Presentation is loading. Please wait.

Presentation is loading. Please wait.

CCSDS Security/DTN Status 11/6/2015 DENNIS IANNICCA CCSDS GRC CHARLES SHEEHE CCSDS GRC POC 1.

Published byLeslie Golden Modified over 8 years ago

Similar presentations

Presentation on theme: "CCSDS Security/DTN Status 11/6/2015 DENNIS IANNICCA CCSDS GRC CHARLES SHEEHE CCSDS GRC POC 1."— Presentation transcript:

1 CCSDS Security/DTN Status 11/6/2015 DENNIS IANNICCA CCSDS GRC CHARLES SHEEHE CCSDS GRC POC 1

2 DTN Security Activity Objective to determine if Cryptographic Message Syntax (CMS) was a suitable replacement for Streamlined Bundle Security Protocol (SBSP) Process: Determine DTN Security Requirements Determine DTN Security desires Perform a pair wise comparison of requirement Perform a pair wise comparison of desires Produce rankings from comparison Rate CMS vs SBSP for each of the requirements and desires Tally scores Ranking * Rating per category sum to total. Present scoring

3 Activity At start of this activity CCSDS DTN had no specific set of security requirements specified. After many E-mail exchanges, overall community security desires were still unclear. Discussion continued within the CCSDS Security and DTN community until DTN and Security came to a consensus to modify SBSP to allow use of CMS as one of the optional security services. IETF DTN Working Group has developed several Internet Drafts at this time. IETF DTN WG has developed a draft security requirements, CCSDS DTN Security requirements are finalized. IETF-SBSP Internet Draft will be modified to allow CMS to be used as a security service to encapsulate, encrypt, and sign data within bundles. The modified draft will form the base of the CCSDS SBSP Blue Book to begin shortly.

4 SBSP and CMS SBSP IETF Draft based on a stripped-down version of the original BSP experimental standard developed in the IRTF DTNRG working group Protocol developed with bandwidth-constrained space links in mind Doesn’t address key management Doesn’t address specific requirements for supported cipher suites CMS Series of IETF RFCs RFC 5652 - Cryptographic Message Syntax (CMS) RFC 5280 RFC 4853 - Cryptographic Message Syntax (CMS) Multiple Signer Clarification RFC 4853 - Cryptographic Message Syntax (CMS) Multiple Signer Clarification RFC 4086 - Randomness Requirements for Security RFC 3852 - Cryptographic Message Syntax (CMS) RFC 3851 - Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification RFC 3851 - Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification RFC 3370 - Cryptographic Message Syntax (CMS) Algorithms RFC 3369 - Cryptographic Message Syntax (CMS) RFC 3281 - An Internet Attribute Certificate Profile for Authorization RFC 3211 - Password-based Encryption for CMS RFC 2634 - Enhanced Security Services for S/MIME RFC 2633 - S/MIME Version 3 Message Specification RFC 2631 - Diffie-Hellman Key Agreement Method RFC 2630 - Cryptographic Message Syntax RFC 2560 RFC 2437 - PKCS #1: RSA Cryptography Specifications Version 2.0 Enhances interoperability from IP end user prospective Increased overhead compared to SBSP, more suitable for less-constrained terrestrial links

Download ppt "CCSDS Security/DTN Status 11/6/2015 DENNIS IANNICCA CCSDS GRC CHARLES SHEEHE CCSDS GRC POC 1."

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Secure Teleradiology Nick Collett Brookside Consulting

Secure Teleradiology Nick Collett Brookside Consulting
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Lecture 22 Internet Security Protocols and Standards

Lecture 22 Internet Security Protocols and Standards
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.

Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
ITA, 3.11.2011, 7-SecureEmail.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA)

ITA, , 7-Secure .pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA)
VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;

VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;
Electronic Mail Security

Electronic Mail Security

Similar presentations

Ads by Google