We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published bySeth Garza
Modified over 4 years ago
© Siemens NV/SA, October 2004 Communications Network and Information Security Report ICTSB/NISSG Stefan Goeman
© Siemens NV/SA, October 2004 Communications Background Existing NIS-Report from 2003 The new EU Report Communication form the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions: A strategy for a Secure Information Society – Dialog, partnership and empowerment A lot of new developments in Network and Information Security
© Siemens NV/SA, October 2004 Communications My Expertise Each member of the team has some specific expertise. In my case, this is: ICT Industry, Telecom, ISP Authentication protocols Web Service Security Identity Management E-government Belgium eID card Digital Rights Management
© Siemens NV/SA, October 2004 Communications ICT Industry, Telecom and ISPs Web Services Security (WS-Sec): E-buisiness environment is based on Web Services. Therefore security for web services is necessary (i.e. securing SOAP messages end-to-end) The following specifications make up WS-Sec 1.1 OASIS standard: WS-Security Core Specification 1.1 Username Token Profile 1.1 X.509 Token Profile 1.1 SAML Token Profile 1.1 Kerberos Token Profile 1.1 Rights Expression Language (REL) Token Profile 1.1 SOAP with Attachments (SWA) Profile 1.1 SOAP: SIMPLE Object Access Protocol
© Siemens NV/SA, October 2004 Communications ICT Industry, Telecom and ISPs IETF is an important contributor to security standardization. With respect to network security, following specifications are important, and included in the report: IPsec protocol suite: (IETF IPsec work group is concluded) RFC4301: Security architecture for the Internet Protocol. RFC4302: Authentication Header security protocol. RFC4303: Encapsulating Security Payload protocol. RFC4306: The Internet Key Exchange (IKEv2) protocol. … TLS protocol suite: RFC4346: The Transport Layer Security (TLS) Protocol Version 1.1 RFC4366: Transport Layer Security (TLS) Extensions RFC4492: ECC Cipher Suites for Transport Layer Security (TLS) RFC4279: pre-Shared Key Ciphersuites for TLS … Protocols for securing the infrastructure: DNS security, ENUM security, security of routing protocols (BGP, OSPF)
© Siemens NV/SA, October 2004 Communications Identity (and Privacy) Management Form an end-users point of view, identity and privacy management is (becoming) very important! Two initiatives: Industry for a, not really standardization bodies. Rely on other standards Liberty Alliance Project: Industry forum defining specifications in the area of identity management (single-sign-on, privacy management via pseudonyms, … ) and Identity based web services Based on Web Services specifications: The web services specifications are more loosely coupled, but it is possible to realize identity management based on specifications like: WS-Federation Currently not included in the report SAML: Security Assertion Markup Language
© Siemens NV/SA, October 2004 Communications E-government Belgium eID card PKI-based solution: eID card contains 2 certificates. E-government applications: Request official documents via the Internet (birth certificate, …) Fill in and sign your tax form. Access to your own personal information (https://www.mijndossier.rrn.fgov.be)https://www.mijndossier.rrn.fgov.be Will replace the electronic health insurance card (SIS card) … Other applications (not related to e-government): Secure chat boxes Libraries Hotel room reservation … Currently not yet included in the report
© Siemens NV/SA, October 2004 Communications Digital Rights Management Currently not in scope of new NIS-Report Many proprietary systems available (Apple iTunes, Windows Media DRM, …) and only few standards available: OMA DRM v1 and v2 In general DRM system all do more or less the same thing. The differences lie in details like content formats and rights expression languages OMA: Open Mobile Alliance
© Siemens NV/SA, October 2004 Communications Contributions to the report Providing the context for security for Next Generation Networks Evolution from SS7 based telco systems (closed systems) to VoIP (SIP-based) telco systems (more open systems) Providing an update of section 9.4 on Network Encryption: Updates on IPsec Updates on TLS Inclusion of Web Services Security
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
OGSA Security Profile 2.0 (a.k.a. Express Authentication Profile) DUANE MERRILL October 18, 2007.
Identity Network Ideals – Heterogeneity & Co-existence
Network and Information Security Report – ICTSB/NISSG Dr. Angelika Plate.
CEN/ETSI NISSG Project Network & Information Security Public Consultation 28 th June 2006 Ted Humphreys (Team Leader)
U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG
17 March 2010 Workshop on Efficient and Effective eGovernment FASTeTEN : a Flexible Technology in Different European Administrative Contexts
Internet Protocol Security (IP Sec)
A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.
OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Presented by Kennedy Subramoney Specification – Project Leader Resources & Strategy (A Division of Eskom) CR&D Department XMLVend (Online Vending Specification)
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
Lecture 23 Internet Authentication Applications
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
WS-Security TC Christopher Kaler Kelvin Lawrence.
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
© 2018 SlidePlayer.com Inc. All rights reserved.