Www.mobilevce.com © 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.

Slides:

Advertisements

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Advertisements

Chapter 10 Real world security protocols

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Access Control Methodologies

Lecture 23 Internet Authentication Applications

Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology

© 2005 Mobile VCE Securing the Future: Device & Service Security Stephen Hope, FT R&D UK Ltd on behalf of Nigel Jefferies, Vodafone Chair.

Grid Security. Typical Grid Scenario Users Resources.

Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

SMUCSE 5349/7349 Public-Key Infrastructure (PKI).

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Certificate Management Using Distributed Trusted Third Parties Alexander W. Dent Joint work with Geraint Price.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Key Distribution CS 470 Introduction to Applied Cryptography

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Security Management.

Domain Name System Security Extensions (DNSSEC) Hackers 2.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Key Management in Cryptography

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

1 Secure Ad-Hoc Network Eunjin Jung

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

1 Using EMV cards for Single Sign-On 26 th June st European PKI Workshop Andreas Pashalidis and Chris J. Mitchell.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Configuring Directory Certificate Services Lesson 13.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

Chapter 21 Distributed System Security Copyright © 2008.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.

Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.

1 Grid School Module 4: Grid Security. 2 Typical Grid Scenario Users Resources.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

Fall 2006CS 395: Computer Security1 Key Management.

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Electronic Banking & Security Electronic Banking & Security.

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

TAG Presentation 18th May 2004 Paul Butler

TAG Presentation 18th May 2004 Paul Butler

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

Presentation transcript:

© 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT

© 2004 Mobile VCE This talk …  Introduces a range of security problems arising in future mobile environments.  It also sketches possible directions for solutions. Broadcast Mobile Service / Content WE User PAN PAN = Personal Access Network WE = Wireless Enablers PDE = Personal Distributed Environment PDE

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE Security terminology (not always universally agreed!) Identification: Learning a (claimed) identifier for an entity – may be a pseudonym. Authentication: Verifying that an entity does correctly possess a certain identifier. Authorisation: Checking that a particular entity has permission to access certain resources. Authorisation requires authentication since permissions are typically bound to an identifier. Identification Authentication Authorisation

© 2004 Mobile VCE Environment Mobile personal environment … Means: an environment in which multiple devices, some personal, some mobile and some fixed, combine to provide an all-pervasive computing and communications service to end-users. Requires: automatic configuration of certain aspects of some devices.

© 2004 Mobile VCE Requirements  Mobile and fixed devices need to identify and authenticate one another. This needs to work in cases where there is no pre-existing relationship between the two devices. Techniques used must, where necessary, protect privacy of device owners, e.g. provide anonymity, prevent linking of transactions, … Cellular WLAN xDSL

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE Privacy  Many of the devices providing the ubiquitous environment will be personal devices; they may thus ‘leak’ personal information to each other.  In a context where devices cannot be assumed to belong to a single trusted domain, there are thus major privacy issues. PAN PDE

© 2004 Mobile VCE Interrogation of mobile devices  Communications protocols for mobile devices inevitably require some form of routine ‘polling’. Responses to polls (e.g. from a network access point) contain some kind of identifier, e.g. a network address. Thus can be used to ‘track’ devices, and potentially track the location of device owners. Thus compromising privacy.  Solutions: GSM/3GPP use temporary identifiers (pseudonyms) distributed in a way that prevents linking. This provides confidentiality protection for exchange.

© 2004 Mobile VCE Use and abuse of authentication  Authentication of a device can pose a denial of service threat. For example, if a protocol requires one device to store state and/or do computations, repeated fake requests can cause memory/processing exhaustion.  Solutions ? Use stateless protocols. Require requester to do at least as much work as the responder. Authentication Requester Responder

© 2004 Mobile VCE Location Information use/privacy  Service providers in a ubiquitous computing environments may wish to provide services based on User location, e.g. targeted advertising, emergency services, broadcast blackout, …  The User may wish to restrict dissemination of his location info. How should this be controlled? Solutions ? Anonymity. Mandatory inclusion of policy data with location information. Trusted Third Parties could provide separation. Policy Data Location Service Provider User

© 2004 Mobile VCE Denial of Service versus Privacy  In any protocol one party has to reveal their identity first.  If the requester of service reveals their identity last, this potentially increases the risk of Denial of Service attacks against the responder.  There is a tension between DoS-resistance and user privacy.  Solutions ? New ideas needed Requester Responder Identity

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE General problem  Many security issues exist when establishing ad hoc working relationships.  Initial trust setting is a major issue.  This relates to identification and authentication.

© 2004 Mobile VCE Automatic address assignment  In an ad-hoc network, newly admitted devices will typically need to be assigned a network address (or addresses).  In the absence of a fixed infrastructure this is problematic.  Solutions can easily lead to the possibility of denial of service attacks. Just one part of ‘zero-config’ problem. Service / Content

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE End-to-end versus point-to-point  Need for security between service provider and service consumer argues for end-to-end authentication.  Need for control of access to resources, e.g. network access, argues for point-to-point authentication. If both provided in ‘unlinked’ way then man-in-the-middle attacks can become possible. Great care needed in combining protocols at different levels in protocol hierarchy. Consumer Service Provider

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE Background  Authentication requires either shared secret keys (using symmetric crypto) or trusted copies of public keys (using asymmetric crypto).  Shared secrets can be set up via a mutually trusted TTP.  Public keys can be obtained via public key certificates, although trusted means to verify certificates (CA public keys) required.

© 2004 Mobile VCE Heterogeneous networks  The pair of devices may not share an online TTP (or even share ‘trust-connected’ TTPs).  Public key crypto (and PKI) looks more promising, but it is still necessary to have mutually verifiable certificates. Finding certification paths could be infeasibly complex for a bandwidth-limited device.  Solutions:? Delegated Path Discovery/Delegated Path Validation.

© 2004 Mobile VCE PKI interoperability  Finding a certification path is by no means the only problem with using PKI.  Certificates issued by different CAs (with different policies) may ‘mean’ different things – e.g. different liability protection, different ID checking for certificate issue, etc.  Certificate status management systems may vary. ?

© 2004 Mobile VCE ID-based cryptography  One possible solution to key management problems is used of ID-based crypto.  Here a user public key is derivable from a user identifier (possibly plus other data).  Requires TTP to issue private keys (and TTP public parameters to derive public key from ID).  Hence we have major interoperation issues if two devices served by different TTPs. Only now being addressed. User Public Key Supporting data

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationship establishment Layering issues Key management Single sign-on

© 2004 Mobile VCE Single Sign On  Essential for easy to use services: Hard to use services don’t generate revenue!  Instead of a user authenticating to multiple service providers (SPs), the user authenticates to an Identity Provider who then provides assurances (assertions) regarding the user’s identity to SPs.  This becomes more important in a ubiquitous environment, where a user will not wish to authenticate to every device/service. Identity Provider

© 2004 Mobile VCE Single Sign On Approaches  Microsoft Passport (Originally) a proprietary SSO solution, which involved the possibility of managing other personal data, all stored on a server somewhere... The European Commission has privacy concerns. Microsoft is moving towards a Web Services based solution.  Liberty Alliance Consortium Set up to provide an open system (protocol suite) to support SSO. Provides various means of transferring assertions to SP. E.g. using SOAP, web redirection. Possible problems, as with any scheme using web redirection, man-in-the-middle attacks.  WS Federation Part of Web Services Security. Covers federation of identifiers, and also allowed ‘brokering’ of identity/authentication services. Could be used as the basis of an SSO scheme?

© 2004 Mobile VCE Agenda Background Privacy issues Ad hoc relationships Layering issues Key management Single sign-on

© 2004 Mobile VCE Thank you !