Download presentation
Presentation is loading. Please wait.
Published byAudra Holt Modified over 9 years ago
1
Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security Evaluation Criteria) –Defence IP Network Security
2
General Mobile Network in Kista –Location Privacy Overview of previous work in the Privacy area Freedom System extensions for mobile users
3
What is Security? If you do not have a (stated) goal, it is not possible to know when you have arrived –Winnie the Puh Security is about the ability to counter identified attacks –Attack agent(s) –Assets (to be protected) System Services System Resources and Information Objects
4
Basic Privacy Terms Anonymity –that a user may use a resource or service without disclosing the user´s identity. The requirements for Anonymity provide protection of the user identity. Pseudonymity –ensures that a user may use a resource or service without disclosing its user identity, but still be accountable for that use.
5
Basic Privacy Terms (2) Unlinkability –ensures that a user may make multiple uses of resources or services without others being able to link these uses together. Unobservability –ensures that a user may use a resource or service without others, especially third parties, being able to observe that the resource or service is being used.
6
Basic assumptions Any [wireless] component must have an ID –Authentication is often necessary End-to-end security solutions is advisable, but... Traffic analysis security is hard to achieve –variable routing –onion routing –dummy traffic –mixing (repackaging)
7
Practical aspects Implementation problems –performance –availability (of Freedom routers) –knowledge about Freedom routers Wireless in practise –Some competent actors may apply special measures –The broad user community will stick with what´s delivered easily managed
8
Practical aspects (2) Political –Some years ago; crypto debate –Now concern about traffic analysis Downside –Internet Tradition of Implicit Trust –Internet abuse Host attacks DNS attacks Routing protocol attack (soon)
9
Practical aspects (3) Gibson Research Corporation in May –Several DDOS attack waves 474 PCs in DDOS attack generating 2.399.237.016 packets (fragments) in 4 days Demands for Authenticated IP (IP-AH) –Trust Management a problem Certificate Management May stimulate further work on Privacy Enhancing Protocols (PET)
10
Practical aspects (4) Further work should include –strict definition of security goals –attack analysis –how make the existence of Freedom Networks more invisible Actually, also big organisations, like defence, is looking at similar techniques for countering traffic analysis
11
Questions DOS attacks against Freedom Networks Common Criteria Definitions Good Enough? Modelling the extent of the attacker´s knowledge necessary for different types of attacks? Business Model; who is going to pay and why?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.