Download presentation
Presentation is loading. Please wait.
Published byHerman Pranoto Modified over 5 years ago
1
Session 5: Securing Home Networks Conclusions & Recommendations
Koji NAKAO KDDI General Manager, Information Security Department 2019/2/28
2
Presentations in Session
Securing Home Networks Tsutomu Matsumoto Standardized Firewall Management : An IPCable2Home Perspective Amol Bhagwat Home Network Device Authentication Ralph Brown Standardized Precabling, the Efficient Road to secure and reliable Home Networks Walter P. von Pattay 2019/2/28
3
Highlights from Presentation 1 “Securing Home Networks”
The allowed computational complexity or the cost for mechanisms to enhance security may be highly limited Often the appliances DO NOT have their Identifiers in digital form Key Management including Key Establishment, Key Revocation, and Key Renewal needs Innovative Technologies How to achieve acceptable Quality of Security in such a tough environment 2019/2/28
4
Highlights from Presentation 2 “Standardized Firewall Management : An IPCable2Home Perspective”
IPCable2Home requires the firewall to have SPF or ASP filtering capabilities. Is session aware, keeps track of initiated vs. response packets. Supports remote configuration by service provider as well as consumer configuration Uses standardized configuration language Need of the Management of Firewall IPCable2Home standardizes configuration and management of firewalls including in the home gateway 2019/2/28
5
Highlights from Presentation 3 “Home Network Device Authentication”
Device authentication is more than just the protocols and cryptography used in devices For device authentication to have value it must be backed by: Detailed specifications License agreements Certification processes Certification authority Certification issuance For exchanging high value content, these elements become even more important 2019/2/28
6
Highlights from Presentation 4 “Standardized Precabling, the Efficient Road to secure and reliable Home Networks” Reasons for cabling (secure, safe, reliable…) Standardization in SC25: ISO/IEC is world-widely used : Generic cabling for customer premises ISO/IEC (Cabling Infrastructure) This decreases the cost for protection against sabotage, masquerade and malfunctions. 2019/2/28
7
Overview of issues in the session(1) Threads in Home Network
External Network: The Internet Home GW Devices Users Remote Users AP Servers Sabotage Information Leakage, Masquerade, Malfunctions (worms..) DoS, DDoS 2019/2/28
8
Overview of issues in the session(2) Security Requirements
a) confidentiality: the property that information is not made available or disclosed to unauthorized individuals, entities, or processes (ISO :1988). b) integrity: the property of safeguarding the accuracy and completeness of assets. c) availability: the property of being accessible and usable upon demand by an authorized entity (ISO :1988). d) accountability: the property that ensures that the actions of an entity may be traced uniquely to the entity (ISO :1988). e) authenticity: the property that ensures that the identity of a subject or resource is the one claimed. Authenticity applies to entities such as users, processes, systems and information. f) Reliability: the property of consistent intended behavior and results. 2019/2/28
9
External Network: The Internet
Recommendations Devices Users (a)Confidentiality (b)Integrity (c)Availability (d)Authenticity (e)Reliability Remote Users External Network: The Internet Home GW (a)(c)(d) (a)(c)(d) (a)(b)(c)(d) (d) (d) 2019/2/28
10
Follow-up actions : Security Management
Identify and classify home assets; Risk analysis and assessment are required; Select suitable controls for the assets in order to reduce the risks; Implement the controls; Review and Check the controls implemented in a constant time period; If additional risks are recognized, then action against the risks should be carried out. Security Management Process : Plan-Do-Check-Act 2019/2/28
11
Conclusion: Good quality of security
Vulnerability and threads should be identified for HN Risk assessment should be carried out for HN; Study and standardize Specific Controls, such as Firewall, Intrusion Detections System (IDS), Device authentication,… Collaboration with External standardization bodies such as ISO, IETF should be strongly promoted; Good and acceptable standard should be promptly carried out; Security Management is necessary. Continuous improvement Refine & Actions Action Policy Review & Audit Plan Plan Implement & Operation Check Do 2019/2/28
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.