Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.

Slides:

Advertisements

Similar presentations

Ecrit-unauthenticated-access IETF 75, Stockholm July 29, 2009 Hannes Tschofenig (attending virtually) Dirk Kroeselberg.

Advertisements

HTTP Dereference (draft-winterbottom-geopriv-deref-protocol-00) IETF-71 Philadelphia, March 2008 James Winterbottom Hannes Tschofenig Henning Schulzrinne.

March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.

ECRIT Direct Calling draft-winterbottom-ecrit-direct-01 James Winterbottom, Martin Thomson, Hannes Tschofenig, Henning Schulzrinne 1draft-winterbottom-ecrit-direct-01.

Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.

IETF ECRIT update Marc Linsner 5/11/10. ECRIT Charter (or a piece of it) ………The group will show how the availability of location data and call routing.

Risks with IP-based Emergency Services draft-ietf-ecrit-trustworthy-location.

Origins of ECRIT IETF has been working on location since 2000 –Spatial BoF, eventually GEOPRIV chartered in 2001 GEOPRIV provides location information.

Emergency Services IAB Tech Chat 28 th February 2007 Hannes Tschofenig.

Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.

Draft-ietf-ecrit-location-hiding-req Location Hiding: Problem Statement and Requirements Henning Schulzrinne, Laura Liess, Hannes Tschofenig, Barbara Stark,

Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.

March 2009 (IETF 74)IETF - ECRIT1 LoST synchronization draft-ietf-ecrit-lost-sync-04 Henning Schulzrinne Hannes Tschofenig IETF 74, San Francisco.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

The Next Generation Proof-of-Concept System.

ECRIT - IETF 74 (March 2009) - San Francisco Policy for defining new service-identifying labels draft-forte-ecrit-service-urn-policy-00 Henning Schulzrinne.

March 2006IETF65 - ECRIT1 Emergency Service Identifiers draft-ietf-ecrit-service-urn-01 Henning Schulzrinne Columbia University

Location Hiding: Problem Statement, Requirements, (and Solutions?) Richard Barnes IETF 71, Philadelphia, PA, USA.

SDO Emergency Services Coordination Workshop (ESW06) Report Hannes Tschofenig IETF 67, San Diego, November 2006.

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

Ernst Langmantel Technical Director, Austrian Regulatory Authority for Broadcasting and Telecommunication (RTR GmbH) The opinions expressed in this presentation.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

November 2006IETF67 - ECRIT1 A Dynamic Host Configuration Protocol (DHCP) based Location-to-Service Translation Protocol (LoST) Discovery Procedure draft-polk-ecrit-dhc-lost-discovery-01.

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

Status and Development of VoIP based emergency calls Alexander Mayrhofer, nic.at GmbH The 1st European Security and Safety Summit Brussels, June 2007.

1 Location Hiding Henning Schulzrinne Laura Liess Hannes Tschofenig.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning.

A Routing Extension for HELD draft-winterbottom-ecrit-priv-loc-04 James Winterbottom Hannes Tschofenig Laura Liess.

Response to Call Back questions IETF 77 – Anaheim Stephen McCann, RIM.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

ECRIT Virtual Interim Meeting 3rd June 2009, 1PM EDT (New York) Marc Linsner Hannes Tschofenig.

Together, we’re changing the world of NG9-1-1 Deployments and Standards Nate Wilcox CTO.

BRIAN ROSEN HANNES TSCHOFENIG HENNING SCHULZRINNE draft-rosen-ecrit-data-only-ea.

Core VoIP and 911 issues and alternatives Henning Schulzrinne Columbia University August 2003.

SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.

Emergency call assurance. Highest-level goals Protect PSAP resources –network resources –call takers Protect first-responder resources –unnecessary dispatch.

Emergency Context Resolution with Internet Technologies BOF (ecrit) Jon Peterson, Hannes Tschofenig BOF Chairs.

Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.

ECRIT IETF 70 December 2007 Vancouver Hannes Tschofenig Marc Linsner Roger Marshall.

August 2005IETF63 - SIMPLE1 Solving the identity crisis draft-ietf-geopriv-common-policy-05 Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg.

Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats-01.txt Hannes Tschofenig, Henning Schulzrinne, Murugaraj.

ECRIT requirements update draft-schulzrinne-ecrit-requirements-01 IETF 63 Aug 02, 2005 Roger Marshall

Emergency Context Resolution with Internet Technologies (ecrit) Hannes Tschofenig, Marc Linsner IETF 65.

7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.

Reducing Unwanted Communications in SIP (RUCUS) BOF Hannes Tschofenig Francois Audet.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-03.txt Hannes Tschofenig, Henning.

LoST Sync draft-ietf-ecrit-lost-sync-08.txt Henning Schulzrinne Hannes Tschofenig.

Emergency Context Resolution with Internet Technologies (ecrit) Hannes Tschofenig, Marc Linsner IETF 66, Montreal, June 2006.

Web Authorization Protocol WG Hannes Tschofenig, Derek Atkins.

Presentation Material ● PAR ● 5 Criteria ● ✔ Problem tutorial ● ✔ Why VoIP doesn't work today ● ✔ What is needed to fix it ● ✔ Working with ECRIT should.

Presentation Material ● PAR ● 5 Criteria ● ✔ Problem tutorial ● ✔ Problem statement (2-6) ● ✔ Why VoIP doesn't work today (7-8) ● ✔ What ECRIT has done.

ECRIT WG IETF-75 Trustworthy Location Bernard Aboba

Threat Modeling for Cloud Computing

12th April 2007, SDO Emergency Services Workshop 2007

Carrying Location Objects in RADIUS

Presence Composition draft-schulzrinne-simple-composition-00

Location Configuration at Layer 7

Hannes Tschofenig, Henning Schulzrinne, Bernard Aboba

Henning Schulzrinne Stephen McCann Gabor Bajko Hannes Tschofenig

Emergency Service Identifiers draft-ietf-ecrit-service-urn-01

Hannes Tschofenig Henning Schulzrinne M. Shanmugam

Emergency call assurance

LbyR discussion Henning Schulzrinne Hannes Tschofenig Richard Barnes

The Next Generation Proof-of-Concept System

Solving the identity crisis draft-ietf-geopriv-common-policy-05

IEEE Emergency Services

Henning Schulzrinne Hannes Tschofenig

Presence Composition draft-schulzrinne-simple-composition-00

Resource priority Henning Schulzrinne 19-Aug-19 52nd IETF - SLC.

Trustworthy Location ECRIT WG IETF 80 Tuesday, March 29, 2011

Presentation transcript:

Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne IETF74 - GEOPRIV

Why? “… but a user could report a false location. How can we prevent this?” –Popular discussion topic in the emergency services community IETF74 - GEOPRIV

Threat Models External adversary model: –End host & PSAP honest –Malicious middle (end host – LIS, end host – PSAP) Malicious infrastructure adversary model: –Malicious call routing elements (LIS, LoST, call routing) Malicious end host adversary model: –End host malicious –Owner may not be aware (bot) IETF74 - GEOPRIV

Location Spoofing Place shifting: Trudy, the adversary, pretends to be at an arbitrary location. –place shifting can be limited in range, e.g., to the coverage area of a particular cell tower. Time shifting: Trudy pretends to be at a location she was a while ago. Location theft: Trudy observes Alice's location and replays it as her own. Location swapping: Trudy and Malory, located in different locations, can collude and swap location information and pretend to be in each other's location. IETF74 - GEOPRIV

Call Identity Spoofing Document argues that the caller’s identity is an important piece in the entire deployment story to catch adversaries and hoax callers. Providing strong identity is not easy, as it might require changes to the existing practice of (some) VoIP providers –primarily those with “free” accounts Subject therefore relates to the unauthenticated emergency calls. IETF74 - GEOPRIV

Nothing is perfect Realistic goal is that “almost all” good calls are verifiable –rest is treated as suspicious when call taker resources are available –and will be lower priority during overload (“ranking”) Don’t need perfection in any single technique –combination of techniques likely works better –choose easiest-to-deploy –every call should have one at least one “is good” indicator IETF74 - GEOPRIV

Solution Highlights Document discusses the properties of –Location signing –Location by reference –Proxy adding location May include techniques that reduce scope for lying IETF74 - GEOPRIV

What’s Next? Submitted to ECRIT Got the advice to talk to GEOPRIV Description dates back to IETF#68, see s/geopriv-4/sld1.htm s/geopriv-4/sld1.htm –Scope got reduced over time. Is the document useful? IETF74 - GEOPRIV