Security WG: Report of the Fall 2004 Meeting November 19, 2004 Howard Weiss
Meeting Agenda 16 Nov 2004 : Welcome, opening remarks, logistics, agenda bashing : Review results of Spring 2004 SecWG meeting in Montreal (Spring 2004 SecWG Report)(Spring 2004 SecWG Report) : Security Architecture Document Discussions : coffee break : Security Architecture Document Discussions, cont : Lunch : Revised Security Green Book review/discussions : coffee break : Threat Document review/discussions 17 Nov 2004 : New business Review of mandatory security section in CCSDS documents (SLE documents) (SLE Security Section)SLE Security Section Crypto standard Integrity Standard Authentication Standard Key Management Future Documents (e.g., Threat Guide, Mission Planning Guide, Security Framework)
Executive Summary Attendees from CNES, BNSC, NASA/GSFC, DLR, ESA (ESTEC), NASA/JPL Discussed and revised the SecWG documents in process: Security Architecture Threat Revised Green Book Discussed the success and first use of the “mandatory security section” for CCSDS documents Discussed the Montreal proposals for CCSDS standards for: Encryption Authentication/integrity Key Management
Summary of Goals and Deliverables 1. Complete the final revisions to the Security Green Book and submit to CESG for approval. 2. Revise the Security Architecture document. 3. Complete the final revisions of the Threat Document and submit to the CESG for approval. 4. Propose a CCSDS encryption standard. 5. Propose a CCSDS authentication standard. 6. Think about proposals for a CCSDS key management standard. 7. Work with other WGs with respect to security.
Progress Achieved Agreed on a common set of example mission classes to be used across all SecWG documents. Agreed upon changes to the Security Architecture document. Reviewed comments from MOIMS and ESTEC on the Threat Dcoument Agreed to incorporation of revisions and submission to CESG upon revision completion. Reviewed the use of the mandatory security section by the SLE Red Books Reviewed the low level security standards proposed at Montreal : Encryption AES-128 Authentication/Integrity Digital Signature Standard (DSS) National sensitivities to the use of these standards does not appear to be a problem However, it was decided that we should not simply write a book defining a CCSDS standard based on an existing standards without first profiling the standard for use within the space community, implementing it, and testing it. Agreed to further study key management Met with SLS at SLS plenary Provided overview of current and future SecWG activities SLS wants more attention paid to physical layer security (e.g., spread spectrum, frequency hopping, etc) but needs requirements.
Near-Term Schedule DeliverableMilestoneDate Green Book revisions Comments received from MOIMS and ESTEC Publish a revised book for CCSDS approval Nlt 01/05 CCSDS Security Architecture (3nd Draft) Publish a draft document (White Book) Red Book-1 Red Book-2 Blue Book-1 Nlt 02/05 05/05 09/05 12/05 Revise Security Threat Document Revise with WG comments from meeting Nlt 02/05
Schedule (cont) Encryption ProposalWrite up proposal for CCSDS encryption standard based on AES-128 with initial space profile 05/05 Authentication/Integrity Proposal Write up proposal for CCSDS authentication/inte grity standard based on the Digital Signature Standard with initial space profile 07/05
Open Issues Key management proposal Policy framework E.g., NIST document could be leveraged but will take resources to adapt for CCSDS. Resources not available at present. Ground systems Security for the ground system Interconnection/policy for cross support across ground systems Future documents – resources to tackle them Common Criteria Protection Profiles Security Handbook for Mission Planners
Action Items Update Security Architecture based on WG comments (Kenny) Revise and submit Security Green Book to CESG (Weiss) Provide a paragraph for the Security Green Book annex on the use of 3DES in ATV (Aguilar) Revise, distribute to WG, and submit to CESG the revised Threat Document (check “manned space” security mechanisms wrt ISS) (Weiss) Prepare key management white book proposal (Kenny) Public key techniques Identity-based techniques Key update techniques Ensure continued interaction with DTN program (Weiss) Search for existing documents (e.g., NIST) as a starting point for an Information Security Mission Planning Guide (Sigman, Weiss) Search for existing samples of connection agreements within respective Agencies for beginnings of Security Policy Framework document (Weiss, Sigman, Aguilar) Write proposal to CESG for “proper” resources for development of encryption and authentication standards.
Resource Problems Resources are adequate to perform the initial tasks. It has not yet been determined if resources are adequate to accomplish all the work currently on the schedule. However, ESA has provided representation from ESTEC and has stated that they will add another person from ESOC! But the question will be, what percentage of time will be provided? Currently, many SecWG members have only very small fractions of their time dedicated to CCSDS.
Risk Management Update It is still unclear if enough resources are available from the Agencies to perform the necessary jobs but things are looking much brighter now than in the past. But…
Cross Area WG / BOF Issues Security is a cross-cutting discipline that needs to be included in many other Areas and WGs. In the plenary, we asked that the CESG be alerted that other Areas and WG should request support from the Security WG (in addition to the SecWG being proactive). We believe that the mandatory security section in documents will force the other Areas and WG to seek out help! Met with SLS on security SLS concerned with physical layer security What are the requirements? Realizes that SecWG does not have physical layer expertise Also concerned with security interoperability requirements Do we have any interoperability requirements? SLS wants to continue to have joint meetings with SecWG
Resolutions to be Sent to CESG and Then to CMC This resolution was proposed in Montreal – but no feedback. This should be amended per the discussions in Toulouse to ensure that not only a profile is written, but that it is implemented and tested within a space environment before being sent through the CCSDS standards track: Resolution to the CESG to have the SecWG create a CCSDS security recommendations blue book, with the first standards being: Proposal for a profile for an encryption standard based on FIPS 197 specification of AES-128 Proposal for a profile for an authentication/integrity standard based on FIPS specification of the Digital Signature Standard.
New Working Items, New BOFs, etc. Encryption recommendation. Authentication recommendation. Key Management recommendation.