Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 STRINT IETF / W3C Security Workshop London, UK, March 2014 Juan Carlos Zuniga.

Published byMichael Randolph Perry Modified over 9 years ago

Similar presentations

Presentation on theme: "1 STRINT IETF / W3C Security Workshop London, UK, March 2014 Juan Carlos Zuniga."— Presentation transcript:

1 1 STRINT IETF / W3C Security Workshop London, UK, March 2014 Juan Carlos Zuniga

2 Threat Model Five main classes of attack Pervasive passive attack [metadata, correlation] Pervasive active attack [access in the network core] Static key exfiltration Dynamic key exfiltration Content exfiltration 2

3 Collaborators A legitimate actor giving help to the attacker Static: One-time help (e.g., private key) Dynamic: Ongoing, per-session help Content: The desired content itself Witting or unwitting Your IT can collaborate on your behalf Real or virtual Hand over key data or make it predictable 3

4 Summary Attackers will do all five attack classes Attacks can be performed in different ways Threats to Objects – Metadata, content Threats to Venue – Infrastructure and links (from TLS down) Technology can be used to increase cost of attack Tech cost (passive-> active) Risk of exposure (static -> dynamic, target dispersal) 4

5 Possible implications /considerations for IEEE 802 Generic protocol guidelines (e.g. Privacy) should we equally applicable to most 802 protocols Link layer encryption (not only data) MAC addresses Broadcast identifiers Size and sequence of messages 5

Download ppt "1 STRINT IETF / W3C Security Workshop London, UK, March 2014 Juan Carlos Zuniga."

Similar presentations

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego

Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
802.1x EAP Authentication Protocols

802.1x EAP Authentication Protocols
Chapter 11 E-Commerce Security. Electronic CommercePrentice Hall © 2006 2 Learning Objectives 1.Document the trends in computer and network security attacks.

Chapter 11 E-Commerce Security. Electronic CommercePrentice Hall © Learning Objectives 1.Document the trends in computer and network security attacks.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.

1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.
E-mail Privacy By Mohammed Al-Ghamdi. Outline Introduction E-mail Privacy How to Provide Privacy E-mail Ethics Summary.

Privacy By Mohammed Al-Ghamdi. Outline Introduction Privacy How to Provide Privacy Ethics Summary.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
Privecsg-15-0017-01-0000 1 Tracking of Link Layer Identifiers Date: [2015-01-15] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital

Privecsg Tracking of Link Layer Identifiers Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
1 privecsg-15-0012-00 IEEE 802 EC Privacy Recommendation Study Group Update to IEEE802 March 2015 Plenary meeting Juan Carlos Zuniga, InterDigital.

1 privecsg IEEE 802 EC Privacy Recommendation Study Group Update to IEEE802 March 2015 Plenary meeting Juan Carlos Zuniga, InterDigital.
1 privecsg-15-0009-01-0000 IEEE 802 EC Privacy Recommendation Study Group Update to March 2015 Plenary meeting 2015-03-09 Juan Carlos Zuniga,

1 privecsg IEEE 802 EC Privacy Recommendation Study Group Update to March 2015 Plenary meeting Juan Carlos Zuniga,
WIRELESS LAN SECURITY Using

WIRELESS LAN SECURITY Using

Similar presentations

Ads by Google