1 / 8

ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt

ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt. Henning Schulzrinne, Raj Shanmugam, Hannes Tschofenig, Tom Taylor IETF 64. Emergency Call Routing Attack Points. Impersonation. Impersonation DOS. Threats: - disclosure - targeted DOS - mass DOS. Location

timroy
Download Presentation

ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECRIT Security Considerationsdraft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes Tschofenig, Tom Taylor IETF 64 ECRIT Security Considerations

  2. Emergency Call Routing Attack Points Impersonation Impersonation DOS Threats: - disclosure - targeted DOS - mass DOS Location provider - malicious dispatch Mapping server PSAP Mapping client Callrouter sos@?????? Interception Modification Database corruption Configuration corruption Emergency responders ECRIT Security Considerations

  3. Architecture Determines Threat Perception • If mapping is done at user client configuration time • lowers likelihood that attacks on mapping server are effective • raises likelihood that attack on user client itself would be effective • If mapping is done at call time, and mapping client is a proxy • raises likelihood that attacks on mapping server would be effective • attack on user client itself less likely to be effective ECRIT Security Considerations

  4. Authentication Issues • Is it worth authenticating the mapping server? • if mapping is done at user agent configuration time? • if mapping is done by user agent at call time? • if mapping client is a proxy on the call path? ECRIT Security Considerations

  5. Backup ECRIT Security Considerations

  6. Current Draft Scope • Threats • integrity and privacy • PSAP DOS • PSAP impersonation • mapping server DOS • mapping server impersonation • Discussion of potential counter-measures • Constraints on counter-measures • cost in terms of performance • deployment issues • regulatory and legal requirements • Derived requirements ECRIT Security Considerations

  7. Points Raised in List Discussion • Performance burden of proposed measures • channel security • object signing • What does user do if authentication fails? • Need for security distinction between location by value and by reference • Proposed DOS detection at mapping server doesn't work • all requests are anonymous • multiple requests from same IP address can be a valid condition • Proposed countermeasures make impractical assumptions regarding trust anchors • depending on what responsibilities are given to the user client • Object signing not enough to prevent replay ECRIT Security Considerations

  8. More Points ... • Section 5.5 (Distributed Directory Security) out of scope • Section 5.6 (Query-Response Verification) probably expendable • Need security discussion of two more topics • location delivery • PSAP boundaries ECRIT Security Considerations

More Related