1 / 9

Security Ad-Hoc Report Draft

Security Ad-Hoc Report Draft. Date: 2009-02-02. Authors:. Abstract. This presentation summarizes the recommendations of the security ad-hoc group. Currently a draft. Abstract to be removed once this becomes part of the tutorial. Security Goals and General Approach.

waugh
Download Presentation

Security Ad-Hoc Report Draft

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Ad-Hoc Report Draft Date: 2009-02-02 Authors: Alex Reznik, InterDigital

  2. Abstract • This presentation summarizes the recommendations of the security ad-hoc group. • Currently a draft. Abstract to be removed once this becomes part of the tutorial Alex Reznik, InterDigital

  3. Security Goals and General Approach • Within the context of white spaces, security design needs to focus on two goals: • Primary goal: Protection of Incumbents • This requires support of device security as discussed below • Secondary goal: Protection of Cognitive Radios • While secondary, this is a much larger problem them protection of incumbents • Requires a much more comprehensive approach • General Approach to Security • The ad-hoc recommends that an end-to-end security design approach be used in developing security aspects of white space technologies • Within 802 this means a focus on the following • The interfaces required for support of higher-level security technologies, such as data/application security, secure identity protocols, device security, etc. • Support of certain low-level security technologies as discussed below Alex Reznik, InterDigital

  4. Risk Analysis (1/3)High Level Threats • Illegal Use of Spectrum • Attack on incumbents • Stealing from other secondary users • Denial of Service to other Secondary Users • Threats to coexistence protocols between secondary devices • Jamming and Similar Threat • Unauthorized disclosure or modification of “relevant” information • User location • Database • “Relevant” information is not correct • User location • Database info Alex Reznik, InterDigital

  5. Risk Analysis 2/3Mapping Use Cases to Threats Alex Reznik, InterDigital

  6. Risk Analysis 3/3 Alex Reznik, InterDigital

  7. General Recommendations • Device Security • Key requirement for protection of incumbents • Ensures that devices cannot be modified to “break the rules” • Potentially required to pass FCC certification • While generally above MAC (and thus out of scope for 802), 802 should support the following • A “device security SAP” which provides key parameters required to make sure that the radio is compliant with required policies in real-time. The policies may include any of the following: FCC regulations, coexistence policies, intra-RAT protocol specification. • Low-Layer Security • Support of low-layer techniques is recommended to address the following • Incumbent classification / identification • identification of malicious and negligent impersonators • It is recommended that the WGs coordinate their efforts in this area • Sensor and location measurement security • Support of techniques that secure and attest sensor and location measurements of recommended • Protection of database information • Protection of database information on the device and over the air interface links is recommended Alex Reznik, InterDigital

  8. End-to-End Security 1/2 Alex Reznik, InterDigital

  9. End-to-End Security 2/2 Alex Reznik, InterDigital

More Related