Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Siemens NV/SA, October 2004 Communications Network and Information Security Report ICTSB/NISSG Stefan Goeman.

Similar presentations


Presentation on theme: "© Siemens NV/SA, October 2004 Communications Network and Information Security Report ICTSB/NISSG Stefan Goeman."— Presentation transcript:

1 © Siemens NV/SA, October 2004 Communications Network and Information Security Report ICTSB/NISSG Stefan Goeman

2 © Siemens NV/SA, October 2004 Communications Background Existing NIS-Report from 2003 The new EU Report Communication form the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions: A strategy for a Secure Information Society – Dialog, partnership and empowerment A lot of new developments in Network and Information Security

3 © Siemens NV/SA, October 2004 Communications My Expertise Each member of the team has some specific expertise. In my case, this is: ICT Industry, Telecom, ISP Authentication protocols Web Service Security Identity Management E-government Belgium eID card Digital Rights Management

4 © Siemens NV/SA, October 2004 Communications ICT Industry, Telecom and ISPs Web Services Security (WS-Sec): E-buisiness environment is based on Web Services. Therefore security for web services is necessary (i.e. securing SOAP messages end-to-end) The following specifications make up WS-Sec 1.1 OASIS standard: WS-Security Core Specification 1.1 Username Token Profile 1.1 X.509 Token Profile 1.1 SAML Token Profile 1.1 Kerberos Token Profile 1.1 Rights Expression Language (REL) Token Profile 1.1 SOAP with Attachments (SWA) Profile 1.1 SOAP: SIMPLE Object Access Protocol

5 © Siemens NV/SA, October 2004 Communications ICT Industry, Telecom and ISPs IETF is an important contributor to security standardization. With respect to network security, following specifications are important, and included in the report: IPsec protocol suite: (IETF IPsec work group is concluded) RFC4301: Security architecture for the Internet Protocol. RFC4302: Authentication Header security protocol. RFC4303: Encapsulating Security Payload protocol. RFC4306: The Internet Key Exchange (IKEv2) protocol. … TLS protocol suite: RFC4346: The Transport Layer Security (TLS) Protocol Version 1.1 RFC4366: Transport Layer Security (TLS) Extensions RFC4492: ECC Cipher Suites for Transport Layer Security (TLS) RFC4279: pre-Shared Key Ciphersuites for TLS … Protocols for securing the infrastructure: DNS security, ENUM security, security of routing protocols (BGP, OSPF)

6 © Siemens NV/SA, October 2004 Communications Identity (and Privacy) Management Form an end-users point of view, identity and privacy management is (becoming) very important! Two initiatives: Industry for a, not really standardization bodies. Rely on other standards Liberty Alliance Project: Industry forum defining specifications in the area of identity management (single-sign-on, privacy management via pseudonyms, … ) and Identity based web services Based on Web Services specifications: The web services specifications are more loosely coupled, but it is possible to realize identity management based on specifications like: WS-Federation Currently not included in the report SAML: Security Assertion Markup Language

7 © Siemens NV/SA, October 2004 Communications E-government Belgium eID card PKI-based solution: eID card contains 2 certificates. E-government applications: Request official documents via the Internet (birth certificate, …) Fill in and sign your tax form. Access to your own personal information (https://www.mijndossier.rrn.fgov.be)https://www.mijndossier.rrn.fgov.be Will replace the electronic health insurance card (SIS card) … Other applications (not related to e-government): Secure chat boxes Libraries Hotel room reservation … Currently not yet included in the report

8 © Siemens NV/SA, October 2004 Communications Digital Rights Management Currently not in scope of new NIS-Report Many proprietary systems available (Apple iTunes, Windows Media DRM, …) and only few standards available: OMA DRM v1 and v2 In general DRM system all do more or less the same thing. The differences lie in details like content formats and rights expression languages OMA: Open Mobile Alliance

9 © Siemens NV/SA, October 2004 Communications Contributions to the report Providing the context for security for Next Generation Networks Evolution from SS7 based telco systems (closed systems) to VoIP (SIP-based) telco systems (more open systems) Providing an update of section 9.4 on Network Encryption: Updates on IPsec Updates on TLS Inclusion of Web Services Security


Download ppt "© Siemens NV/SA, October 2004 Communications Network and Information Security Report ICTSB/NISSG Stefan Goeman."

Similar presentations


Ads by Google