ECRIT interim meeting - May 2005 1 Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

Slides:

Advertisements

Similar presentations

March 2008IETF 71 (Philadelphia) - ECRIT1 Unauthenticated emergency communications Henning Schulzrinne Gabor Bajko S. McCann Hannes Tschofenig draft-schulzrinne-ecrit-unauthenticated-access-02.

Advertisements

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

Emergency Services IAB Tech Chat 28 th February 2007 Hannes Tschofenig.

May 2007 PRESTO (Princeton, NJ) In-network Support for VoIP and Multimedia Applications Henning Schulzrinne Dept. of Computer Science Columbia University.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

July 2006IETF66 - ECRIT1 RELO: Retrieving End System Location Information draft-schulzrinne-geopriv-relo-00 Henning Schulzrinne.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.

Draft-ietf-ecrit-location-hiding-req Location Hiding: Problem Statement and Requirements Henning Schulzrinne, Laura Liess, Hannes Tschofenig, Barbara Stark,

Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.

Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.

A “net head” view on SIP Henning Schulzrinne Columbia University IRT Lab Siemens Munich -- January 2003.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Protecting VoIP networks against denial of service and service theft Henning Schulzrinne with Gaston Ormazabal (Verizon) and IRT graduate students Dept.

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

P2P SIP Names & Security Cullen Jennings

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.

KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.

Draft-rosen-ecrit-emergency- framework-00 Brian Rosen NeuStar CPa

1 Location Hiding Henning Schulzrinne Laura Liess Hannes Tschofenig.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning.

Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-ietf-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning Schulzrinne.

Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.

MWIF Confidential MWIF-Arch Security Task Force Task 5: Security for Signaling July 11, 2001 Baba, Shinichi Ready for MWIF Kansas.

Anonymity - Background R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.

Emergency call assurance. Highest-level goals Protect PSAP resources –network resources –call takers Protect first-responder resources –unnecessary dispatch.

Emergency Context Resolution with Internet Technologies BOF (ecrit) Jon Peterson, Hannes Tschofenig BOF Chairs.

Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.

Network Security Introduction

17 February 2016 SIPPING - IEPREP Joint Meeting Fred Baker - IEPREP co-chair Rohan Mahy - SIPPING co-chair.

Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats-01.txt Hannes Tschofenig, Henning Schulzrinne, Murugaraj.

Introduction to Network Systems Security Mort Anvari.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

ECRIT requirements update draft-schulzrinne-ecrit-requirements-01 IETF 63 Aug 02, 2005 Roger Marshall

7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

ECRIT - IETF 62 (March 2005) - Minneapolis 1 Requirements for Emergency Calling draft-schulzrinne-sipping-emergency-req-01 draft-ietf-sipping-sos-01 Henning.

ECRIT WG IETF-75 Trustworthy Location Bernard Aboba

Threat Modeling for Cloud Computing

12th April 2007, SDO Emergency Services Workshop 2007

In-network Support for VoIP and Multimedia Applications

Hannes Tschofenig, Henning Schulzrinne, Bernard Aboba

The study and demonstration on SIP security vulnerabilities

Henning Schulzrinne Stephen McCann Gabor Bajko Hannes Tschofenig

Thoughts on VoIP and Emergency Calling

Hannes Tschofenig Henning Schulzrinne M. Shanmugam

Securing the CASP Protocol

Emergency call assurance

BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)

IEEE Emergency Services

Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning Schulzrinne M. Shanmugam

ECRIT interim meeting - May Terminology Internet Access Provider (IAP) Emergency call routing support = routes calls (e.g., SIP proxy) Directory = maps location to PSAP address Asserted location information = somebody vouches for this information

ECRIT interim meeting - May Framework A(V)SP directory location provider (DHCP, …) IAP PSAP configuration information

ECRIT interim meeting - May Participant-visible threats Standard problems: –eavesdropping (privacy, interference with law enforcement) –modification of call content –preventing service to single user (burglar-cutting-phone-wire) Since no direct monetary gain, threat model focuses on disruption of emergency service to legitimate users –by causing infrastructure failure –by tying up call takers –by dispatching emergency responders Difference to most other systems –PSAP doesn’t care who you are as long as you don’t lie about the location or nature of the emergency

ECRIT interim meeting - May Layers of defense (DOS, crank calls) prevent or limit detect & filter prosecute

ECRIT interim meeting - May Threats Denial-of-service (resource exhaustion) attacks –entities affected: directory call routing infrastructure PSAP –resources network bandwidth processing human resources (call takers, first responders) Call identity spoofing –primarily to elude DOS attack prosecution

ECRIT interim meeting - May Authentication Classical requirement: “must be able to place call without authentication” Really? ≠ anonymity! Probably really want –place call without being a paying customer of IAP –thus, may still be known to service provider former customer third-party cert (e.g., some government authority) device cert (“payphone on corner of Third and Main”)

ECRIT interim meeting - May Details: security threat to one caller Confidentiality Modification to configuration information Modification of call information –call signaling –media PSAP impersonation

ECRIT interim meeting - May Details: infrastructure threats denial-of-service attacks modification of configuration information

ECRIT interim meeting - May Caller identity spoofing  authentication avoid delays during emergency call setups –avoid multiple round-trip times define authentication independent of customer relationships –e.g., might only need non-1918 IP address to determine port and customer

ECRIT interim meeting - May Location spoofing End user provided location –IAP provides assertion –limited usefulness if wide coverage area Emergency call router inserts –retrieved by V(A)SP from IAP –must be based on some identifier –IAP may sign Need to insert timestamp and identity –prevent replay and copy-and-paste attacks –identity may not be NAI IP address, MAC address primarily needed for traceability

ECRIT interim meeting - May Location spoofing threat mediation prevent wide-area spoofingavoid global attacks; avoid international jurisdictional issues accountability reasonable chance that the person can be brought to justice future calls from the same person are considered suspect prevent local-area spoofingattacker can’t pretend to be in place X prevent local-area collusionattacker can’t get friend to give him location information for X prevent local-area time cloning attacker can’t pretend to be in X now if they were in X earlier

ECRIT interim meeting - May Impersonating a PSAP Assurance of reaching an authorized or legitimate PSAP Attacker may intercept directory request or call routing request  Integrity-protect directory and signaling interactions Directory must be authoritative for information –may be hard to prove

ECRIT interim meeting - May Open issues Mixture of threat description and requirements Should requirements be merged into general requirements document (or remove security issues from general requirements document)?