PowerPoint from Mats Ohlin
Download
Report
Transcript PowerPoint from Mats Ohlin
Who am I?
• Mats Ohlin
• Swedish Defence Materiel Administration
(FMV)
• IT Security area
– International Standardisation:
ISO/IEC JTC 1/SC 27/WG 3
(Security Evaluation Criteria)
– Defence IP Network Security
General
• Mobile Network in Kista
– Location Privacy
• Overview of previous work in the Privacy
area
• Freedom System extensions for mobile
users
What is Security?
• If you do not have a (stated) goal,
it is not possible to know when you have
arrived
– Winnie the Puh
• Security is about the ability to counter
identified attacks
– Attack agent(s)
– Assets (to be protected)
• System Services
• System Resources and Information Objects
Basic Privacy Terms
• Anonymity
– that a user may use a resource or service
without disclosing the user´s identity. The
requirements for Anonymity provide protection
of the user identity.
• Pseudonymity
– ensures that a user may use a resource or
service without disclosing its user identity, but
still be accountable for that use.
Basic Privacy Terms (2)
• Unlinkability
– ensures that a user may make multiple uses of
resources or services without others being able
to link these uses together.
• Unobservability
– ensures that a user may use a resource or
service without others, especially third parties,
being able to observe that the resource or
service is being used.
Basic assumptions
• Any [wireless] component must have an ID
– Authentication is often necessary
• End-to-end security solutions is advisable,
but...
• Traffic analysis security is hard to achieve
–
–
–
–
variable routing
onion routing
dummy traffic
mixing (repackaging)
Practical aspects
• Implementation problems
– performance
– availability (of Freedom routers)
– knowledge about Freedom routers
• Wireless in practise
– Some competent actors may apply special
measures
– The broad user community will stick with
• what´s delivered
• easily managed
Practical aspects (2)
• Political
– Some years ago; crypto debate
– Now concern about traffic analysis
• Downside
– Internet Tradition of Implicit Trust
– Internet abuse
• Host attacks
• DNS attacks
• Routing protocol attack (soon)
Practical aspects (3)
• Gibson Research Corporation in May
– Several DDOS attack waves
• 474 PCs in DDOS attack generating 2.399.237.016
packets (fragments) in 4 days
• Demands for Authenticated IP (IP-AH)
– Trust Management a problem
• Certificate Management
• May stimulate further work on Privacy
Enhancing Protocols (PET)
Practical aspects (4)
• Further work should include
– strict definition of security goals
– attack analysis
– how make the existence of Freedom Networks
more invisible
• Actually, also big organisations, like
defence, is looking at similar techniques for
countering traffic analysis
Questions
• DOS attacks against Freedom Networks
• Common Criteria Definitions Good
Enough?
• Modelling the extent of the attacker´s
knowledge necessary for different types of
attacks?
• Business Model; who is going to pay and
why?