1. IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-0000-00-0000
Title: Secure Datastore Architecture Concepts
Date Submitted: March, 2009
Submitted at IEEE session #31 in Vancouver
Authors or Source(s):
Richard Paine (Self)
Abstract: The FCC Whitespace datastore concepts require a secure datastore and illustrate the need for an IEEE 802 end-to-end security conceptual viewpoint. This is one viewpoint of that requirement.

2. IEEE 802.21 presentation release statements
This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE
The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual < and in Understanding Patent Issues During IEEE Standards Development
IEEE presentation release statements
This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE
The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws < and in Understanding Patent Issues During IEEE Standards Development

3. Project
IEEE 802 Executive Committee Study Group on TV White Spaces – Secure Datastore /End-to-End Security Architecture Concepts
Title
ECSG WS Study Group
Date Submitted
Source(s)
Contributor: Richard Paine, Affiliation Self Voice: ,
Abstract
IEEE 802 ECSG on White Space slide deck to capture 802 and TVWS USE CASE Security Issues
Purpose
To provide input to the ECSG and others on possible use cases that will help clarify how the TVWS spectrum might be secured and how these uses might possibly be addressed by IEEE 802 work.
Release
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.
Patent Policy and Procedures
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
< and <
Further information is located at < and <

4. 802 End-to-End Security

5. OSI-TCP/IP Stack Comparison

6. Platform and Security Layers
Application-Secured Payload
SSL, TLS, etc.
Platform and Security Layers
IPSec, HIP, etc.
Application
Application
OS-Session
OS-Session
OS-Internetworking
OS-Internetworking
Media
Physical
Medium
Media
Modem
Modem
802.1x, etc.
802.1x, etc.
Each platform abstraction layer supports its own communications security
Note: Media security is generally platform-to-network, not platform-to-platform
Implementation of each platform abstraction should be secured
Certification of regulatory/standards compliance
Real-time attestation of implementation (“tamper-proof”)
Ability to secure sensitive data
This is not shown, but implied

7. Discontinuity between IEEE 802 and IETF
IPSec, HIP, etc.
OS-Internetworking
OS-Internetworking
802 Interface to the “Outside World”
Media
Physical
Medium
Media
Modem
Modem
802.1x, etc.
802.1x, etc.

8. End Device Stack Physical Medium Network Equipment Data Link 802 MAC
802 IF
To Upper
Layers
802 MAC
802 PHY
802 IF
To Network
Device
Layers
Physical Medium

9. Lightweight Host Identity Protocol Example
Gurtov; Host Identity Protocol (HIP); Wiley, 2008; pg 131.
TCP/UDP
TCP/UDP
Unauthenticated Control Messages
HIP
HIP
Authenticated Control Messages
Authentication Interaction
IPSEC
IPSEC
Authentication Layer
Authentication Layer IP IP
ESP Payload: not encrypted, not authenticated

10. The End-to-End LHIP Security Stack
Secure Network Equipment
Secure Network Equipment
IF To Upper
Layers
IF To Upper
Layers
Physical Medium

11. The End-to-End HIP/SMA Security Stack
IETF’s Secure
DataStore and
Schema (MAP)
FCC WS
DB and Schema
Adding HIP, TNC, and the FCC WS Work
Secure Network Equipment
Data Link
SMA PKI Datastore
People/Machines
802 IF
To Upper
Layers
802 MAC
SMA Secure
DataStore
And Schema
IF To Upper
Layers
802 PHY
802 IF
To Device
Layers
TNC Secure
DataStore and
Schema
Physical Medium

12. 802 Interface to the “Outside World”
Application-Secured Payload
SSL, TLS, etc.
Summary Data
TOG’s SMA Secure Datastore and Schema
TOG’s SMA Secure Datastore and Schema
IPSec, HIP, SMA, etc.
IETF’s Secure
DataStore and
Schema (MAP)
IETF’s Secure
DataStore and
Schema (MAP)
Application
Application
OS-Session
OS-Session
OS-Internetworking
SMA PKI Datastore
People/Machines
SMA PKI Datastore
People/Machines
OS-Internetworking
802 Interface to the “Outside World”
Media
Physical
Medium
Media
Modem
Modem
802.1x, etc.
802.1x, etc.
TCG’s TNC Secure
DataStore and
Schema (IF-MAP)
TCG’s TNC Secure
DataStore and
Schema (IF-MAP)
FCC Secure
WS DataStore
FCC Secure
WS DataStore

13. Ideal End-to-End Security
Trusted
Policy
Engine
Trusted
Policy
Engine
IETF/TCG/TOG/IEEE Secure
DataStore and
Schema (MAP)
IETF/TCG/TOG/IEEE Secure
DataStore and
Schema (MAP)
App.-Secured Payload
Application
Application
SSL, TLS, etc.
OS-Session
OS-Session
IPSec, HIP, SMA, etc.
OS-Internetworking
OS-Internetworking
IP Infrastructure
Media
Media
Modem
Modem
Trusted component used to verify compliance and prevent policy violation

14. Secure Datastore Commonalities
Datastores/Schema all have similarities (FCC, SMA, LHIP, & TNC)
Location information and measurement
Geolocation, sensor measurements
Host information:
Identity, name, address, etc.
Network IDs:
MAC, IP address, etc.
Local policy databases
Spectrum policy information
Security policies database
Co-existence policies
Remote database information
DNS, Spectrum Servers, Certificate Authorities, Sensitive SW Sources (e.g. McAfee), etc.
Trust certificates
Identities of trusted third party connections
IF should/could be standardized

15. Interfaces Need to be Defined
802.11k SME MIB “Zero Config”-like Access
Object IDs for the MIB Entries
SME MIB Clients
MIB Clients
MIB Clients
SMA Interface [SLDAP (Secure Lightweight Directory Access Protocol)]
DNS
TCG’s TNC [IF-MAP (InterFace-Metadata Access Point)]
FCC WS – interface undefined, but required fields similar

16. End-to-End Projects Identified
Joint IEEE-IETF Task Force on end-to-end security protocols and definitions
Passing of SMA/cryptographic identity/security information from PHY to upper layers (schema?)
IEEE/ project for security handoff between disparate systems (schema?)
Joint IEEE-TCG Task Force on device security at lower layers
Attesting to lower layers
Compliance with regulatory/standards policies, e.g. FCC White Spaces regulations
Interface definitions for all interfaces in 802

17. SMA Datastore [Secure LDAP (SLDAP)] DNS Resource Records (Not Secure)
Resolutions?
HIP
SMA Datastore [Secure LDAP (SLDAP)]
DNS Resource Records (Not Secure)
TCG’s TNC Datastore Access (SLDAP?)
All schema (should be common)