Requirements, Terminology and Framework for Exigent Communications H. Schulzrinne, S. Norreys, B. Rosen, H. Tschofenig.

Slides:

Advertisements

Similar presentations

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

Advertisements

Common Alerting Protocol (CAP): The Content Standard of Alerts and Notifications in Disasters and Emergencies presented by Eliot Christian, Consultant.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:

DISPATCH Call-Info purpose for TRS (draft-kyzivat-dispatch-trs-call-info-purpose-02) IETF 92, March 23, 2015 Author: Paul Kyzivat Presenting: Brian Rosen.

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.

xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: LB1c-handover-issues.ppt Title: MIH Security – What is it? Date Submitted:

Risks with IP-based Emergency Services draft-ietf-ecrit-trustworthy-location.

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: LB1c-handover-issues.ppt Title: MIH Security – What is it? Date Submitted:

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.

Week 7: Cultures in Computer- Supported Collaborative Design Dr. Xiangyu WANG September 8 th 2008.

CSE331: Introduction to Networks and Security Lecture 24 Fall 2002.

Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Integrated Public Alert and Warning System Mark Lucero, Chief Engineer IPAWS Division March 6, 2013.

Integrated Marketing Communication Strategy

Session Initiation Protocol (SIP) Event Package for the Common Alerting Protocol (CAP) B. Rosen, H. Schulzrinne, H. Tschofenig.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Customer Relationship Management (CRM)

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

Network Architecture and Protocol Concepts. Network Architectures (1) The network provides one or more communication services to applications –A service.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH Protocol Security Date Submitted: December, 2007 Presented.

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

George Heinrichs CEO SM IntelliCast Target Notification.

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

Req1 - Separability Old: –An RO scheme MUST have the ability to be bypassed by traffic types that desire to use bidirectional tunnels through an HA. New:

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

 Communication Tasks  Protocols  Protocol Architecture  Characteristics of a Protocol.

Event Management & ITIL V3

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.

(we need your advice!) Jon Peterson MIT– December 2010 IETF & Privacy.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Wireless Network Security. How Does Wireless Differ? Wireless networks are inherently insecure because data is transmitted over a very insecure medium,

ATOCA IETF 79, Beijing Martin Thomson; Scott Bradner.

U-Turn Alternates for IP/LDP Local Protection draft-atlas-ip-local-protect-uturn-00.txt Alia Atlas Gagan Choudhury

Mobile Communication MMS. Mobile Communication The MM7 interface enables interactions between Value Added Service applications and an MMSC. The technical.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Ad Hoc Network.

1 An Efficient, Low-Cost Inconsistency Detection Framework for Data and Service Sharing in an Internet-Scale System Yijun Lu †, Hong Jiang †, and Dan Feng.

Requirements For Handover Information Services MIPSHOP – IETF #65 Srinivas Sreemanthula (Ed.)

Exam 2 Review Software Engineering CS 561. Outline Requirements Development UML Class Diagrams Design Patterns Users, Usability, and User Interfaces Software.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats-01.txt Hannes Tschofenig, Henning Schulzrinne, Murugaraj.

Fall 2006CS 395: Computer Security1 Key Management.

1 STRINT IETF / W3C Security Workshop London, UK, March 2014 Juan Carlos Zuniga.

Opportunities for capacity development in EWS and issues related to warning communication dissemination Lessons learnt from R3i project Challenges – 2.

User Application Control (Keypress Events) SIPPING WG - IETF 53 Robert Fairlie-Cuninghame, Bert Culpepper, Jean-François Mulé.

ATOCA & Security Hannes Tschofenig. Two Phases 2 Subscription Alert Delivery Re-use of Common Mechanism.

A Security Framework for ROLL draft-tsao-roll-security-framework-00.txt T. Tsao R. Alexander M. Dohler V. Daza A. Lozano.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Powerpoint Templates Data Communication Muhammad Waseem Iqbal Lecture # 07 Spring-2016.

Packet Leashes: Defense Against Wormhole Attacks

Maryna Komarova (ENST)

Securing the CASP Protocol

IEEE MEDIA INDEPENDENT HANDOVER

Data-Centric Networking

Lorenzo Biasiolo 3°AI INFORMATION SECURITY.

Security Mechanisms Network Security.

Presentation transcript:

Requirements, Terminology and Framework for Exigent Communications H. Schulzrinne, S. Norreys, B. Rosen, H. Tschofenig

Exigent Communications Communication that requires immediate action or remedy. Information about the reason for action and details about the steps that have to be taken are provided in the alert message. An alert message (or warning message) is a cautionary advice about something imminent (especially imminent danger or other unpleasantness). In the context of exigent communication such an alert message refers to a future, ongoing or past event as the signaling exchange itself may relate to different stages of the lifecycle of the event. The alert message itself, and not the signaling protocol that convey it, provides sufficient context about the specific state of the lifecycle the alert message refers to.

Communication Steps 1.Explicit or implicit Subscription – Explicit subscription via – Implicit subscription by being located in a specific area. 2.Alert Delivery – Conveying alert via CAP message

++==========++ ++===========++ || Author || || Recipient || ++====++====++ ++===========++ || /\ || || \/ || | | | | / \ | | | Message Handling | | | | |Originator| System (MHS) |Receiver | | | | | | | | | | | || /\ | | || || | | \/ || | | | | | Relay +======-=>| Relay +=======>| Relay | | | | | || | | \/ | | | | | Gateway +--> | | | \ / Relationships Among Actors

Generic Requirements Req-G1: The protocol solution MUST allow delivery of messages simultaneously to a large audience. Req-G2: The protocol solution MUST be independent of the underlying link layer technology. Req-G3: The protocol solution MUST allow targeting notifications to specific individuals and to groups of individuals. Req-R4: The protocol solution MUST allow a Recipient to learn the identity of the Author of the alert message.

Requirements related to Explicit Subscriptions Req-S1: The protocol solution MUST allow a potential Recipient to indicate the language used by alert messages. Req-S2: The protocol solution MUST allow a potential Recipient to express the geographical area it wants to receive alerts about. Req-S3: The protocol solution MUST allow a potential Recipient to indicate preferences about the type of alerts it wants to receive. Req-S4: The protocol solution MUST allow a potential Recipient to express preference for certain media types. The support for different media types depends on the content of the warning message but also impacts the communication protocol. This functionality is, for example, useful for hearing and vision impaired persons.

Requirements related to Alert Delivery Req-P1: The protocol solution MUST allow delivery of alerts by utilizing the lower layer infrastructure ensuring congestion control being considered. Network layer multicast, anycast or broadcast mechanisms may be utilized. The topological network structure may be used for efficient alert distribution.

Security Originator Impersonation: An attacker could then conceivably attempt to impersonate the Originator of an alert message. This threat is particularly applicable to those deployment environments where authorization decisions are based on the identity of the Originator. Alert Message Forgery: An attacker could forge or alter an alert message in order to convey custom messages to Recipients to get their immediate attention. Replay: An attacker could obtain previously distributed alert messages and to replay them at a later time in the hope that Recipients could be tricked into believing they are fresh.

Security, cont. Unauthorized Distribution: When a Receiver receives an alert message it has to determine whether the Author distributing the alert messages is genuine to avoid accepting messages that are injected by malicious entities with the potential desire to at least get the immediate attention of the Recipient. Amplification Attack: An attacker may use the Message Handling System to inject a single alert message for distribution that may then be instantly turned into potentially millions of alert messages for distribution.