info 2 Step 3: Fred discloses his access control policy 1 Be more direct about satisfaction of the policy Participants don’t know about Unique thing of policies, don’t know policies in advance Use Fred in the Network Messages – Check  Do a TN example that has to do with the mobile environment Disaster Scenario Fire or Paramedic They have a PDA and need information Fire Chief. Needs a schematic of the building that is on fire, or other information about building such as hazardous materials inside. Fire Chief contacts server (other fire chiefs laptop in the command vehicle or the city server) and requests the information Step 4: Server discloses his Server credential Step 5: Fred discloses his Fire Chief credential Fire Chief Step 6: Server grants access to the information Info

Security for Sensitive Credentials Trust Agent Intelligent, autonomous software module Performs trust negotiation on behalf of the user Protects and manages credentials, policies, and private keys during the negotiation Local – resides on the user’s device Remote – resides on another device Secure Repository Architechure Components of TN architechure Think about title

Mobile Environment Hazards to mobile devices Theft Accidental destruction Changes in the communication topology Limited computational resources where does this go? new hazards to what? work on transition

Secure Repository Stores sensitive information when not in use by the trust agent Types of repositories Local Remote

Local Repository Travels with the user Types Within device PKCS#12 Java KeyStore An attached secure module Sony Memory Stick Smart Card

Local Repository Advantages Disadvantages Always available Fast access Replication and synchronization Loss of device = Loss of repository

Remote Repository Does not travel with the user Types* Virtual smart card NSD Security’s Practical PKI Virtual soft token Securely Available Credentials (SACRED) Forgot to mention SACRED *Sandu et al., PKI Research Workshop 2002

Remote Repository Advantages Disadvantages Can be available even if user doesn’t have his device Loss of device ≠ Loss of repository Disadvantages Availability and accessibility Communication overhead Attractive target for attack

Hybrid Repository Local and remote repositories both have drawbacks Combination of these could lead to the elimination of these disadvantages Ability to be: Fully remote Fully local (full copy still exists remotely) Mix of local and remote Work in progress Paper submitted to NDSS’05 Collaborated with NCSA to create implementation of SACRED http://sacred.sourceforge.net

Typical Trust Negotiation Fire Chief Fred City of “Far Away” After explanation, we are now going to view one paradigm of tn in a mobile environment Trust Agent Trust Agent Repository Repository

Surrogate Trust Negotiation Agent Repository Fire Chief Fred City of “Far Away” Surrogate Trust Agents

Topologies Bilateral Unilateral Proxy ? Intermittent Internet Internet Before we view the Network Messages in detail, lets look at the commmunication topologies of the mobile environment Mention how one device will be used as a proxy Internet ? Intermittent

Surrogate Trust Negotiation Remote trust agent with remote repository Mobile Devices Pre-established relationship Compromised Device Trust agent, the credentials, and keys reside on a physically secure server Terminate relationship with device from the server Terms – use pictures Primary device Client Server Surrogate Trust Agents Trust Negotiation

Networking Messages Message phases Assume unilateral topology Transaction request Authorization Trust Negotiation Setup Trust Negotiation Trust Negotiation Response Transaction Assume unilateral topology Going to show unilateral topology, bilateral is a natural extension of this format as well as possible to be able to be done in this format.

Networking Messages Phase: Transaction Request Transaction Request Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Transaction Request Focus on why, leave messages from paper

Networking Messages Phase: Authorization: Trust Negotiation Setup Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Trust Negotiation Request Infrastructure Negotiation Trust_Negotiation_TicketC,CA Trust_Negotiation_TicketS,SA Our implementation uses a Shared symmetric key Infrastructure Negotiation explanation Trust_Negotiation_TicketC,CA

City of “Far Away” Server Network Messages Phase: Authorization: Trust Negotiation Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Info City of “Far Away” Server Fred the Fire Chief Session_Parameters

Network Messages Phase: Authorization: Trust Negotiation Response Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Transaction_TicketCA,C Transaction_TicketSA,S Transaction_TicketCA,C

Session Initialization Network Messages Phase: Transaction Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Session Initialization Transaction

Security Provisions Goals Integrity Authenticity Confidentiality Termination doesn’t affect other relationships with other devices can re-initialize the relationship if device is recovered.

Security Provisions Cryptographic Tickets An encrypted container Use pre-established relationship between device and trust agent to encrypt Trust_Negotiation_Ticket Instructions from the device to the trust agent Transaction_Ticket Results of the negotiation from the trust agent to the device

Security Provisions Secure End-to-End Protocol After trust is established session keys are created Write key MAC key Each side uses a unique key to encrypt messages and a different unique key to encrypt a message verification. Any protocol IPSec’s Encapsulating Security Payload (ESP) Specific examples

Implementation Primary Devices Trust Agents Two WiFi-enabled iPAQs STN Mobile Module TCP sockets over 802.11b Trust Agents Two Pentium 4 desktops TrustBuilder SOAP RPC

Conclusions First look at trust negotiation in the mobile environment Examined the responsibilities of repositories and trust agents in the mobile environment Presented surrogate trust negotiation Makes trust negotiation accessible to mobile devices of limited resources Shifts the resource-intensive task of authentication to a remote agent Added privacy and security to mobile devices First look at TN in the Mobile environment Added privacy and security to the mobile devices Reinforce the contributions

Future Work STN only works in bilateral and unilateral topologies Intermittent topology System in which the user can choose how and where the trust agent and repository will exist Hybrid repository Trust agent capable of mixed degrees of locality and remoteness

Further Information BYU Internet Security Research Lab http://isrl.cs.byu.edu Master’s Thesis by Tore Sundelin

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.