Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson

Published byMarcus Fletcher Modified over 6 years ago

Similar presentations

Presentation on theme: "Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson"— Presentation transcript:

1 Mobile Trust Negotiation Authentication and Authorization in Dynamic Mobile Networks
Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson Internet Security Research Lab Brigham Young University Say who I am joint work with colleaues in the ISRL base on what has happened previously Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security 15-18 September 2004

2 Outline Motivation Trust Negotiation Surrogate Trust Negotiation
How to adapt trust negotiation for mobile devices Conclusions Future Work

3 Motivation Mobile devices often operate outside their trusted domain
Have a greater need to determine whether a stranger can be trusted Identity is often irrelevant to the access control decision Access control attributes: citizenship, clearance, job classification, group memberships, licenses, role within an organization, etc.

4 Trust Negotiation Provides authentication based on attributes rather than identity Establishes trust through the gradual and iterative exchange of credentials. Exchange is governed by access control policies Ideal for open systems Participants are not in the same security domain The credential is not released until the policy protecting it is satisfied.

5 Trust Negotiation Example
Fire Chief Fred the Fire Chief 1 City of “Far Away” Server Info 2 Step 1: Fred requests information from Server Step 2: Server returns access control policy for the info 2 Step 3: Fred discloses his access control policy 1 Be more direct about satisfaction of the policy Participants don’t know about Unique thing of policies, don’t know policies in advance Use Fred in the Network Messages – Check  Do a TN example that has to do with the mobile environment Disaster Scenario Fire or Paramedic They have a PDA and need information Fire Chief. Needs a schematic of the building that is on fire, or other information about building such as hazardous materials inside. Fire Chief contacts server (other fire chiefs laptop in the command vehicle or the city server) and requests the information Step 4: Server discloses his Server credential Step 5: Fred discloses his Fire Chief credential Fire Chief Step 6: Server grants access to the information Info

6 Security for Sensitive Credentials
Trust Agent Intelligent, autonomous software module Performs trust negotiation on behalf of the user Protects and manages credentials, policies, and private keys during the negotiation Local – resides on the user’s device Remote – resides on another device Secure Repository Architechure Components of TN architechure Think about title

7 Mobile Environment Hazards to mobile devices Theft
Accidental destruction Changes in the communication topology Limited computational resources where does this go? new hazards to what? work on transition

8 Secure Repository Stores sensitive information when not in use by the trust agent Types of repositories Local Remote

9 Local Repository Travels with the user Types Within device
PKCS#12 Java KeyStore An attached secure module Sony Memory Stick Smart Card

10 Local Repository Advantages Disadvantages Always available Fast access
Replication and synchronization Loss of device = Loss of repository

11 Remote Repository Does not travel with the user Types*
Virtual smart card NSD Security’s Practical PKI Virtual soft token Securely Available Credentials (SACRED) Forgot to mention SACRED *Sandu et al., PKI Research Workshop 2002

12 Remote Repository Advantages Disadvantages
Can be available even if user doesn’t have his device Loss of device ≠ Loss of repository Disadvantages Availability and accessibility Communication overhead Attractive target for attack

13 Hybrid Repository Local and remote repositories both have drawbacks
Combination of these could lead to the elimination of these disadvantages Ability to be: Fully remote Fully local (full copy still exists remotely) Mix of local and remote Work in progress Paper submitted to NDSS’05 Collaborated with NCSA to create implementation of SACRED

14 Typical Trust Negotiation
Fire Chief Fred City of “Far Away” After explanation, we are now going to view one paradigm of tn in a mobile environment Trust Agent Trust Agent Repository Repository

15 Surrogate Trust Negotiation
Agent Repository Fire Chief Fred City of “Far Away” Surrogate Trust Agents

16 Topologies Bilateral Unilateral Proxy ? Intermittent Internet Internet
Before we view the Network Messages in detail, lets look at the commmunication topologies of the mobile environment Mention how one device will be used as a proxy Internet ? Intermittent

17 Surrogate Trust Negotiation
Remote trust agent with remote repository Mobile Devices Pre-established relationship Compromised Device Trust agent, the credentials, and keys reside on a physically secure server Terminate relationship with device from the server Terms – use pictures Primary device Client Server Surrogate Trust Agents Trust Negotiation

18 Networking Messages Message phases Assume unilateral topology
Transaction request Authorization Trust Negotiation Setup Trust Negotiation Trust Negotiation Response Transaction Assume unilateral topology Going to show unilateral topology, bilateral is a natural extension of this format as well as possible to be able to be done in this format.

19 Networking Messages Phase: Transaction Request Transaction Request
Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Transaction Request Focus on why, leave messages from paper

20 Networking Messages Phase: Authorization: Trust Negotiation Setup
Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Trust Negotiation Request Infrastructure Negotiation Trust_Negotiation_TicketC,CA Trust_Negotiation_TicketS,SA Our implementation uses a Shared symmetric key Infrastructure Negotiation explanation Trust_Negotiation_TicketC,CA

21 City of “Far Away” Server
Network Messages Phase: Authorization: Trust Negotiation Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Info City of “Far Away” Server Fred the Fire Chief Session_Parameters

22 Network Messages Phase: Authorization: Trust Negotiation Response
Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Transaction_TicketCA,C Transaction_TicketSA,S Transaction_TicketCA,C

23 Session Initialization
Network Messages Phase: Transaction Far Away’s Agent City of “Far Away” Server Fred’s Fire Chief Fred Session Initialization Transaction

24 Security Provisions Goals Integrity Authenticity Confidentiality
Termination doesn’t affect other relationships with other devices can re-initialize the relationship if device is recovered.

25 Security Provisions Cryptographic Tickets An encrypted container
Use pre-established relationship between device and trust agent to encrypt Trust_Negotiation_Ticket Instructions from the device to the trust agent Transaction_Ticket Results of the negotiation from the trust agent to the device

26 Security Provisions Secure End-to-End Protocol
After trust is established session keys are created Write key MAC key Each side uses a unique key to encrypt messages and a different unique key to encrypt a message verification. Any protocol IPSec’s Encapsulating Security Payload (ESP) Specific examples

27 Implementation Primary Devices Trust Agents Two WiFi-enabled iPAQs
STN Mobile Module TCP sockets over b Trust Agents Two Pentium 4 desktops TrustBuilder SOAP RPC

28 Conclusions First look at trust negotiation in the mobile environment
Examined the responsibilities of repositories and trust agents in the mobile environment Presented surrogate trust negotiation Makes trust negotiation accessible to mobile devices of limited resources Shifts the resource-intensive task of authentication to a remote agent Added privacy and security to mobile devices First look at TN in the Mobile environment Added privacy and security to the mobile devices Reinforce the contributions

29 Future Work STN only works in bilateral and unilateral topologies
Intermittent topology System in which the user can choose how and where the trust agent and repository will exist Hybrid repository Trust agent capable of mixed degrees of locality and remoteness

30 Further Information BYU Internet Security Research Lab
Master’s Thesis by Tore Sundelin

Download ppt "Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson"

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.

POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.

Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.
Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.

Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Adaptive Trust Negotiation and Access Control Tatyana Ryutov, et.al. Presented by: Carlos Caicedo.

Adaptive Trust Negotiation and Access Control Tatyana Ryutov, et.al. Presented by: Carlos Caicedo.
Crossing firewalls Liane Tarouco Leandro Bertholdo RNP POP/RS.

Crossing firewalls Liane Tarouco Leandro Bertholdo RNP POP/RS.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.

Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Shambhu Upadhyaya 1 802.11 Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Similar presentations

Ads by Google