Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Slides:

Advertisements

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Advertisements

Trusted Symbol of the Digital Economy 1 Bill Holmes – VP Marketing ID Platform - Smart Cards.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

FIT3105 Smart card based authentication and identity management Lecture 4.

Security at the Operating System Level (Microsoft) By Birinder Dhillon.

SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

NETWORK SECURITY.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Mobile and Wireless Communication Security By Jason Gratto.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Week #7 Objectives: Secure Windows 7 Desktop

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

The Cryptographic Sensor FTO Libor Dostálek, Václav Novák.

Chapter 21 Distributed System Security Copyright © 2008.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

SECURITY SCHEMES FOR AMI Jincheol Kim et al. – Korea – Distribution business and impact of regulation – 0845 Jincheol Kim, Seongji Ahn, Youngeok Kim Jongman.

PAPER PRESENTATION ON NETWORK SECURITY ISSUES BY M.D SAMEER YASMEEN SULTHANA.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

Network Security David Lazăr.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Cryptography and Network Security (CS435) Part One (Introduction)

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

CHECO Jared Owensby – Technical Paul Herbka – Pricing & Purchasing South Seas Corporation.

1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

DIGITAL SIGNATURE.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Wireless and Mobile Security

Azam Supervisor : Prof. Raj Jain

Creating and Managing Digital Certificates Chapter Eleven.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

Dr. Nermin Hamza.  Attacks:  Traffic Analysis : traffic analysis occurs when an eavesdroppers observes message traffic on network. Not understand the.

Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.

TAG Presentation 18th May 2004 Paul Butler

Web Applications Security Cryptography 1

Hardware-rooted Trust for Secure Key Management & Transient Trust

Trusted Computing and the Trusted Platform Module

TAG Presentation 18th May 2004 Paul Butler

Trusted Computing and the Trusted Platform Module

Hardware Cryptographic Coprocessor

کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)

Presentation transcript:

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog, PMP February 2, 2011

Typical Advanced Metering Infrastructure (AMI) Network of microsystems interconnected Entire network acts as a single system Smart Grid Networks

The network system Key Management needs to be a model Entire network becomes one system System attributes Load keys securely Provide uniqueness Enable Authenticate (non - repudiation) Operate uniformity (synchronize with network) Refresh implementation (key rolling) Prevent tamper (software / key extraction) Etc.

Key Management Modularity – all systems need a common root organization which enforces uniformity and diversity Core security uniformity Address all required attributes PKI, certificates, CA Node integrity Recover from compromise Each cryptographic algorithms which need root secrets and keys use

Authentication and Key Setup

Key Rotation

Working Key Generation Hash & Secret Hash & Secret

Key Utilization

Why Hardware Security is Better ICs architected from ground up for security No exposed regular structures, no exposed test capability Internal clock generation, power regulation, environmental tamper detection Keys stored in memories have additional layers of protection Security procedures and protocols are hard coded, not subject to attack Only well protected information crosses the security perimeter Key Detection on Hard Drive Disk Regular chip design Tamper-resistant shielding

Questions?

Optional Material

Firmware and software protection Firmware root of trust Firmware download protections Confidential file protection Media download Facilitating key exchange Encrypting memory contents User authentication Tokens, dongles and two factor logon Call center support Battery authentication Networked device security Peer-to-peer systems Key Management (but used in many apps) Protecting communication Signatures and Certificates Verifying and encrypting Wireless network systems security Removable component authentication Consumable, peripheral, daughter card, etc… Mutual authentication Additional Product Uses

Network Key Management Encrypted PII Every node produces unique and one-time use session keys Session keys can encrypt Personally Identifying Information (PII) Any node can be authenticated uniquely on network Each node can produce the same key anywhere on the network Create cryptographic communication keys on the fly Verify communication transmission Key PII Key AES Verify MAC