D1 - 29/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

Slides:

Advertisements

Similar presentations

Inter WISP WLAN roaming

Advertisements

doc.: IEEE <doc#>

ITU-T SG13 futures session – July 25, D1 Present document contains informations proprietary to France Telecom. Accepting this document means for.

ITU-T SG13 futures session – July 25, D1 France Télécom R&D Present document contains informations proprietary to France Telecom. Accepting this.

D1 - 12/05/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

802.1x EAP Authentication Protocols

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

D1 - 27/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From ： Proceeding of the First International Conference on Security and Privacy for.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.

 The GSM network is divided into two systems. each of these systems are comprised of a number of functional units which are individual components of the.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

GGRF Doc. 21/00 1 GSM Global Roaming Forum Title: Source: Meeting Date: 6-Oct-2000 Meeting # : GGRF #2 Location: Brussels Document Purpose: For Information.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Network Security1 – Chapter 5 (B) – Using IEEE 802.1x Purpose: (a) port authentication (b) access control An IEEE standard

WIRELESS LAN SECURITY Using

21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH Protocol Security Date Submitted: December, 2007 Presented.

Doc.: IEEE /229r0 Submission Tan Pek-Yew, Panasonic Slide 1 March 2003 Interworking – QoS and Authorization Tan Pek Yew & Cheng Hong Panasonic.

GSM Network Structure Lance Westberg.

UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.

Network: Location Management Y. Richard Yang 3/21/2011.

Doc.: IEEE /751r0 Submission July 2004 Max Riegel, SiemensSlide 1 Selling network access Views from a business perspective Max Riegel Siemens.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Proposal for IEEE Study Group on Security Signaling Optimization.

Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.

AIMS’99 Workshop Heidelberg, May 1999 P805: Internet Roaming Giuseppe Sisto - Telecom Italia / CSELT Project participants:

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.

EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.

D1 - 25/10/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

D1 - 27/10/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Doc.: IEEE /1867r1 Submission November r Security TeamSlide 1 TGr Security Requirements Notice: This document has been prepared to.

Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006.

EAP-PSK v8 IETF 63 – Paris, France August EAP-PSK: an independent submission to IESG Requested EAP method type number allocation Reviewed June 2005.

Doc.: IEEE /1062r0 Submission September 2004 F. Bersani, France Telecom R&DSlide 1 Dominos, bonds and watches: discussion of some security requirements.

Doc.: IEEE /209r0 Submission 1 March GPP SA2Slide 1 3GPP System – WLAN Interworking Principles and Status From 3GPP SA2 Presented.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Sec Title: Considerations on use of TLS for MIH protection Date Submitted: January 14, 2010.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K IEEE Symposium on Security and.

IEEE MEDIA INDEPENDENT HANDOVER Title: Use Cases, Security Study Group Date Submitted: Nov 13 th, 2007 Presented at: IEEE Security SG Authors.

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

CSE 8343 State Machines for Extensible Authentication Protocol Peer and Authenticator.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Security Problems related to Transition Date Submitted: January.

Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.

Fixed Mobile Convergence Product is Registered Intellectual Property Rights of Coral Telecom Limited.

Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.

D1 - 27/06/2016 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

Port Based Network Access Control

Security of a Local Area Network

– Chapter 5 (B) – Using IEEE 802.1x

Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008

SECURING WIRELESS LANS WITH CERTIFICATE SERVICES

IEEE MEDIA INDEPENDENT HANDOVER DCN:

MAC Address Hijacking Problem

IEEE MEDIA INDEPENDENT HANDOVER DCN:

IEEE MEDIA INDEPENDENT HANDOVER DCN: sec

IEEE MEDIA INDEPENDENT HANDOVER

IEEE MEDIA INDEPENDENT HANDOVER

IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx

IEEE P Wireless RANs Date:

IEEE MEDIA INDEPENDENT HANDOVER DCN: sec

IEEE MEDIA INDEPENDENT HANDOVER

IEEE MEDIA INDEPENDENT HANDOVER

Presentation transcript:

D1 - 29/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies his or her acknowledgement of the confidential nature of its contents and his or her obligation not to reproduce, transmit to a third party, disclose or use for commercial purposes any of its contents whatsoever without France Telecom’s prior written agreement. France Telecom Research & Development Network Access Control Schemes Vulnerable to Covert Channels 11/03/2004 Florent Bersani & Anne-Sophie Duserre

Distribution of this document is subject to France Telecom’s authorization D2 - 29/06/2015 France Telecom Research & Development Agenda  Context  Network Access Control ?  Covert channels ?  Examples  In mobile phone networks : DECT, GSM  In IEEE WLANs  Discussion  Impact  Solutions

Distribution of this document is subject to France Telecom’s authorization D3 - 29/06/2015 France Telecom Research & Development Agenda  Context  Network Access Control ?  Covert channels ?  Examples  In mobile phone networks : DECT, GSM  In IEEE WLANs  Discussion  Impact  Solutions

Distribution of this document is subject to France Telecom’s authorization D4 - 29/06/2015 France Telecom Research & Development NAC: the first line of defense  Network access control is about :  Securely verifying the identity of a device/user that wants to connect to a network  Checking if this device/user is indeed authorized to do so  Robust network access control is the key:  To properly defined security zones  To financial valuation of network access

Distribution of this document is subject to France Telecom’s authorization D5 - 29/06/2015 France Telecom Research & Development NAC in a roaming situation

Distribution of this document is subject to France Telecom’s authorization D6 - 29/06/2015 France Telecom Research & Development Covert channels: abusing protocols  A communication channel is covert if it is neither designed nor intended to transfer information at all. [Lampson73]  For network protocols, a covert channel is rather a communication channel that is abused to unnoticeably transfer unexpected data.  These channels provide venues to circumvent the policy

Distribution of this document is subject to France Telecom’s authorization D7 - 29/06/2015 France Telecom Research & Development Agenda  Context  Network Access Control ?  Covert channels ?  Examples  In mobile phone networks : DECT, GSM  In IEEE WLANs  Discussion  Impact  Solutions

Distribution of this document is subject to France Telecom’s authorization D8 - 29/06/2015 France Telecom Research & Development DECT 1 Portable Part DECT Fixed Part Inter- Working Unit Local and/or Public Phone Network DECT Common Interface

Distribution of this document is subject to France Telecom’s authorization D9 - 29/06/2015 France Telecom Research & Development DECT NAC in roaming scenarios K S =PRF(K,R S ) & RES1=PRF'(K S,RAND_F)

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development GSM BTS MS BSC BTS VLRHLR AuC MSC Transport Network

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development GSM NAC in roaming situations K C =PRF(K I,RAND) & SRES1=PRF'(K I,RAND)

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development WLAN 2 PeerPass-through AuthenticatorAuthentication Server EAP Peer 1 Proxy RADIUS Server Home RADIUS Server Wireless Access Point

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development WLAN NAC in roaming situations (1/2)

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development WLAN NAC in roaming situations (2/2)  EAP [RFC 3748] may transport EAP methods that are opaque to the Visited AS, e.g. PEAP or EAP- PSK  A rogue Home AS may use this communication channel that it is granted with its user for other purposes than authentication!

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development Agenda  Context  Network Access Control ?  Covert channels ?  Examples  In mobile phone networks : DECT, GSM  In IEEE WLANs  Discussion  Impact  Solutions

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development Impact  What the impact of the covert channel ?  Feasibility  Attraction  Detectability  The covert channel we present should be taken into account  When signing roaming agreements –pricing of the authentication traffic –choice of appropriate EAP methods  When designing a threat model for WLANs

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development Solutions  Revert to another NAC schemes  Cryptography has long recognized that multi-party protocols warrant specific research  A thorough threat model should be determined  A relevant protocol should then be selected  Tweak the standards (Design EAP methods that may be split between the visited AS and the home AS)  Decrease the potential attraction of this channel  Make the channel uninteresting for non-authentication traffic  Monitor for this channel  Monitor the statistics of EAP dialogs

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development Questions & Comments

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development Questions & Comments

Distribution of this document is subject to France Telecom’s authorization D /06/2015 France Telecom Research & Development References  [Lampson73] B. W. Lampson, "A Note on the Confinement Problem," Communications of the ACM, 16:10, pp , October  [RFC 3748] B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, and H. Levkowetz, Extensible Authentication Protocol (EAP), June 2004, RFC 3748