Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt.

Published byAubrey Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt."— Presentation transcript:

1 Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt hassnaa.moustafa@orange-ftgroup.com Hannes.Tschofenig@siemens.com stefann.de_cnodder@alcatel.be

2 Objective Investigating security threats that all ANCP nodes could encounter and developing a threat model at the ANCP level. Accordingly, security requirements for the ANCP are defined. Out of scope: –Security policy negotiation, including authentication and authorization to define per-subscriber policy at the AAA/policy server

3 System Overview and Threat Model +--------+ | AAA | | Server | +--------+ | +-----+ +-----+ +--------+ +-----+ +----------+ | CPE |---| HGW |---| | | | | | +-----+ +-----+ | Access | | | | Internet | | Node |-----------------| NAS |---| | +-----+ +-----+ | (AN) | | | | | | CPE |---| HGW |---| | | | | | +-----+ +-----+ +--------+ +-----+ +----------+ On-Path Attackers (active or passive) Off-Path Attackers (active or passive) Attackers can be either on-path or off-path : active or passive Threat Model: –Off-path adversary at the CPE or HGW –Off-path adversary on the Internet or a Regional Network –On-path adversary at the network elements between the AN and the NAS –Adversary taking control over the NAS –Adversary taking control over the AN

4 Attackers Objectives and Potential Attacks Attackers Objectives: –Attacking an individual entity Disrupt customer's communication Gain profit for the attacker –Attacking a portion of the access network Disrupt the network services Destruct the network functioning Intercepting subscribers-related data Potential Attacks: –Message Modification –Signaling Replay –Denial of Service –Traffic Analysis –Downgrading Attack –Man-in-the-Middle Attack –Network Snooping

5 Attacks Against Use Case 1: Dynamic Access Loop Attributes On-path attacks between the AN and the NAS during the Access Loop attributes transfer –Passive, learning the attributes Capturing information on clients' connection state Traffic analysis –Active, acting on the transferred attributes Man-in-the-middle attack causing faked attributes Messages' modification DoS: signaling replay Off-path attacks on the Internet affecting the Access Loop attributes sharing between the NAS and the policy server –Passive, gaining information of the Access Loop attributes shared with the policy server Eavesdropping Traffic Analysis –Active DoS on the communication links to the policy server Man-in-the-middle causing Access Loop configuration data retrieval from the policy server by illegitimate NAS

6 Attacks Against Use Case 2: Access Loop Configuration On-path Active Attacks –Downgrading attack during Access Loop configuration updates –DoS attack through replaying of the Configure Request message –Damaging clients' profile at ANs –Replaying old packets related to privileged client's profile Off-path Attacks –Passive adversary on the Internet through eavesdropping during the Access Loop configuration retrieval by the NAS from the policy server –Active adversary on the Internet threatening subscribers-related service data in the policy server

7 Attacks Against Use Case 3: Remote Connectivity Test On-path Active Attacks –Man-in-the-middle attack NAS triggering to the AN to carryout the test Subscriber Response Message transfer from the AN to the NAS Off-path Active Attacks –DoS attack, in case of ATM based Access Loop, through replaying the loopback cells generated by the AN –Message truncating leading to test failure assumption

8 Attacks Against Use Case 4: Multicast On-path Active Attacks –Signal truncating, damaging proxy functionality in the AN, aggregation node(s) or the NAS –DoS attack during the information exchange between the NAS and the AN on the subscriber's policy and the multicast traffic configuration –Man-in-the-middle attack during the multicast replication process

9 Security Requirements The protocol solution MUST offer authentication of the AN to the NAS The protocol solution MUST offer authentication of the NAS to the AN The protocol solution MUST allow authorization to take place at the NAS and at the AN The protocol solution MUST offer replay protection The protocol solution MUST provide data origin authentication The protocol solution SHOULD offer confidentiality protection The protocol solution MUST be robust against DoS attacks The protocol solution SHOULD provide mutual authentication between different communicating entities The protocol solution SHOULD distinguish the control messages from the data The protocol solution SHOULD provide privacy protection

10 Next Step Soliciting comments Progress the draft as a separate draft complementing the framework draft

Download ppt "Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt."

Similar presentations

Security Issues In Mobile IP

Security Issues In Mobile IP
IP security over ATM CS 329 Hwajung Lee Computer and Communications Security The George Washington University.

IP security over ATM CS 329 Hwajung Lee Computer and Communications Security The George Washington University.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT 1 1 1 0 11 0.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS 689 (Research Methods) Security in Asynchronous Transfer Mode(ATM) By SOBHA SIRIPURAPU.

CS 689 (Research Methods) Security in Asynchronous Transfer Mode(ATM) By SOBHA SIRIPURAPU.
IETF72 ANCP WG1 ANCP Applicability to PON draft-bitar-wadhwa-ancp-pon-00.txt Nabil Bitar, Verizon Sanjay Wadhwa, Juniper Networks.

IETF72 ANCP WG1 ANCP Applicability to PON draft-bitar-wadhwa-ancp-pon-00.txt Nabil Bitar, Verizon Sanjay Wadhwa, Juniper Networks.
IETF74 ANCP WG1 ANCP Applicability to PON draft-bitar-wadhwa-ancp-pon-01.txt Update on Differences from DSL Nabil Bitar, Verizon Sanjay Wadhwa, Juniper.

IETF74 ANCP WG1 ANCP Applicability to PON draft-bitar-wadhwa-ancp-pon-01.txt Update on Differences from DSL Nabil Bitar, Verizon Sanjay Wadhwa, Juniper.

Similar presentations

Ads by Google