1 / 10

Securing the CASP Protocol

Securing the CASP Protocol. Hannes Tschofenig CT IC 3. Creating a Security Solution for CASP. Threat-Analysis. Security Requirements. Framework Thoughts. Custom Security. Existing Security.

clark
Download Presentation

Securing the CASP Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing the CASP Protocol Hannes Tschofenig CT IC 3

  2. Creating a Security Solution for CASP Threat-Analysis Security Requirements Framework Thoughts Custom Security Existing Security Key Management (authentication, authorization, session key establishment), Signaling message protection (integrity, confidentiality, replay protection), authorization, denial of service protection, identity protection, topology hiding, protocol specific security issues

  3. CASP Protocol PartsImplication for Security • Many usage scenarios have to be supported • Unlike RSVP a transport connection is established • Unlike RSVP the next peer has to be known in advance before a CASP payload message is sent • Using existing security mechanisms does not always fit 100% • CASP tries to be more complete than RSVP • Security also includes key management aspects and addresses framework issues

  4. Security for the Discovery ComponentThe Scout Protocol • Threat • Denial of service attacks, man-in-the-middle attacks, downgrading of security or capabilities • Problems • Other node is unknown (reason for discovery) • Message is restricted to a single roundtrip and message size is small • Security protection can easily introduce other attacks such as DoS • Solution • Scout message contains only very few protection mechanisms BUT • Subsequent the subsequent message exchange has to repeat information and • Has to provide some additional security verifications

  5. Security for the Transport Layer • Threat • Attacks against the transport layer can cause a connection abort. • Problems • Vulnerability of TCP itself • TLS does not protect TCP header • Solution • If attack is a concern then • Use IPSec at network layer • Use the more robust SCTP

  6. Security for the Messaging Layer • Threat • Messaging layer contains security relevant information for a variety of attacks • Problems • More than a single security mechanisms has to be supported • (for different parts of the network and different usage scenarios) • Solution • IPSec • TLS (possibly with EAP on top of it) • Many different key exchange protocols supported (IKE, KINK, SOI, etc.) • Efficiency gained by reusing security association more a number of client-layers and a number of messages.

  7. Security for the Client-Layers • Threat • Intermediate CASP node is able to inspect and modify information • Problems • Peer-to-Peer protection not always sufficient • Examples: Authorization tokens, transport of local information, selectively protecting objects, transporting sensitive information • Solution • CMS used to selectively wrap objects and to provide protection for them. • For investigation: Reusing of a CMS security association

  8. Miscellaneous Issues • Non-Repudiation • Rarely required • Supported for client-layer protocols by using digitally signed encapsulated objects (CMS) and possibly applying a counter-signature by the other party • Denial of Service Prevention • Network Topology Hiding • Supported for Record Route object • Additionally supported by removing addresses from a (strict or loose) route object

  9. Miscellaneous Issues • Authorization • Supports both “online” or “offline” authorization • “Online” authorization requires protocol interaction with third party entity (AAA-based). EAP/Diameter support is possible. Identity mapping possibly required • “Offline” authorization supported via Kerberos authorization information or attribute certificate • Authorization language is open issue – research required. • Usage of specific authorization information is scenario and environment dependent.

  10. Are there any questions?

More Related