15
March 2009 Richard Paine, Self Slide 1 sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concept Submission Project IEEE 802 Executive Committee Study Group on TV White Spaces – Secure Datastore /End- to-End Security Architecture Concepts Title ECSG WS Study Group Date Submitte d 2009-03-09 Source(s ) Contributor: Richard Paine, Affiliation Self Voice: 206-854-8199, e-mail: [email protected] Abstract IEEE 802 ECSG on White Space slide deck to capture 802 and TVWS USE CASE Security Issues Purpose To provide input to the ECSG and others on possible use cases that will help clarify how the TVWS spectrum might be secured and how these uses might possibly be addressed by IEEE 802 work. Release The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802. Patent Policy and Procedur es The contributor is familiar with the IEEE-SA Patent Policy and Procedures: <http://standards.ieee.org/guides/bylaws/sect6-7.html#6 > and < http://standards.ieee.org/guides/opman/sect6.html#6.3 >. Further information is located at < http://standards.ieee.org/board/pat/pat-material.html > and < http://standards.ieee.org/board/pat >.

March 2009 Richard Paine, SelfSlide 1 sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts Submission Project IEEE 802 Executive Committee

Embed Size (px)

Citation preview

March 2009

Richard Paine, SelfSlide 1

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Project IEEE 802 Executive Committee Study Group on TV White Spaces – Secure Datastore /End-to-End Security Architecture Concepts

Title ECSG WS Study Group

Date Submitted

2009-03-09

Source(s) Contributor: Richard Paine, Affiliation Self Voice: 206-854-8199, e-mail: [email protected]

Abstract IEEE 802 ECSG on White Space slide deck to capture 802 and TVWS USE CASE Security Issues

Purpose To provide input to the ECSG and others on possible use cases that will help clarify how the TVWS spectrum might be secured and how these uses might possibly be addressed by IEEE 802 work.

Release The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.

Patent Policy and Procedures

The contributor is familiar with the IEEE-SA Patent Policy and Procedures:<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>.Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and <http://standards.ieee.org/board/pat>.

March 2009

Richard Paine, SelfSlide 2

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

802 End-to-End Security

March 2009

Richard Paine, SelfSlide 3

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

OSI-TCP/IP Stack Comparison

04/21/23

March 2009

Richard Paine, SelfSlide 4

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Platform and Security Layers

802.1x, etc.

Modem

OS-Internetworking

OS-Session

Application

Modem

OS-Internetworking

OS-Session

ApplicationApplication-Secured Payload

SSL, TLS, etc.

IPSec, HIP, etc.

Physical Medium

Media Media

802.1x, etc.

• Each platform abstraction layer supports its own communications security– Note: Media security is generally platform-to-network, not platform-to-platform

• Implementation of each platform abstraction should be secured– Certification of regulatory/standards compliance– Real-time attestation of implementation (“tamper-proof”)– Ability to secure sensitive data– This is not shown, but implied

March 2009

Richard Paine, SelfSlide 5

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Modem Modem

802 Interface to the “Outside World”

04/21/23

802.1x, etc.

OS-Internetworking OS-Internetworking

IPSec, HIP, etc.

PhysicalMedium

Media Media

802.1x, etc.

Discontinuity between IEEE 802 and IETF

March 2009

Richard Paine, SelfSlide 6

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

End Device Stack

802 PHY

802 MAC

Network Equipment

802 IFTo UpperLayers

802 IFTo NetworkDeviceLayers

Data Link

04/21/23

Physical Medium

March 2009

Richard Paine, SelfSlide 7

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Lightweight Host Identity Protocol Example

TCP/UDP TCP/UDP

HIP HIPIPSEC IPSEC

IPIP

Authentication Layer Authentication Layer

ESP Payload: not encrypted, not authenticated

Authenticated Control Messages

Authentication Interaction

Unauthenticated Control Messages

Gurtov; Host Identity Protocol (HIP); Wiley, 2008; pg 131.

March 2009

Richard Paine, SelfSlide 8

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Secure Network Equipment

IF To UpperLayers

The End-to-End LHIP Security Stack

04/21/23

Secure Network Equipment

IF To UpperLayers

Physical Medium

March 2009

Richard Paine, SelfSlide 9

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

The End-to-End HIP/SMA Security Stack

802 PHY

802 MAC

Secure Network Equipment

IF To UpperLayers

Data Link802 IFTo UpperLayers

FCC WSDB and Schema

SMA SecureDataStoreAnd Schema

SMA PKI DatastorePeople/Machines

TNC SecureDataStore and Schema

04/21/23

Adding HIP, TNC, and the FCC WS Work

802 IFTo DeviceLayers

IETF’s SecureDataStore and Schema (MAP)

Physical Medium

March 2009

Richard Paine, SelfSlide 10

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission04/21/23

802.1x, etc.

Modem

OS-Internetworking

Modem

OS-Internetworking

IPSec, HIP, SMA, etc.

PhysicalMedium

Media Media

802.1x, etc.

TCG’s TNC SecureDataStore and Schema (IF-MAP)

IETF’s SecureDataStore and Schema (MAP)

TCG’s TNC SecureDataStore and Schema (IF-MAP)

IETF’s SecureDataStore and Schema (MAP)

OS-Session

Application

OS-Session

ApplicationApplication-Secured Payload

SSL, TLS, etc.

FCC SecureWS DataStore

FCC SecureWS DataStore

TOG’s SMA Secure Datastore and SchemaTOG’s SMA Secure Datastore and Schema

SMA PKI DatastorePeople/Machines

SMA PKI DatastorePeople/Machines

Summary Data

802 Interface to the “Outside World”

March 2009

Richard Paine, SelfSlide 11

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission04/21/23

Ideal End-to-End Security

Modem

OS-Internetworking

Modem

OS-Internetworking

IP Infrastructure

Media Media

OS-Session

Application

OS-Session

ApplicationSSL, TLS, etc.

App.-Secured Payload

IPSec, HIP, SMA, etc.

TrustedPolicyEngine

Trusted component used to verify compliance and prevent policy violation

IETF/TCG/TOG/IEEE SecureDataStore and Schema (MAP)

TrustedPolicyEngine

IETF/TCG/TOG/IEEE SecureDataStore and Schema (MAP)

March 2009

Richard Paine, SelfSlide 12

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Secure Datastore Commonalities

• Datastores/Schema all have similarities (FCC, SMA, LHIP, & TNC)– Location information and measurement

• Geolocation, sensor measurements

– Host information:• Identity, name, address, etc.

– Network IDs:• MAC, IP address, etc.

– Local policy databases• Spectrum policy information• Security policies database• Co-existence policies

– Remote database information• DNS, Spectrum Servers, Certificate Authorities, Sensitive SW Sources (e.g. McAfee), etc.

– Trust certificates– Identities of trusted third party connections

• IF should/could be standardized

March 2009

Richard Paine, SelfSlide 13

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Interfaces Need to be Defined

• 802.11k SME MIB “Zero Config”-like Access– Object IDs for the MIB Entries

• 802.11 SME MIB Clients• 802.16 MIB Clients• 802.21 MIB Clients• SMA Interface [SLDAP (Secure Lightweight Directory

Access Protocol)]• DNS• TCG’s TNC [IF-MAP (InterFace-Metadata Access Point)]• FCC WS – interface undefined, but required fields

similar

March 2009

Richard Paine, SelfSlide 14

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

End-to-End Projects Identified

• Joint IEEE-IETF Task Force on end-to-end security protocols and definitions– Passing of SMA/cryptographic identity/security information from PHY

to upper layers (schema?)

• IEEE/802.21 project for security handoff between disparate systems (schema?)

• Joint IEEE-TCG Task Force on device security at lower layers– Attesting to lower layers– Compliance with regulatory/standards policies, e.g. FCC White Spaces

regulations

• Interface definitions for all interfaces in 802

March 2009

Richard Paine, SelfSlide 15

sg-whitespace-09-0061-00-0000-Secure-Datastore-Architecture-Concepts

Submission

Resolutions?

• HIP• SMA Datastore [Secure LDAP (SLDAP)]• DNS Resource Records (Not Secure)• TCG’s TNC Datastore Access (SLDAP?)• All schema (should be common)