Presentation is loading. Please wait.

Presentation is loading. Please wait.

Emergency call assurance

Published byJerome Johnston Modified over 5 years ago

Similar presentations

Presentation on theme: "Emergency call assurance"— Presentation transcript:

1 Emergency call assurance

2 Highest-level goals Protect PSAP resources
network resources call takers Protect first-responder resources unnecessary dispatch No worse than today local attack vs. non-local discourage abuse

3 Threats (D) DDOS (bots) (C) Hoax/crank calls (humans)
(L) from within local service area (R) outside local area (C) Hoax/crank calls (humans) (L) at correct location (R) at another (fake) location

4 Discouragement Distinguish bots from humans
including silent calls Catch likely remote (bogus) calls Catch perpetrators after the call discourages crank calls

5 can be signature or transitive trust (reference)
Tools and impact can be signature or transitive trust (reference) Coarse-grained location assertion e.g., IP address, provider POP, DSLAM, ... addresses D/R Fine-grained location e.g., geo, street address can be by value (“signing”) or reference address C/L Coarse-grained identity provider (VSP) addresses C/R? Fine-grained identity responsible party (caller) name & address may not be useful if outside jurisdiction addresses D/L, C/L, C/R (some)

6 Nothing is perfect Unlikely that every legitimate call will have the “good” bits set (signed, recognizable signer, trusted reference, ...) Realistic goal is that “almost all” good calls are verifiable rest is treated as suspicious when call taker resources are available similar to payphone calls today and will be lower priority during overload (“ranking”) Thus, don’t need perfection in any single technique combination of techniques likely works better choose easiest-to-deploy every call should have one at least one “is good” indicator

7 Deployment scenarios, from easy to hard
ISP = VSP includes large enterprise well-known (to PSAP) VSP, well-known ISP well-known VSP with strong customer authentication e.g., credit card address (“can sue”) could be emergency-only VSP well-known ISP with authentication well-known ISP without authentication “unauthenticated network access” e.g., guest on corporate or home hot spot or public WiFi unknown ISP/VSP e.g., out of area (“Sierra Leonian VSP”)

8 Concerns: Delegation identity assurance: subscriber identity within service provider SIP identity, PAI location signing: within enterprise (room/building level) ISP customers gets signed LO includes in calls or private key to sign own LOs? enterprise as trusted CA?

9 Questions: Value or Reference?
sign LO fine-grained or get LO from trusted/verifiable source via TLS? e.g., corporate LIS

Download ppt "Emergency call assurance"

Similar presentations

The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant

The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant
A responsibility based model EDG CA Managers Meeting June 13, 2003.

A responsibility based model EDG CA Managers Meeting June 13, 2003.
Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.

Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.

Trustworthy Location Information draft-tschofenig-ecrit-trustworthy- location draft-tschofenig-ecrit-trustworthy- location Hannes Tschofenig, Henning Schulzrinne.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.
ECRIT interim meeting - May 2005 1 Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.

ECRIT interim meeting - May Security Threats and Requirements for Emergency Calling draft-tschofenig-ecrit-security-threats Hannes Tschofenig Henning.
Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?

Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.
Practical Considerations for supporting Emergency Calls Brian Rosen Emergicom.

Practical Considerations for supporting Emergency Calls Brian Rosen Emergicom.
Discovery issues in atoca Brian Rosen. We need to handle several cases Some alerts are broadcast via some access network specific mechanism (multicast,

Discovery issues in atoca Brian Rosen. We need to handle several cases Some alerts are broadcast via some access network specific mechanism (multicast,
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.

Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
1 IETF 72 SIP WG meeting SIP Identity issues John Elwell et alia.

1 IETF 72 SIP WG meeting SIP Identity issues John Elwell et alia.
Emergency call assurance. Highest-level goals Protect PSAP resources –network resources –call takers Protect first-responder resources –unnecessary dispatch.

Emergency call assurance. Highest-level goals Protect PSAP resources –network resources –call takers Protect first-responder resources –unnecessary dispatch.
Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.

Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.
Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties Jari Arkko & Pekka Nikander Presented by Riku Honkanen.

Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties Jari Arkko & Pekka Nikander Presented by Riku Honkanen.
ECRIT - IETF 62 (March 2005) - Minneapolis 1 Requirements for Emergency Calling draft-schulzrinne-sipping-emergency-req-01 draft-ietf-sipping-sos-01 Henning.

ECRIT - IETF 62 (March 2005) - Minneapolis 1 Requirements for Emergency Calling draft-schulzrinne-sipping-emergency-req-01 draft-ietf-sipping-sos-01 Henning.

Similar presentations

Ads by Google