Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Cross Support Issues Gordon Black (UK Space Agency) Howie Weiss (NASA/JPL) May 2011.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Cross Support Issues Gordon Black (UK Space Agency) Howie Weiss (NASA/JPL) May 2011."— Presentation transcript:

1 1 Cross Support Issues Gordon Black (UK Space Agency) Howie Weiss (NASA/JPL) May 2011

2 2 Background Cross Support Issues: – Email traffic (see subsequent slides) on the Security Working Group list in January 2011

3 3 Beginnings Hi all - Can we start a discussion about sharing services (other than SLE) in a secure way — that does not require credentialing people in every system? There are various ways of architecting a solution that allows an organization to rely on the authentication credentials of another organization, but it always boils down to whether or not Org A can trust Org B’s credentialing system. An approach can be used that does not require any organization to divulge their passwords to other organizations, while still allowing each other to rely on the other’s credentials. The big problem is coming up with a way to determine if an organization can trust the credentials of another organization (e.g., like the way Certificate Policies are used to determine if one should trust a particular Certificate Authority). Is there any interest in pursuing this topic? Thank you, Mike Pajevski NASA/JPL/Caltech

4 4 Scenario Hi Ignacio, Happy New Year too! A simple scenario is that a JPL Mars lander mission uses an ESA Mars orbiter relay like ExoMars or Mars Express to get data to/from a JPL control center. In order for the ESA teams for ExoMars & Mars Express to have access to JPL - provided information associated with the relay operations, JPL must give JPL usernames & passwords to the appropriate ESA team members. Similarly, JPL people must get the appropriate ESA/mission usernames & passwords if JPL team members need to access ESA-provided information/services. I am trying to think broadly about this problems - considering that it should be possible to architect software applications in a way that minimizes the need to "cross-credential" the users. Infrastructure security services, trust relationships, and other mechanisms can also come into play to support inter-organizational information exchanges without requiring "cross-credentialing". What do you think? V/r, Mike

5 5 More A while ago I had heard that someone/project was setting up a PKI within ESA to accomplish just what you are asking for. Also, the US DoD has had a long discourse in PKI interoperability/cross- certification which is only now seeing the fruits of their labors. See http://jitc.fhu.disa.mil/pki/pke_lab/partner_pki_testing/partner_pki_status. html for additional info. There is no reason why NASA, ESA, etc couldn't duplicate this sort of cross certification. All it takes is time, money, and people! Howie

6 6 More Mike, Thanks for the info. For a better understanding some additional questions. Are you assuming that the ESA ExoMars control center would receive the JPL Mars lander data in a similar manner as TDRSS provides data to their users/customers (ground interface)? If this is the case then I can understand that for NASA to recover these data from ESA some access control is required. But I was wondering if it is also possible to establish a radio interface between JPL and ESA ExoMars in which case there could be a question for ESA of granting access to the ExoMars relay (i.e., assigning a radio channel). I think I need to have a more detailed picture of the communications architecture and operations concept for such scenario. In any case, it seems to me there are some security problems to be dealt with. To me it is a communications resource/network management question between agencies. It would make sense to formulate in some more detail both the comm architecture and ops concept and analyse a bit the security aspects. Surely someone has already faced/thought about these questions with the present and future Mars networks. Ignacio

7 7 More All - While a trusted third-party is one way to go, it is not the only way. One desire is to allow people to use their home org credentials — not require them to go get more credentials from some third party. As Daniel notes below, the big issue is trust. Perhaps a good place to start is outlining the criteria that an organization can use to determine if they trust another organization’s credentials. And that’s just half of it. Depending on the type of credential, particularly plain passwords, an organization (e.g., Org A) must be able to determine if they trust another org (Org B) enough to let Org B have access to Org A’s credentials (i.e., the services/servers run by Org B could “see” the passwords of the users in Org A that use Org B’s services). Some of the discussion (outside this group) I’ve heard so far is based on the use of LDAP and (I assume) plain passwords for credentials. The PKI based approaches some have mentioned would be far more secure. Quite frankly, I am not sure which is the longer tent pole – agreeing on a reasonable set of trust criteria or maturing the various organizations’ credentialing systems up to a PKI based approach (including the case of using common PKI(s)). The latter is not a “must have” - but it would be preferable to working with LDAP/passwords. The former tent pole is a “must have” - for which we have models to follow, such as Certificate Policies for PKIs. Thx, Mike

8 8 More Indeed the issue of trust is essential. Just to share a thought on this on a different but well known scenario for most us: Space Data Link security. While preparing for the London meeting I was considering (once more!) the pro's and con's of protecting full frames (all fields, no exception). One of the best pro arguments I found was that in this way the agency (A) sending/receiving TC/TM through a Ground Station of another agency (B) would not need to trust such agency (B). But then I considered that if such was the state of affairs that agencies could not trust each other it would be much easier for agency (B) to 'screw' agency (A) simply by blocking/delaying doing all sorts of tricks at 'availability' level. In conclusion, without trust between agency A and agency B the SDLS protocol would make no sense. And by the way, the same consideration applies to cross-support without security protocols. A proposed hypothesis: membership to CCSDS and cross-support agreements shall imply/enforce 'trust' between agencies. How is this done? Should we discuss this general 'trust' topic at the next meeting? Kind regards, Ignacio

9 9 Discussion Points

Download ppt "1 Cross Support Issues Gordon Black (UK Space Agency) Howie Weiss (NASA/JPL) May 2011."

Similar presentations

EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.
The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.

The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.
CCSDS Cross Support Services Issue 0.1 October, 2008 Takahiro Yamada, JAXA/ISAS Peter Shames, NASA/JPL.

CCSDS Cross Support Services Issue 0.1 October, 2008 Takahiro Yamada, JAXA/ISAS Peter Shames, NASA/JPL.
S3 Useful Expressions.

S3 Useful Expressions.
Www.opendaylight.org Secure Network Bootstrapping Infrastructure May 15, 2014.

Secure Network Bootstrapping Infrastructure May 15, 2014.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
SDLS impact on TM, AOS, TC Space Data Link Protocols Greg Kazz NASA/JPL Oct 16/17, 2012.

SDLS impact on TM, AOS, TC Space Data Link Protocols Greg Kazz NASA/JPL Oct 16/17, 2012.
Secure Communication Architectures.

Secure Communication Architectures.
21 mai 2015 Bridges between Certification Authorities.

21 mai 2015 Bridges between Certification Authorities.
Folie 1 Service Oriented Architecture - Prototyping study - DLR/GSOC Author: S.Gully.

Folie 1 Service Oriented Architecture - Prototyping study - DLR/GSOC Author: S.Gully.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.

SOA Security Chapter 12 SOA for Dummies. Outline User Authentication/ authorization Authenticating Software and Data Auditing and the Enterprise Service.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
The Great Debate! What it is and How to do it!. BASIC TERMS! Debate: a game/discussion in which two opposing teams make speeches to support their arguments.

The Great Debate! What it is and How to do it!. BASIC TERMS! Debate: a game/discussion in which two opposing teams make speeches to support their arguments.
Doc.: IEEE 802.19-10/0104r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide 1 Channel Selection Support in TVWS Date: 2010-07-14 Authors:

Doc.: IEEE /0104r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide 1 Channel Selection Support in TVWS Date: Authors:
1 CROSS SUPPORT SERVICE ARCHITECTURE Takahiro Yamada (JAXA/ISAS) CCSDS Meeting, Heppenheim, Germany 2 October 2007.

1 CROSS SUPPORT SERVICE ARCHITECTURE Takahiro Yamada (JAXA/ISAS) CCSDS Meeting, Heppenheim, Germany 2 October 2007.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Similar presentations

Ads by Google