Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Profiles: AMS, CFDP Scott Burleigh NASA JPL 13 June 2006.

Published byColleen Harris Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Profiles: AMS, CFDP Scott Burleigh NASA JPL 13 June 2006."— Presentation transcript:

1 Security Profiles: AMS, CFDP Scott Burleigh NASA JPL 13 June 2006

2 AMS Security – General Requirements –Authentication of service providers and consumers –Control of service access, at message subject granularity –Message integrity and confidentiality Mechanisms –Asymmetric encryption of authenticators –Symmetric encryption of message content –Pre-placed keys and access control lists (MIB) No dynamic key distribution or ACL update mechanism identified yet.

3 AMS Security – Overview (1) MAMS message header authenticator: 1.4-byte “hood” (four randomly selected ASCII characters) in clear text. 2.Concatenation of hood plus a well-known message-type- specific name, encrypted in the private key of the sender. Receiver of MAMS message decrypts the encrypted part of the authenticator using the public key of the sender, verifies it. MIB at each node contains all relevant asymmetric keys.

4 AMS Security – Overview (2) MIB contains, for each message subject: –List of authorized senders. –List of authorized receivers. –Symmetric key for encryption/decryption of messages on this subject.

5 CFDP Security – General Currently, none at all. Tentative requirements: –Mutual authentication of CFDP entities –Metadata integrity and confidentiality –File data integrity and confidentiality Proposed mechanisms –Optional inclusion of authenticator in Metadata PDU –Asymmetric encryption of Metadata –Symmetric encryption of file data –Pre-placed keys (MIB)

6 CFDP Security – General (2) An alternate proposal: –Implement security at the PDU level rather than the file level. A better fit for users that want to make immediate use of partially received data, i.e., individual PDUs. Unaffected by loss of Metadata PDU. –Add per-segment metadata (an LV) to each file data segment PDU: Brief authenticator, as for AMS. Pre-placed keys in MIB, one per known CFDP entity: –Asymmetric keys for encryption/decryption of authenticator –Symmetric key for encryption/decryption of segment data

Download ppt "Security Profiles: AMS, CFDP Scott Burleigh NASA JPL 13 June 2006."

Similar presentations

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,
CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,

CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
What is Encryption? - The translation of data into a secret code - To read an encrypted file, you must have access to a secret key or password that enables.

What is Encryption? - The translation of data into a secret code - To read an encrypted file, you must have access to a secret key or password that enables.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Electronic Mail Security

Electronic Mail Security
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Key Management Workshop November 1-2, 2001. 3. Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
COEN 351 E-Commerce Security Essentials of Cryptography.

COEN 351 E-Commerce Security Essentials of Cryptography.
Asymmetric-Key Cryptography Also known as public-key cryptography, performs encryption and decryption with two different algorithms. Each node announces.

Asymmetric-Key Cryptography Also known as public-key cryptography, performs encryption and decryption with two different algorithms. Each node announces.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Similar presentations

Ads by Google