Download
1 / 54
540 likes | 822 Vues
original page deleted, found still from Internet archive: ... Internet attacks, such as DDoS (Distributed Denial of Service) attacks, could have ...
E N D
Slide 1:Attacking (wireless) Internet
Hannu H. Kari
Slide 2:
... a short flashback ...
Slide 3:Yksityisyys langattomissa verkoissa
Hannu H. KARI
07.01.2003
virkaanastujaisesitelm
Slide 4:Yksityisyys nykyaikana?
Slide 5:Yksil ja yksityisyys
Slide 6:Yksityisyys ja shkmagneettinen aura
Slide 7:Esimerkki: Ketk ovat kavereita?
Slide 8:Esimerkki: Ketk ovat kavereita?
Slide 9:Yksityisyyden viisi/kuusi luokkaa Informaatio (data privacy)
Kohde/lhde (identity privacy)
Tapahtumapaika (location privacy)
Tapahtuma-aika (time privacy)
Olemassaolo (privacy of existence)
+ Tapahtuma (transaction)
Slide 10:Yksil vs. yhteiskunta
Slide 11:
And now back to our original program ...
Slide 12:
History
Slide 13:Technology enhancements
Slide 14:Technology enhancements
Slide 15:Technology enhancements
The same thing has happened in Internet in 1015 years!
Slide 16:
Need for privacy?
Slide 17:Analogy for identification: Pets
(news.wisc.edu)
Slide 18:Human identification today
Slide 19:Human identification some 60 years ago ... and ... today
Slide 20:Need for privacy
Slide 21:Need for privacy
Slide 22:Need for privacy
Slide 23:Need for privacy
Slide 24:Need for privacy
Slide 25:Need for privacy
Slide 26:Need for privacy
Slide 27:Wireless network eavesdropping
Slide 28:Privacy Definition of Privacy
Privacy is the claim of individuals, groups, and institutions to determine for themselves, when, how, and to what extent information about them is communicated to others.
Alan Westin 1967
Slide 29:
Threats
Slide 30:Holmlund: Verkkohykkys voi uhata rahaliikennett {10.11.2008: MPK 187:n avajaiset}
YETTS: yhteiskunnan elintrket toiminnot tulee turvata kaikissa tilanteissa
Myyrmanni, Jokela & Kauhajoki: * syrjytyminen sisisen turvallisuutemme suurin uhka * monia ei-toivottuja kehitystrendej
Tarkoituksellisin verkkohykkyksin saatetaan heikent valtion ptksentekojrjestelmien tai esimerkiksi rahaliikenteen toimivuutta
Ikvt tapahtumat tulevat eteemme aina jossain mrin ylltyksen* varautumisesta ja riskianalyyseista huolimatta.
Asymmetrinen maailma, asymmetriset arvot ja motiivit
Kaikki uhkat eivt vlttmtt tule ulkoa
Slide 31:Main threats of Internet 1. We loose our confidence
2. Internet does not work
3. We loose data/money with Internet
Slide 32:
Scenario 3/2011
Slide 33:Scenario 3/2011 Election in a small EU country
a country famous on ICT usage, including electronic voting
During the election days, a massive DDoS attack is launched against the election system
Electronic voting system is unavailable for several hours
As a back up alternative, people will use traditional paper voting system
No harm done????
Slide 34:Scenario 3/2011 Report for the Council of Europe: Internet voting in the March 2007 Parliamentary Elections in Estonia
Internet attacks, such as DDoS (Distributed Denial of Service) attacks, could have hampered the ability to run the e-voting application. An extension of the e-voting period could potentially make it more difficult to launch such attacks.
... But will anyone really seriously think electronic voting as a viable alternative for paper voting after this???
NO! We have lost the game permanently
Slide 35:
Design flaws of Internet
Slide 36:Security problems in Internet, samples
Slide 37:Security problems in Internet, samples
Slide 38:Who and Why? WHY
Motivations:
Social behavior
Vandalism
Money
Ideology
Military strategic interests
Slide 39:Internet design criterion Primary goals
Multiplexing of channel
Various network archtectures
Administrative boundaries
Packet switching
Gateways (routers) between networks
Secondary goals
Robustness (loss of routers and links)
Multiple services (reliable or realtime data)
Usage of various networks
Distributed management
Cost efficient implementation
Simple attachement to network
Resource usage monitoring
Slide 40:Implicit Internet design criterion Silent assumptions
Benevolence
Openness
Low level of dynamicity
No mobility
Limited computation capacity
High cost of crypto algorithms
Limited bandwidth
Slide 41:Internet design flaws Original design principles: The enemy is out there!
Everybody can send anything to anybody
Security measures are introduced afterwards
The new design principles: The enemy is among us!
We must be prepared to pay for security/reliability
in form of computation power, bandwidth, energy, etc.
Strong security as the fundamental building block
Legal sanctions against malevolent entities
Every packet must have an owner!
Slide 42:
Security domains
Slide 43:Four security domains
Slide 44:Four security domains
Slide 45:
Securing network infrastructure
Slide 46:Traditional Internet usage
Slide 47:Short term solution:Secured Infrastructure Router (SIR)
Slide 48:Secured Infrastructure Router (SIR)
Slide 49:Alternative SIR operation
Slide 50:
Conclusions
Slide 51:Conclusions Privacy in Internet is vital
Especially in wireless environment in all 5/6 categories
Risks with Internet are imminent
...due to original design flaws of Internet
Architecture with several levels of security
Plan-B: What shall we do, when our network doesnt work?
What is the minimum level of service?
How to handle Internet brand
Slide 53:Good/Bad things of Internet Google.cn: tiananmen square 12 first image hits
Slide 54:Good/Bad things of Internet Google.com: tiananmen square 12 first image hits
