Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security.

Slides:

Advertisements

Similar presentations

Mobile IP How Mobile IP Works? Agenda What problems does Mobile IP solve? Mobile IP: protocol overview Scope Requirements Design goals.

Advertisements

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

Privacy Terminology draft-hansen-privacy-terminology-03.txt Hannes Tschofenig.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Security+ Guide to Network Security Fundamentals

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

ICT in Politics and Public Administration. Some basic concepts Politics Democracy Public administration & management Public policy.

Providing Anonymity Services in SIP L. Kazatzopoulos, K. Delakouridis, G.F. Marias PIMRC 2008 Sept. 15,

1 Pertemuan 10 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.

Chapter 10: Authentication Guide to Computer Network Security.

Project Overview Flying Freedom Per Heselius & Martin Hedenfalk.

Privacy in P2P based Data Sharing Muhammad Nazmus Sakib CSCE 824 April 17, 2013.

The need for further standards and technical developments Brian Moore ITU-T Study Group 13 Chairman Lucent Technologies.

Tracking and Tracing Cyber-Attacks

Cryptography and Network Security

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Demonstration of the Software Prototypes PRIME PROJECT 17 December 2004.

Architecting for Innovation ACM SIGCOMM Computer Communication Review 2011 July Presenter ：許耀中

Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

CPT 123 Internet Skills Class Notes Internet Security Session A.

Denial-of-Service Flooding Detection in Anonymity Networks Computer Networks & Communications Group Institute for IT-Security and Security Law University.

Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.

Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Cryptography and Network Security (CS435) Part One (Introduction)

Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006.

Denial-of-Service, Address Ownership,and,Early Authentication in IPv6 World (An Approach) Aditya Vutukuri From article by Pekka Nikander Ericsson Research.

Module 5: Designing Security for Internal Networks.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Lecture 24 Wireless Network Security

Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

1 New Algorithms and Protocols: Development and Testing at HPGC Research Lab PATH: measures Bottleneck Bandwidth PATH: measures Bottleneck Bandwidth Testing.

Project Overview Flying Freedom Per Heselius & Martin Hedenfalk.

Strengthening Tor against Eavesdropping Correlation Attacks Robert Thomas CSCE APR 2015 Audio:

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg.

Confidentiality using Conventional Encryption Chapter 5.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

“Enterprise Network Design and Implementation for Airports” Master’s Thesis - Ashraf Ali Department of Computing and Information Sciences This project.

MOBILE IP & IP MICRO-MOBILITY SUPPORT Presented by Maheshwarnath Behary Assisted by Vishwanee Raghoonundun Koti Choudary MSc Computer Networks Middlesex.

Independent Centre for Privacy Protection Schleswig-Holstein

Anonymous Communication

Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity and Identity Management – A Consolidated Proposal for Terminology Authors: Andreas.

Anonymous Communication

Anonymous Communication

Presentation transcript:

Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security Evaluation Criteria) –Defence IP Network Security

General Mobile Network in Kista –Location Privacy Overview of previous work in the Privacy area Freedom System extensions for mobile users

What is Security? If you do not have a (stated) goal, it is not possible to know when you have arrived –Winnie the Puh Security is about the ability to counter identified attacks –Attack agent(s) –Assets (to be protected) System Services System Resources and Information Objects

Basic Privacy Terms Anonymity –that a user may use a resource or service without disclosing the user´s identity. The requirements for Anonymity provide protection of the user identity. Pseudonymity –ensures that a user may use a resource or service without disclosing its user identity, but still be accountable for that use.

Basic Privacy Terms (2) Unlinkability –ensures that a user may make multiple uses of resources or services without others being able to link these uses together. Unobservability –ensures that a user may use a resource or service without others, especially third parties, being able to observe that the resource or service is being used.

Basic assumptions Any [wireless] component must have an ID –Authentication is often necessary End-to-end security solutions is advisable, but... Traffic analysis security is hard to achieve –variable routing –onion routing –dummy traffic –mixing (repackaging)

Practical aspects Implementation problems –performance –availability (of Freedom routers) –knowledge about Freedom routers Wireless in practise –Some competent actors may apply special measures –The broad user community will stick with what´s delivered easily managed

Practical aspects (2) Political –Some years ago; crypto debate –Now concern about traffic analysis Downside –Internet Tradition of Implicit Trust –Internet abuse Host attacks DNS attacks Routing protocol attack (soon)

Practical aspects (3) Gibson Research Corporation in May –Several DDOS attack waves 474 PCs in DDOS attack generating packets (fragments) in 4 days Demands for Authenticated IP (IP-AH) –Trust Management a problem Certificate Management May stimulate further work on Privacy Enhancing Protocols (PET)

Practical aspects (4) Further work should include –strict definition of security goals –attack analysis –how make the existence of Freedom Networks more invisible Actually, also big organisations, like defence, is looking at similar techniques for countering traffic analysis

Questions DOS attacks against Freedom Networks Common Criteria Definitions Good Enough? Modelling the extent of the attacker´s knowledge necessary for different types of attacks? Business Model; who is going to pay and why?