1 / 34

Lecture II : Security Analysis and Planning

Lecture II : Security Analysis and Planning. Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005. Theme. Objectives Highlight objectives of security system design & implementation

jered
Télécharger la présentation

Lecture II : Security Analysis and Planning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture II : Security Analysis and Planning Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005

  2. Internet Security - System Analysis & Planning Theme • Objectives • Highlight objectives of security system design & implementation • Introduce procedure of security system planning & operation • Motto • Security/Safety is a relative measure • NO system is absolutely secure ! • Users’ sense of security is usually a fuzzy warm feeling • Security specialists must specify & quantify security measures • Security systems only offer measured protection (safeguards) over selected resources (assets) against identified dangers (threats) • Security protection is a perpetual practice consisting of planning, deployment, monitoring & improvement

  3. Internet Security - System Analysis & Planning Security System, Planning & Operation • Vulnerability Analysis • Service Selection • Mechanism Implementation

  4. Internet Security - System Analysis & Planning Security System, Concepts • Assets – system resources to be valued & protected • Vulnerability – system weakness exposes assets to threats • Threats – persons/things/events pose dangers to assets • Attacks – actual realizations of security threats • Risks – cost measures of realized vulnerability (considering probability of successful attacks • Countermeasures/Safeguards – structures/policies/mechanisms protect assets from threats

  5. Internet Security - System Analysis & Planning Threats, Categorization • Fundamental Threats • Confidentiality Violation – leakage of information • Integrity Violation – compromise of information consistency • Denial of Services – service unavailability to legitimate users • Illegitimate Use – service availability to illegitimate users • Enabling Threats • Penetration Threats • Masquerade – identity falsification • Control/Protection Bypass – system flaw exploitation • Authorization Violation – insider violation of usage authorization • Planting Threats • Trojan Horse • Trapdoor/Backdoor

  6. Internet Security - System Analysis & Planning Threats, Categorization [Cont’d] • Underlying Threats • Eavesdropping • Traffic Analysis • Personnel Indiscretion/Misconducts • Media Scavenging • … • They are application & environment specific

  7. Internet Security - System Analysis & Planning Countermeasures/Safeguards • Physical Security • Physical Security • Operational Security • Personnel Security • Administrative Security • Information Lifecycle Control • Technical Security • Communication Security • Computation Security • Media Security • Emanation Security

  8. BBN Technologies An Operating Unit of Example: Use of IPsec & IKE in Universal Mobile Telecommunication System Dr. John K. Zao Sr. Scientist, Information Security Verizon Communications / BBN Technologies IPSEC 2000 Paris La Defense - France 10/26/2000

  9. Internet Security - System Analysis & Planning Outline • Overview: UMTS 3G Wireless Data Networks • Architecture • Domains • Strata • Analysis: UMTS Vulnerability & Threats • Countermeasures: UMTS Security Architecture & Mechanisms • Proposal: Possible Use of IPsec & IKE in UMTS Security <ignored >

  10. Internet Security - System Analysis & Planning GPRS / UMTS System Architecture

  11. Internet Security - System Analysis & Planning UMTS Domain Hierarchy Domain – a high-level group of UMTS entities; reference points (interfaces) are defined between domains

  12. Internet Security - System Analysis & Planning UMTS MT-HN Strata Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains

  13. Internet Security - System Analysis & Planning UMTS MT-RN Strata Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains

  14. Internet Security - System Analysis & Planning Outline • Overview: 3G Wireless Data Networks • Analysis: UMTS Security • Security Threats • Security Architecture • Security Features/Services • Network Access Security • Network Domain Security • User Domain Security • Application Domain Security • Security Mechanisms • Mobile User Identity Allocation • Entity Authentication & Key Agreement • User Traffic Confidentiality • Network Domain Security • Proposal: Possible Use of IPsec & IKE in UMTS Security

  15. Internet Security - System Analysis & Planning 3G Security: Threats Source: 3G Security; Security Threats & Requirements [3G TS 21.133]

  16. Relevant Threads Significant Threads Major Threads Internet Security - System Analysis & Planning 3G Security : Threats, Radio Interface • Radio Eavesdropping & Traffic Analysis • User & Net Element Masquerading

  17. Relevant Threads Significant Threads Major Threads Internet Security - System Analysis & Planning 3G Security : Threats, ME-USIM Interface • ME/USIM Masquerading • ME/USIM Data Alteration & Access • ME/USIM Download Alteration & Eavesdropping

  18. Relevant Threads Significant Threads Major Threads Internet Security - System Analysis & Planning 3G Security : Threats, General System • Privilege Misuse • Network Element Masquerading • Wired Link Eavesdropping

  19. Application Domain Security Network Access Security Network Domain Security User Domain Security Internet Security - System Analysis & Planning UMTS Security Architecture • User Domain Security – protection against attacks on ME - USIM/USIM interfaces • Network Access Security – protection against attacks on radio (access) links • Network Domain Security – protection against attacks on wired network infrastructure • ApplicationDomain Security – protection on user & provider application exchanges • Security Management – monitoring & managing user - provider security features

  20. User Identity Confidentiality Services Identity Confidentiality Location Confidentiality Intractability Mechanisms Temporary Visiting Identity Encrypted Permanent Identity Encrypted Signal / Control Data Entity Authentication Services Authentication Mechanism Agreement User Authentication Network Element Authentication Mechanisms HE-SN Authentication & Key Agreement Local Authentication Internet Security - System Analysis & Planning Network Access Security, Safeguards Data Confidentiality Services • Cipher Algorithm Agreement • Cipher Key Agreement • User Data Confidentiality • Signal / Control Data Confidentiality Data Integrity Services • Integrity Algorithm Agreement • Integrity Key Agreement • Signal / Control Data Integrity • Signal / Control Data Origin Authentication

  21. Entity Authentication Services Mechanism Agreement Network Element Authentication Mechanism Explicit Symmetric Key Authentication Internet Security - System Analysis & Planning Network Domain Security, Safeguards Data Confidentiality Services • Cipher Algorithm Agreement • Cipher Key Agreement • Signal / Control Data Confidentiality Data Integrity Services • Integrity Algorithm Agreement • Integrity Key Agreement • Signal / Control Data Integrity • Signal / Control Data Origin Authentication

  22. User - USIM Authentication Services PIN-based Authentication USIM - ME Authentication Services Shared Secret Authentication Internet Security - System Analysis & Planning User Domain Security, Safeguards

  23. Secure USIM Download & Messaging Services Application Identity Authentication Application Data Confidentiality Application Data Origin Authentication Application Data Integrity Application Exchange Sequence Integrity Application Exchange Replay Protection Application Data Non-repudiation IP Security [TBD] Internet Security - System Analysis & Planning Application Domain Security, Safeguards User Traffic Confidentiality Service • End-to-End Data Confidentiality User Profile Confidentiality [TBD]

  24. Internet Security - System Analysis & Planning * Mobile User Identity (MUI) Exchanges Temporary MUI (TMUI) Allocation • Similar to Mobile IP Registration • Source: UMTSSecurity Architecture [3G TS 33.102] Permanent MUI (IMUI) Identification

  25. Internet Security - System Analysis & Planning Entity Authentication & Key Agreement • Parameters • Authentication Vector AV(i) := RAND(i)||XRES(i)||CK(i)||IK(i)||AUTN(i) AUTN,CK,IK,XRES derived from RAND,SQN,AMF • Authentication Data Request Authen_Req := IMUI || HLR_MSG • Authentication Data Request Authen_Res := [IMUI] || AV(1..n) • Comments • Authentication is conducted between HE/AuC & MS/USIM • HE is authentication& key distribution center • SN/VLR is trusted mediator • If HE is off-line then MS-SN authenticate using shared integrity key & protect their traffic using old (CK,IK)

  26. Key Management Cipher Key (Ks) Initialization Vector (IV) Cipher Algorithms Synchronous Stream Cipher Data stream XOR with key stream Synchronization controlled by IV Issues Encryption synchronization mechanism TFO voice protection adaptation Data traffic protection adaptation Encryption termination at net gateways Encryption management Internet Security - System Analysis & Planning User Traffic Confidentiality

  27. Internet Security - System Analysis & Planning Network Domain Security • Similar to Multi-Realm Kerberos • Layer I • Symmetric Session Key Negotiation using PK technology • Layer II • Session Key Distribution within each Operator • Layer III • Secure communication between Elements of different Operators

  28. Internet Security - System Analysis & Planning Bibliography • 3rd Generation Partnership Project, Technical Specification Group (TSG) SA • 3G TS 21.133 - 3G Security; Security Threats & Requirements • 3G TS 21.120 - 3G Security; Security Principles & Objectives • 3G TS 33.105 - 3G Security; Cryptographic Algorithm Requirements • 3G TS 33.102 - UMTS; 3G Security; Security Architecture • 3G TS 23.101 - UMTS; General UMTS Architecture • GSMDocuments • GS 02.60 – GPRS; Service Description; Stage 1 • GS 03.60 – GPRS; Service Description; Stage 2 • GS 02.09 – Security Aspects • GS 03.20 – Security Related Network Functions • Source: http://www.etsi.org/

  29. Assignment I :Security System Analysis & Planning Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005

  30. Internet Security - System Analysis & Planning System: Campus Network

  31. Internet Security - System Analysis & Planning Asset Evaluation • Important Users • Officers • Students • Important Assets • Management Records • Research Records • Teaching Records

  32. Internet Security - System Analysis & Planning Threat Analysis Officer Subnet • For every subnet: • Identify nature of specific threats towards each networking resource & application • Evaluate severity of threats towards individual resource & application

  33. Internet Security - System Analysis & Planning Service Planning • Perimeter Defense • Firewalls • Site-to-Site VPN • Remote Access VPN • IRS Gateway • Host/Server Defense • Configuration Manager • Security Patches • Anti-Virus Scanner • Anti-Spam Program • Spyware Blockers

  34. Internet Security - System Analysis & Planning Assignment Work • Vulnerability Analysis [50%] • Service Planning [50%] • Architecture Recommendation [20%, optional]

More Related