90 likes | 105 Views
Security Ad-Hoc Report Draft. Date: 2009-01-30. Authors:. Abstract. This presentation summarizes the recommendations of the security ad-hoc group. Currently a draft. Abstract to be removed once this becomes part of the tutorial. Security Goals and General Approach.
E N D
Security Ad-Hoc Report Draft Date: 2009-01-30 Authors: Alex Reznik, InterDigital
Abstract • This presentation summarizes the recommendations of the security ad-hoc group. • Currently a draft. Abstract to be removed once this becomes part of the tutorial Alex Reznik, InterDigital
Security Goals and General Approach • Within the context of white spaces, security design needs to focus on two goals: • Primary goal: Protection of Incumbents • This requires support of device security as discussed below • Secondary goal: Protection of Cognitive Radios • While secondary, this is a much larger problem them protection of incumbents • Requires a much more comprehensive approach • General Approach to Security • The ad-hoc recommends that an end-to-end security design approach be used in developing security aspects of white space technologies • Within 802 this means a focus on the following • The interfaces required for support of higher-level security technologies, such as data/application security, secure identity protocols, device security, etc. • Support of certain low-level security technologies as discussed below Alex Reznik, InterDigital
Risk Analysis (1/3) Alex Reznik, InterDigital
Risk Analysis 2/3 Alex Reznik, InterDigital
Risk Analysis 3/3 Alex Reznik, InterDigital
General Recommendations • Device Security • Key requirement for protection of incumbents • Ensures that devices cannot be modified to “break the rules” • Potentially required to pass FCC certification • While generally above MAC (and thus out of scope for 802), 802 should support the following • A “device security SAP” which provides key parameters required to make sure that the radio is compliant with required policies in real-time. The policies may include any of the following: FCC regulations, coexistence policies, intra-RAT protocol specification. • Low-Layer Security • Support of low-layer techniques is recommended to address the following • Incumbent classification / identification • identification of malicious and negligent impersonators • It is recommended that the WGs coordinate their efforts in this area • Sensor and location measurement security • Support of techniques that secure and attest sensor and location measurements of recommended • Protection of database information • Protection of database information on the device and over the air interface links is recommended Alex Reznik, InterDigital
End-to-End Security 1/2 Alex Reznik, InterDigital
End-to-End Security 2/2 Alex Reznik, InterDigital