90 likes | 107 Views
This draft report presents security recommendations focusing on protecting incumbents and cognitive radios in white space technologies. It covers high-level threats, risk analysis, general recommendations for device security, low-layer security, and end-to-end security approach.
E N D
Security Ad-Hoc Report Draft Date: 2009-02-02 Authors: Alex Reznik, InterDigital
Abstract • This presentation summarizes the recommendations of the security ad-hoc group. • Currently a draft. Abstract to be removed once this becomes part of the tutorial Alex Reznik, InterDigital
Security Goals and General Approach • Within the context of white spaces, security design needs to focus on two goals: • Primary goal: Protection of Incumbents • This requires support of device security as discussed below • Secondary goal: Protection of Cognitive Radios • While secondary, this is a much larger problem them protection of incumbents • Requires a much more comprehensive approach • General Approach to Security • The ad-hoc recommends that an end-to-end security design approach be used in developing security aspects of white space technologies • Within 802 this means a focus on the following • The interfaces required for support of higher-level security technologies, such as data/application security, secure identity protocols, device security, etc. • Support of certain low-level security technologies as discussed below Alex Reznik, InterDigital
Risk Analysis (1/3)High Level Threats • Illegal Use of Spectrum • Attack on incumbents • Stealing from other secondary users • Denial of Service to other Secondary Users • Threats to coexistence protocols between secondary devices • Jamming and Similar Threat • Unauthorized disclosure or modification of “relevant” information • User location • Database • “Relevant” information is not correct • User location • Database info Alex Reznik, InterDigital
Risk Analysis 2/3Mapping Use Cases to Threats Alex Reznik, InterDigital
Risk Analysis 3/3 Alex Reznik, InterDigital
General Recommendations • Device Security • Key requirement for protection of incumbents • Ensures that devices cannot be modified to “break the rules” • Potentially required to pass FCC certification • While generally above MAC (and thus out of scope for 802), 802 should support the following • A “device security SAP” which provides key parameters required to make sure that the radio is compliant with required policies in real-time. The policies may include any of the following: FCC regulations, coexistence policies, intra-RAT protocol specification. • Low-Layer Security • Support of low-layer techniques is recommended to address the following • Incumbent classification / identification • identification of malicious and negligent impersonators • It is recommended that the WGs coordinate their efforts in this area • Sensor and location measurement security • Support of techniques that secure and attest sensor and location measurements of recommended • Protection of database information • Protection of database information on the device and over the air interface links is recommended Alex Reznik, InterDigital
End-to-End Security 1/2 Alex Reznik, InterDigital
End-to-End Security 2/2 Alex Reznik, InterDigital