1 / 10

MI5: Security, Privacy, Identity

MI5: Security, Privacy, Identity. Klaas Wierenga Mobile Internet Summit #2 San Jose, October 10, 2008. Background. Mobile Internet Summit 15/16 July: number of possible solutions 3GPP solutions GSE/8+8 LISP HIP MIPv6 NEMO/MANET … All (?) only address part of the problem space

Download Presentation

MI5: Security, Privacy, Identity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. MI5: Security, Privacy, Identity Klaas Wierenga Mobile Internet Summit #2 San Jose, October 10, 2008

  2. Background • Mobile Internet Summit 15/16 July: number of possible solutions • 3GPP solutions • GSE/8+8 • LISP • HIP • MIPv6 • NEMO/MANET • … • All (?) only address part of the problem space • Multilayer • Security requirements very generic, i.e. not very helpful ;-( • Major issues: • EID-RLOC separation, • Roaming network access, • Privacy & identity

  3. EID-RLOC separation • Current implicit binding between routing locator (RLOC) and endpoint identifier (EID): the IP-address • Proposals for mobile Internet separate the two for session continuity (and multihoming) • Idea behind Locator/Identifier split: • EID: used to identify host • RLOC: used for packets routing • One identity can be associated with one or more locations • Necessitates some mapping function or agent, somewhere

  4. EID-RLOC separation threats • spoof EID of client(s) • spoof EID of server • intercept traffic between client and server or between clients • flood a 3d party • prevent establishing a session • interrupt a session

  5. Roaming Network Access • Roaming between operators (unlikely that a single operator has enough market share to allow for a non-roaming solution) • Different administrative domains • Contract with many providers or pay as you go undesirable • (Trust between subscriber and home operator and between home operator and visited operator • Uniquely identify users for network/service access • Require some kind of roaming agreement and technology for remote authN/AuthZ

  6. Roaming access threats • Hijack identity of user • Hijack session of user • Access provider as IdP falsely claiming to belong to the trust fabric • Access provider as SP falsely claiming to belong to the trust fabric

  7. Privacy & Identity • Proposals assume often a persistent EID, even tied to hardware ID • EIDs can be related to individuals • Access to EID/RLOC mapping can imply access to location of individuals • EID =/= person ID • Person ID =/= person ID (i.e. multiple roles) • Remote authentication process across untrusted networks • Require protection of personal data • Require binding between person ID/role and network access

  8. Privacy & identity threats • Expose user credentials to 3d party • Expose user location to 3d party • Expose other personal information to third party • Compromise mapping between personal ID and endpoint ID and role based access.

  9. Next steps • Stronger collaboration across teams • Gather input from other subgroups on various technologies • Scope of the technology • Detailed description of the EID, RLOC and mappings semantics (inter- and intra-provider, expiry, revocation etc.) • Detailed description of roaming scenario (authentication flow, authorization, lawful intercept, accounting/billing, emergency services) • Analyze technologies along identified axes • Create set of security and privacy requirements

More Related