IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-0000-00-0000 Title: Secure Datastore Architecture Concepts Date Submitted: March, 2009 Submitted at IEEE 802.21 session #31 in Vancouver Authors or Source(s): Richard Paine (Self) Abstract: The FCC Whitespace datastore concepts require a secure datastore and illustrate the need for an IEEE 802 end-to-end security conceptual viewpoint. This is one viewpoint of that requirement. 21-09-0048-00-0000

IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual <http://standards.ieee.org/guides/opman/sect6.html#6.3> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/guide.html>  IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws <http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/faq.pdf>  21-09-0048-00-0000

Project IEEE 802 Executive Committee Study Group on TV White Spaces – Secure Datastore /End-to-End Security Architecture Concepts Title ECSG WS Study Group Date Submitted 2009-03-09 Source(s) Contributor: Richard Paine, Affiliation Self Voice: 206-854-8199, e-mail: richard.h.paine@gmail.com Abstract IEEE 802 ECSG on White Space slide deck to capture 802 and TVWS USE CASE Security Issues Purpose To provide input to the ECSG and others on possible use cases that will help clarify how the TVWS spectrum might be secured and how these uses might possibly be addressed by IEEE 802 work. Release The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802. Patent Policy and Procedures The contributor is familiar with the IEEE-SA Patent Policy and Procedures: <http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>. Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and <http://standards.ieee.org/board/pat>. 21-09-0048-00-0000

802 End-to-End Security 21-09-0048-00-0000

OSI-TCP/IP Stack Comparison 21-09-0048-00-0000

Platform and Security Layers Application-Secured Payload SSL, TLS, etc. Platform and Security Layers IPSec, HIP, etc. Application Application OS-Session OS-Session OS-Internetworking OS-Internetworking Media Physical Medium Media Modem Modem 802.1x, etc. 802.1x, etc. Each platform abstraction layer supports its own communications security Note: Media security is generally platform-to-network, not platform-to-platform Implementation of each platform abstraction should be secured Certification of regulatory/standards compliance Real-time attestation of implementation (“tamper-proof”) Ability to secure sensitive data This is not shown, but implied 21-09-0048-00-0000

Discontinuity between IEEE 802 and IETF IPSec, HIP, etc. OS-Internetworking OS-Internetworking 802 Interface to the “Outside World” Media Physical Medium Media Modem Modem 802.1x, etc. 802.1x, etc. 21-09-0048-00-0000

End Device Stack Physical Medium Network Equipment Data Link 802 MAC 802 IF To Upper Layers 802 MAC 802 PHY 802 IF To Network Device Layers Physical Medium 21-09-0048-00-0000

Lightweight Host Identity Protocol Example Gurtov; Host Identity Protocol (HIP); Wiley, 2008; pg 131. TCP/UDP TCP/UDP Unauthenticated Control Messages HIP HIP Authenticated Control Messages Authentication Interaction IPSEC IPSEC Authentication Layer Authentication Layer IP IP ESP Payload: not encrypted, not authenticated 21-09-0048-00-0000

The End-to-End LHIP Security Stack Secure Network Equipment Secure Network Equipment IF To Upper Layers IF To Upper Layers Physical Medium 21-09-0048-00-0000

The End-to-End HIP/SMA Security Stack IETF’s Secure DataStore and Schema (MAP) FCC WS DB and Schema Adding HIP, TNC, and the FCC WS Work Secure Network Equipment Data Link SMA PKI Datastore People/Machines 802 IF To Upper Layers 802 MAC SMA Secure DataStore And Schema IF To Upper Layers 802 PHY 802 IF To Device Layers TNC Secure DataStore and Schema Physical Medium 21-09-0048-00-0000

802 Interface to the “Outside World” Application-Secured Payload SSL, TLS, etc. Summary Data TOG’s SMA Secure Datastore and Schema TOG’s SMA Secure Datastore and Schema IPSec, HIP, SMA, etc. IETF’s Secure DataStore and Schema (MAP) IETF’s Secure DataStore and Schema (MAP) Application Application OS-Session OS-Session OS-Internetworking SMA PKI Datastore People/Machines SMA PKI Datastore People/Machines OS-Internetworking 802 Interface to the “Outside World” Media Physical Medium Media Modem Modem 802.1x, etc. 802.1x, etc. TCG’s TNC Secure DataStore and Schema (IF-MAP) TCG’s TNC Secure DataStore and Schema (IF-MAP) FCC Secure WS DataStore FCC Secure WS DataStore 21-09-0048-00-0000

Ideal End-to-End Security Trusted Policy Engine Trusted Policy Engine IETF/TCG/TOG/IEEE Secure DataStore and Schema (MAP) IETF/TCG/TOG/IEEE Secure DataStore and Schema (MAP) App.-Secured Payload Application Application SSL, TLS, etc. OS-Session OS-Session IPSec, HIP, SMA, etc. OS-Internetworking OS-Internetworking IP Infrastructure Media Media Modem Modem Trusted component used to verify compliance and prevent policy violation 21-09-0048-00-0000

Secure Datastore Commonalities Datastores/Schema all have similarities (FCC, SMA, LHIP, & TNC) Location information and measurement Geolocation, sensor measurements Host information: Identity, name, address, etc. Network IDs: MAC, IP address, etc. Local policy databases Spectrum policy information Security policies database Co-existence policies Remote database information DNS, Spectrum Servers, Certificate Authorities, Sensitive SW Sources (e.g. McAfee), etc. Trust certificates Identities of trusted third party connections IF should/could be standardized 21-09-0048-00-0000

Interfaces Need to be Defined 802.11k SME MIB “Zero Config”-like Access Object IDs for the MIB Entries 802.11 SME MIB Clients 802.16 MIB Clients 802.21 MIB Clients SMA Interface [SLDAP (Secure Lightweight Directory Access Protocol)] DNS TCG’s TNC [IF-MAP (InterFace-Metadata Access Point)] FCC WS – interface undefined, but required fields similar 21-09-0048-00-0000

End-to-End Projects Identified Joint IEEE-IETF Task Force on end-to-end security protocols and definitions Passing of SMA/cryptographic identity/security information from PHY to upper layers (schema?) IEEE/802.21 project for security handoff between disparate systems (schema?) Joint IEEE-TCG Task Force on device security at lower layers Attesting to lower layers Compliance with regulatory/standards policies, e.g. FCC White Spaces regulations Interface definitions for all interfaces in 802 21-09-0048-00-0000

SMA Datastore [Secure LDAP (SLDAP)] DNS Resource Records (Not Secure) Resolutions? HIP SMA Datastore [Secure LDAP (SLDAP)] DNS Resource Records (Not Secure) TCG’s TNC Datastore Access (SLDAP?) All schema (should be common) 21-09-0048-00-0000