Presentation is loading. Please wait.

Presentation is loading. Please wait.

Update on Security Analysis for Location Phil Hawkes

Published byWilliam O’Connor’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Update on Security Analysis for Location Phil Hawkes"— Presentation transcript:

1 Update on Security Analysis for Location Phil Hawkes phawkes@qualcomm.com

2 Goal: Specify Security mechanisms Identify threats (bad outcomes) Determine high-risk attacks......these will dictate countermeasure requirements...... Which will in turn dictate security measures for X.P0024

3 Questions What are the threats? –TSG-S WG4 can answer this! What are the high-risk attacks? –Consideration of threats by Operators

4 A Tale of Two Analyses Haphazard analysis –Brainstormed attacks –Found some good attacks Rigorous analysis –Haphazard wasn’t sure to cover all the holes –Difficult to describe the security problems –Had to develop formal method (taken time) –WE WANT TO DO THIS PROPERLY

5 Call flows define acceptable system paths 1.Call flows require Interactions 2.Interactions require delegating capabilities –Delegating capabilities allows acceptable system paths 3.Delegating capabilities also allows unacceptable system paths –Threats = unacceptable system paths –Attacks: how you get system onto these paths 4.Attacks dictate countermeasure requirements

6 Where are we with LOC Analysis is not yet complete –Have not done “formal analysis” of Periodic request modes –Single request modes almost complete –Analysis gives QC perspective only Going Forward –“Formal analysis” of Periodic request modes –Review by other companies –Consideration by LOC

7 What does the analysis seem to be saying? Any message without –Authentication Replay protection Integrity protection –Authorization –Encryption –Closing session... can be a point of attack. Each communication session with MS should involve fresh keys generated in UIM (like AKA).

Download ppt "Update on Security Analysis for Location Phil Hawkes"

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

0 McLean, VA August 8, 2006 SOA, Semantics and Security.
© 2006 NEC Corporation - Confidential age 1 November 2008 - 1 SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.

© 2006 NEC Corporation - Confidential age 1 November SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
NORM PI Update draft-ietf-rmt-pi-norm-revised-04 68th IETF - Prague Brian Adamson NRL.

NORM PI Update draft-ietf-rmt-pi-norm-revised-04 68th IETF - Prague Brian Adamson NRL.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Analysis of Direct Anonymous Attestation (DAA) Sudip Regmi Ilya Pirkin.

Analysis of Direct Anonymous Attestation (DAA) Sudip Regmi Ilya Pirkin.
Replay protection in AKA with 2G RUIM Sarvar Patel and Zhibi Wang.

Replay protection in AKA with 2G RUIM Sarvar Patel and Zhibi Wang.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
SIP Security Matt Hsu.

SIP Security Matt Hsu.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Doc.: IEEE 802.11-12/0946r3 Submission August 2012 A proposal for next generation security in 802.11 built on changes in 802.11ac 23 August 2012 Slide.

Doc.: IEEE /0946r3 Submission August 2012 A proposal for next generation security in built on changes in ac 23 August 2012 Slide.

Similar presentations

Ads by Google