Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.

Published byAgnes Greer Modified over 8 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1."— Presentation transcript:

1 doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1 February 2012

2 doc.: IEEE 802 ec-12/0006r0 Submission Requirements for designing Ethernet security IEEE 802.1 Security Task Force February 2012 IEEE 802 Liaison 2

3 doc.: IEEE 802 ec-12/0006r0 Submission Agenda –Overview –Ethernet Security Criteria & Threat Analysis –802.1 Fabric –802.1 Security Architecture –Applying Security Criteria to 802.1 –Applying Security Criteria to TLSec –Conclusions IEEE 802 LiaisonSlide 3 February 2012

4 doc.: IEEE 802 ec-12/0006r0 Submission Overview This presentation describes some important items that all Ethernet security features need consider when they are designed It then shows how this criteria was applied in the development of the current IEEE 802.1 security mechanisms It also show how this criteria is applied to TLSec as described in N14402, N15083, and N15084 –From the limited available information there seem to be some gaps in how the criteria is met by TLSec, and we mention those. February 2012 IEEE 802 LiaisonSlide 4

5 doc.: IEEE 802 ec-12/0006r0 Submission Ethernet security criteria When designing any network security system it is necessary to define strong security methods and protocols. When develop a security system for Ethernet, there are some additional criteria that are very important to address –Threat Model/Analysis –Working with IEEE 802.1 Bridging/Switching –Fitting into Switching/Bridging Equipment Architectures –Fitting many Network Architectures February 2012 IEEE 802 LiaisonSlide 5

6 doc.: IEEE 802 ec-12/0006r0 Submission Threat Model/Analysis It is important to consider the threats to the security protocols –Threats of attackers entering the network at any port in the network must be considered –Threats to the bridged/switched network itself must be considered as well as threats to resources connected to the network If protocols running in the links in the network are not protected, then protected data traffic is still vulnerable to attack February 2012 IEEE 802 LiaisonSlide 6

7 doc.: IEEE 802 ec-12/0006r0 Submission IEEE 802.1 Bridging/Switching Ethernet technologies change rapidly, and new methods of bridging/switching are frequently introduced to adapt to the new technologies Ethernet security features must fit carefully into the IEEE 802.1 Architecture in order to be accommodate current and future bridging/switching technologies –This requires a thorough understanding of this architecture in order to build security technologies that will be relevant in the future –It is also necessary to understand the boundaries of the architecture and to know which problems are within and without the scope of the architecture February 2012 IEEE 802 LiaisonSlide 7

8 doc.: IEEE 802 ec-12/0006r0 Submission Switching/Bridging Equipment Architecture It is important to design security features that do not add significant latency to the throughput of data –Note that link speeds of 40Gbps and 100Gbps are being designed today It is important to understand the capabilities and limitations of Ethernet MAC chips –Cost effective chips have limited capabilities for storing cryptographic keys and policy, and limited capability for switching between keys February 2012 IEEE 802 LiaisonSlide 8

9 doc.: IEEE 802 ec-12/0006r0 Submission Network Architectures It is important to recognize that there are many ways to configure Ethernet networks –It is also important to handle point to point, multicast, and broadcast frames Designing one set of security methods that work in each of the configurations and with all frame types is vital in order for it to be effective. February 2012 IEEE 802 LiaisonSlide 9

10 doc.: IEEE 802 ec-12/0006r0 Submission IEEE 802.1 Security Following is an overview of the current security features. An explanation of these features are available in N14793. Then we apply the criteria mentioned in the previous slides to the IEEE 802.1 security features. February 2012 IEEE 802 LiaisonSlide 10

11 doc.: IEEE 802 ec-12/0006r0 Submission IEEE 802.1 Security Architecture The IEEE 802.1 Security Architecture for Bridged/Switched networks includes –IEEE 802.1X-2010 – Port-Based Network Access Control & Key Management –IEEE 802.1AE-2006 - MACsec –IEEE 802.1AR-2009 – Secure DevID These three standards work together to provide a consistent security architecture that works in today’s networks –They have been designed to work in tomorrows networks as well –They are the result of several iterations of security solutions, and so have the benefit of many lessons learned. We are mentioning some of those lessons learned today for you to consider. February 2012 IEEE 802 LiaisonSlide 11

12 doc.: IEEE 802 ec-12/0006r0 Submission Applying the criteria to the IEEE 802.1 Security Architecture Threat Model: Protects against threats to both the network edge and the core. The security features can be automatically applied at each link according to the risks facing that link. –The same security features are are suitable to be applied at all ports and using the same policy, whether they be at the edge and/or ports in the core. –Or, a network administrator can choose which ports in the network have threats and just apply security on those ports Compatibility with IEEE 802.1 Bridging/Switching: Protects bridging/switching protocols as well as user data on each link where security is required February 2012 IEEE 802 LiaisonSlide 12

13 doc.: IEEE 802 ec-12/0006r0 Submission IEEE 802.1 Security Architecture Switching/Bridging Equipment Architecture: Fits within the capabilities of bridged/switched equipment designs up including 40Gbps and 100Gbps links with low latency –This is done using state of the art, internationally reviewed, adaptable, and conventional cryptography. This is very important in order to achieve broad acceptance in the marketplace –Ethernet ports supporting MACsec and software supporting IEEE 802.1X is available, and new network devices are supporting these security features today Network Architectures: Is designed to fit into the IEEE 802.1 Architecture, and so can be used by all conforming bridged/switched networks February 2012 IEEE 802 LiaisonSlide 13

14 doc.: IEEE 802 ec-12/0006r0 Submission TLSec TLSec is described in N14402, N15083, and N15084. From these descriptions there seem to be some gaps between the TLSec method and the criteria mentioned earlier, and the next slides mention those gaps. –Many of them are related to the generation, distribution, and storage of cryptographic keys, which are crucial to having a secure and scalable system February 2012 IEEE 802 LiaisonSlide 14

15 doc.: IEEE 802 ec-12/0006r0 Submission Applying the criteria to TLSec Threat Model: Focuses on inside threats between selected devices, which may cross one or more bridges/switches –Because of key management and storage issues it may not be suitable for network edge ports. Compatibility with IEEE 802.1 Bridging/Switching: The encrypted frames cross bridges/switches, and so they cannot protect the bridging/switching protocols underlying the network –This leaves the network open to a wider a wider variety of denial of service attacks February 2012 IEEE 802 LiaisonSlide 15

16 doc.: IEEE 802 ec-12/0006r0 Submission Applying the criteria to TLSec Switching/Bridging Equipment Architecture: TLSec seems to be designed to use many keys for many destinations -This can require a large key store (e.g., at least one key for each destination), and keys have to be referenced and used without introducing network latency. -Most encryption systems compute and store the key schedules for cipher keys rather than the keys themselves. Each key requires Kilobytes of memory that must be available to the MAC level function performing encryption. This is commonly a serious constraint to designers. -TLSec requires many more resources than is available in switches/bridges, and will be a substantial architectural hurdle as link speeds and network sizes increase. February 2012 IEEE 802 LiaisonSlide 16

17 doc.: IEEE 802 ec-12/0006r0 Submission Applying the criteria to TLSec Network Architectures: To be successful, TLSec must support more than peer to peer traffic with pair-wise keys –Keys generated from TePA must be shared with multiple peers in order to protect multicast or broadcast –Sharing keys between devices on different networks leads to additional threats and key management complexity February 2012 IEEE 802 LiaisonSlide 17

18 doc.: IEEE 802 ec-12/0006r0 Submission Conclusions When designing security for Ethernet networks, it is important to take into consideration both the architecture of that network and the network configurations that can be used IEEE 802.1 security and TLSec are addressing the same architectures and network configurations, so the same requirements apply to both IEEE 802.1 security was carefully designed to maximize the value and level of security for a diverse variety of bridged/switched networks As always, IEEE 802 would encourage open discussion on security criteria, architectures and alternative solutions in the interests of developing and standardizing the most commercially relevant and robust security standards. February 2012 IEEE 802 LiaisonSlide 18

Download ppt "Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1."

Similar presentations

Ethernet Switch Features Important to EtherNet/IP

Ethernet Switch Features Important to EtherNet/IP
Doc.: IEEE 802.11-09/0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced 802.11 Security Date: 2009-03-13 Authors:

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
CSCI 465 D ata Communications and Networks Lecture 20 Martin van Bommel CSCI 465 Data Communications & Networks 1.

CSCI 465 D ata Communications and Networks Lecture 20 Martin van Bommel CSCI 465 Data Communications & Networks 1.
Chapter 1 – Introduction

Chapter 1 – Introduction
 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.

 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.

1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.
Institute of Technology, Sligo Dept of Computing Semester 3, version 2.1.3 Semester 3 Chapter 3 VLANs.

Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
Doc.: IEEE 802.11-10/492r02 Submission Orange Labs Date: 2010-05-19 Collaboration between 2.4/5 and 60 GHz May 2010 Authors:

Doc.: IEEE /492r02 Submission Orange Labs Date: Collaboration between 2.4/5 and 60 GHz May 2010 Authors:
Omniran-13-0064-00-0000 1 PtP Links across IEEE 802 Bridged Infrastructure Date: 2013-08-28 Authors: NameAffiliationPhone Max

Omniran PtP Links across IEEE 802 Bridged Infrastructure Date: Authors: NameAffiliationPhone Max
Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.

Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.
LAN Overview (part 2) CSE 3213 Fall 2011 21 April 2017.

LAN Overview (part 2) CSE 3213 Fall April 2017.

Similar presentations

Ads by Google