100 likes | 246 Views
Securing the CASP Protocol. Hannes Tschofenig CT IC 3. Creating a Security Solution for CASP. Threat-Analysis. Security Requirements. Framework Thoughts. Custom Security. Existing Security.
E N D
Securing the CASP Protocol Hannes Tschofenig CT IC 3
Creating a Security Solution for CASP Threat-Analysis Security Requirements Framework Thoughts Custom Security Existing Security Key Management (authentication, authorization, session key establishment), Signaling message protection (integrity, confidentiality, replay protection), authorization, denial of service protection, identity protection, topology hiding, protocol specific security issues
CASP Protocol PartsImplication for Security • Many usage scenarios have to be supported • Unlike RSVP a transport connection is established • Unlike RSVP the next peer has to be known in advance before a CASP payload message is sent • Using existing security mechanisms does not always fit 100% • CASP tries to be more complete than RSVP • Security also includes key management aspects and addresses framework issues
Security for the Discovery ComponentThe Scout Protocol • Threat • Denial of service attacks, man-in-the-middle attacks, downgrading of security or capabilities • Problems • Other node is unknown (reason for discovery) • Message is restricted to a single roundtrip and message size is small • Security protection can easily introduce other attacks such as DoS • Solution • Scout message contains only very few protection mechanisms BUT • Subsequent the subsequent message exchange has to repeat information and • Has to provide some additional security verifications
Security for the Transport Layer • Threat • Attacks against the transport layer can cause a connection abort. • Problems • Vulnerability of TCP itself • TLS does not protect TCP header • Solution • If attack is a concern then • Use IPSec at network layer • Use the more robust SCTP
Security for the Messaging Layer • Threat • Messaging layer contains security relevant information for a variety of attacks • Problems • More than a single security mechanisms has to be supported • (for different parts of the network and different usage scenarios) • Solution • IPSec • TLS (possibly with EAP on top of it) • Many different key exchange protocols supported (IKE, KINK, SOI, etc.) • Efficiency gained by reusing security association more a number of client-layers and a number of messages.
Security for the Client-Layers • Threat • Intermediate CASP node is able to inspect and modify information • Problems • Peer-to-Peer protection not always sufficient • Examples: Authorization tokens, transport of local information, selectively protecting objects, transporting sensitive information • Solution • CMS used to selectively wrap objects and to provide protection for them. • For investigation: Reusing of a CMS security association
Miscellaneous Issues • Non-Repudiation • Rarely required • Supported for client-layer protocols by using digitally signed encapsulated objects (CMS) and possibly applying a counter-signature by the other party • Denial of Service Prevention • Network Topology Hiding • Supported for Record Route object • Additionally supported by removing addresses from a (strict or loose) route object
Miscellaneous Issues • Authorization • Supports both “online” or “offline” authorization • “Online” authorization requires protocol interaction with third party entity (AAA-based). EAP/Diameter support is possible. Identity mapping possibly required • “Offline” authorization supported via Kerberos authorization information or attribute certificate • Authorization language is open issue – research required. • Usage of specific authorization information is scenario and environment dependent.