1 / 16

Security Requirements for Highly Mobile Devices

Security Requirements for Highly Mobile Devices. Bob Beach Symbol Technologies. Purpose. Focus on security requirements of highly mobile devices Distinguish them from PC based enterprise systems Also from Consumer/Home devices Describe general characteristics of such units

nuri
Download Presentation

Security Requirements for Highly Mobile Devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Requirements for Highly Mobile Devices Bob Beach Symbol Technologies

  2. Purpose • Focus on security requirements of highly mobile devices • Distinguish them from PC based enterprise systems • Also from Consumer/Home devices • Describe general characteristics of such units • How devices are used • How they are constructed • How organizations that use them operate • Present security requirements • Kerberos and HMD

  3. What are Highly Mobile Devices (HMD)? • Devices include: • Data collection/entry terminals • Telephones • Mobile machines (e.g. robot/autonomous devices) • Embedded personal devices (Medical patient monitoring systems) • HMD were one of the original drivers for 802.11 • Lots of installed systems/units (just 802.11) • Symbol Technologies alone: 100,000 sites; 1M+ devices • Other vendors have similar installed user bases

  4. HMD Attributes (1) • Application Oriented • Customized for environment and/or application • hardware, software, user interface • Not a general purpose device • Users are task oriented and the HMD is a tool for them • Relatively simple applications • Users: • retail clerks - warehouse workers - package sorting • hospital workers - transportation and logistics • prison guards - airline and hotel checkin - baggage handlers • law enforcement - manufacturing workers - stock traders

  5. HMD Attributes (2) • Not A Personal Device • Owned by organization, not individual • Device does not leave the facility • A device may be used by many different individuals during a day • Individual may use device on shift or task basis • Little or no personal “connection to device” • no user specific data and few user options • Many devices are interchangeable • Expected to operate a shift on single battery charge • 8-10 hours • 1000’s of transactions in that time period

  6. HMD Attributes (3) • Device/user moves frequently • Mobility is key reason for such existence of such devices • Roaming takes place often and for a variety of reasons • physical movement and/or load balancing between APs • Users expect transitions between APs to be undetected • Device Hardware • very limited performance CPU (a few MIPs) • limited memory (512KB to a few MB) • specialized keyboard/display • application oriented peripherals (bar code reader, audio, etc.) • WLAN interface integrated into device

  7. HMD Attributes (4) • Device Software • Often simple OS • Unit boots to application • 1-3 applications • Software updated over network

  8. Organizations that use HMDs • Not “office/enterprise” oriented • may have an office/enterprise element (headquarters) but primary business activity is not office oriented • Extreme variation in site configuration • Many sites or few very large sites • e.g. 4000 retail locations or three 4M sq ft warehouses • Often little or no onsite MIS knowledge • Network infrastructure is simple but sufficient • may be tied into organization network • HMDs are key to operation of business • if WLAN fails, the business stops

  9. Organizations that use HMDs (2) • Wide variety of onsite servers • All variations of Unix • Windows NT (3.5 and 4.0) • Windows 2000 • Limited authentication facilities • User logins are at the application level, not device level • more for identification purposes than security • No dial-in access by employees (may be expressly forbidden) • No formal authentication servers

  10. Voice HMDs • VOIP telephones using a variety of call setup protocols • H.323, SIP, proprietary • Voice signals are digitized, compressed, and packetized • G.729 produces a block of compressed voice every 10ms • Combine 2-4 blocks into one 802.11 packet (20-40ms) • Full duplex operation • One lost cell represents 20-40ms of voice which is detected by the user • Roaming is frequent and expected to be invisible • Roaming triggered by both signal and load considerations

  11. Security Considerations (1) • For many organizations that use HMD, operation of WLAN is key to operation of business • if WLAN stops working, business stops • if information on network is damaged/destroyed, business stops • One major cause for a WLAN to stop working are due to security breaches • Prevent devices from attaching to real Access Points • Allow unauthorized devices to attach to network • may damage or destroy critical data • gain access to larger organization network

  12. Security Considerations (2) • Systems must operate with little or no onsite support • Once system is installed, the goal is never to touch it • No one onsite to debug problems or deal with attacks • Remote support may be available • New devices added frequently due to damage/loss • Many sites are security “innocents” that may be completely unaware of security issues and/or possible attacks even when happening • Cost is major consideration for organizations with 1000’s of sites

  13. Security Requirements • In some ways not very different than base Tgi requirements: • Mutual authentication of clients and APs • Per session encryption keys with key lifetime support • Improved encryption algorithms (but without any new hardware) • Some elements are more important for HMD than for PC/enterprise systems • Fast and frequent roaming • Limited capability clients • Large installed base of clients and APs

  14. Kerberos and HMD (1) • Kerberos is well suited for HMD • Provides mutual authentication • Provides unique key distribution with key lifetime support • Limited demands on client and AP memory/CPU resources • implemented on 10 MHz 80188 CPU in less than 48K memory • Supports PC/Enterprise model as needed • e.g. supports both HMD and PCs • Provides fast roaming support

  15. Kerberos and HMD (2) • Self contained protocol that does not require other protocols to meet goals (e.g. Certificates, IAPP, etc) • KDCs are available for most server configurations • “Issues” with Kerberos are not significant in most HMD sites • Username/Password may be selected for maximum security since they are stored on device and not entered by human user. • Yet any lost/stolen device can easily be blocked from network

  16. Conclusions • HMD are widespread and are critical to the operation of many businesses • HMD are quite different from PC/enterprise model in what they are used for and who uses them • Any TGI proposal must take into account the needs of HMD • Kerberos is an excellent solution for HMD

More Related