Transcript Network Layer Security-mjp - The CCSDS Collaborative Work

Network Layer Security
Mike Pajevski
(NASA/JPL)
Howie Weiss
(Cobham Analytic Solutions/JPL)
April 2009
1
Agenda
• What is network layer security?
• Benefits of network layer security
• CCSDS approaches to network layer security
2
Space extensions
to FTP
Space extensions
to the Socket
Interface
SCPS-TP
“TCP
Tranquility”
options
SCPS-FP
What is Network Layer Security?
FTP
Features
TCP
Options
Space-optimized
IPSec variant
Other Apps
FTP
TCP
SCPS-SP
UDP
IPSec
Common NetworkLayer Interface
Space-optimized
IP variant
SCPS-NP
IP
Space Link Subnet: CCSDS Data Link
The CCSDS protocol suite supports either “native” or “space enhanced” Internet services,
at the discretion of the Project organization
3
Benefits of Network Layer
Security
• “Value-Added” network security
– Implement and certify (security-wise) once
– All upper layer applications are not aware of it
• Routable in an IP environment
– Underlying IP network is unaffected
• Saves cost and schedule
– Implement once vs. at each application
– Certify once vs. for each application
– Ensures correctness of implementation (done once with
great scrutiny)
• End-to-End Protection
4
Drawbacks of Network Layer Security
• No fine-grained access control
– Provides “all-or-nothing” access to a networked service
(e.g., cannot control which file(s) can be accessed)
• Increased overhead (vs. link layer security)
– Really a protocol-specific issue
» A protocol with low bit overhead is possible
• More complex management (vs. link layer security)
– Depends on flexibility of the protocol
» A link layer solution could be just as complex
• Does not support non-network based communications
• Can impair some QoS, header compression, and smart
routing techniques
5
CCSDS Approaches
• Do we care?
• Assuming we do care:
– Adopt IPsec? (Constellation has already done so)
» ESP (RFC 4303)
» AH (RFC 4302)
» Both?
– Re-do/repair SCPS-SP?
» Min 2 byte overhead vs. 10 bytes for IPSec
» Do we care about 64 extra bits/packet given the
prevailing links?
6
Next Steps?
• Should the Security WG take this on as a new program
of work?
• How should we approach this?
– Study?
– Just adopt IPsec?
» Any constraints/extensions needed?
» KM (aka IKE or others)
– Repair SCPS-SP?
– Write a new protocol?
– Go home and call it a day? 
Conclusion: study IPSec and KM to start off and we’ll
see where we go from there. What are the possible
scenarios, interoperability use cases?
7