World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14...
-
Upload
bernice-newton -
Category
Documents
-
view
214 -
download
0
Transcript of World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14...
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS
World Class Standards
ANFOV - Milano, 14 November 2007
Autore:Paolo DE LUTIIS
Telecom ItaliaSecurity Innovation
ETSI TISPAN NGN Security
Presentazione per l’Osservatorio Sicurezza Anfov
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 2
World Class Standards
Table of Contents
ETSI TISPAN: WG7 activities
TISPAN NGN overview
TISPAN NGN security: Security areas Network Domain Security TISPAN IMS Security
• IMS-AKA• NASS bundled• HTTP DIGEST
Application security
TISPAN NGN Security Standards Main technical documents
Conclusion
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS
World Class Standards
ETSI TISPAN: WG7 activities
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 4
World Class Standards
WG7 - security
TISPAN Working Group (WG) 7 is responsible for the management and co-ordination of the development of security specifications for TC TISPAN.
For TISPAN NGN, TISPAN WG7 is responsible for:
Defining the security requirements;
Defining the security architecture for NGN;
Conducting threat and risk analyses for specific NGN use cases;
Proposing security countermeasures;
WG7 security standardization process is risk-based. The Threats, Vulnerability and Risk Analysis (TVRA) methodology has been defined specifically to address the needs of the NGN security. The TVRA is ISO15408 (Common Criteria)-based
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 5
World Class Standards
WG7 security – Current focus (NGN rel. 2):
Fixed-mobile convergence (authentication schema coexistence)
Media security
Network Address Translation
IPTV security
Impact of unsolicited communication in the NGN environment
Identity Management
Customer Premises Network Security
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 7
World Class Standards
TISPAN NGN outline
UMTS
FTTx
WiFi/WiMax
xDSLPSTN / ISDN
BroadcastIP Transport layer
NASS RACS
Service layer PES
Other…
UserProfile
ApplicationsP
ST
N
Other netw
ork
IMS
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 9
World Class Standards
Security areas
NGN
Access Security
Interconnection Security
Intra-Operator Security
Subsystems
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 10
World Class Standards
Security Domains
A security domain (TS 187 003) consists of the functional entities administered by a single authority (e.g. the same operator's network). A security domain is required to: protect the integrity and the confidentiality of its functional elements, ensure the availability of the elements and activities under its
protection.
Interdomain interfaces are protected by security gateway functions (SEGF)
SEGFs connect domains using IPsec in ESP tunnel mode with Internet Key Exchange (IKE) The actual inter-security domain policy is not standardized and is left
to the discretion of the roaming agreements of the operators
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 11
World Class Standards
TISPAN NGN Security Domains
SEGF SEGF
SEGF
SEGF
SEGF
SEGF
SEGF
SEGFAccess NetworkSecurity Domain
Visited NetworkSecurity Domain
Home NetworkSecurity Domain
3Party ASPSecurity Domain
3Party ASPSecurity Domain
SEGF Securty Gateway Function
IPSEC tunnel
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 12
World Class Standards
Access Security
Access domain registration involves access-level authentication and authorization procedures between the UE and the Access Network.
Fixed broadband access (and non-3GPP WLAN access) may employ different access domain registration methods based on the access network configuration and operator policy.
These solutions usually do not rely on any kind of security token. An AAA infrastructure is used for bearer-level registration.
TISPAN requirements (TS 187 001) states that NGN shall support both the use explicit (e.g. PPP or IEEE 802.1x) and/or implicit line authentication (e.g. MAC address authentication or line authentication) of the users/subscribers at the NASS layer.
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 13
World Class Standards
IMS Security
The IMS is independent of the transport network. The identity of the accessing UE is checked at the edge of the
IMS. The nodes in the IMS domain will trust SIP messages with asserted identity headers.
At the border of the IMS the P-CSCF is in charge of authenticate the UE and insert within each SIP request an asserted identity (token). This identity is passed between nodes in the IMS domain, with no need for further authentication.
IMS Authentication options (TS 187 001): Full IMS security: Authentication and Key Agreement (AKA) as
defined by 3GPP (plus NAT traversal) Early deployment scenarios:
• NASS bundled authentication• HTTP DIGEST
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 14
World Class Standards
IMS and call control
P-CSCF
I-CSCF
S-CSCF
P-CSCF
I-CSCF
S-CSCF
P-CSCF
I-CSCF
S-CSCF
Access Access
Visited Home Called
UPSF UPSFDNS
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 15
World Class Standards
UE
Full IMS Security (IMS-AKA)
NASS
P-CSCF I/S-CFCS UPSF
IMS
NASS Auth.
UICC
User credential and
secret Key
IPSEC protects signalling confidentiality and integrity
User profile, credential and
keys
NGN and UE are mutually authenticated (AKA)
SIP protocol
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 16
World Class Standards
UE
NASS Bundled Authentication (NBA)
NASS
P-CSCF I/S-CFCS UPSF
IMS
NASS Auth.
SIP protocol
CLF
NO UICC and NO IMS
credential required
NO IPSEC, the signalling is transmitted
in the clear
The authentication is one-way: only the NGN authenticates the UE
User profile, no credential
required
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 17
World Class Standards
HTTP Digest (HD)
UE
NASS
P-CSCF I/S-CFCS UPSF
IMS
NASS Auth.
SIP Protocol
NO UICC required (user credential and keys in the UE
memory)
Explicit authenticationNO IPSEC: the signalling is
transmitted in the clear
User profile, credential and
keys
NGN and UE are mutually authenticated
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 18
World Class Standards
Application Security (optional)
UE
UICC
AS
BSF UPSF
HD over TLS
GBA-u mode
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS
World Class Standards
ETSI TISPAN NGN Security Standards
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 20
World Class Standards
Security ETSI TISPAN specifications
Main Technical Specification NGN Security requirements (TS 187 001) NGN Security architecture (TS 187 003) NGN Lawful Interception functional entities, information flow and
reference points (TS 187 005)
Main Technical Report (feasibility studies). NGN Threats, Vulnerability and Risk Analysis (TVRA) (TR 187 002) NAT traversal (TR 187 008) Media security (TR 187 007) Impact of unsolicited communication in the NGN (WI 07 025) Identity Management (WI 07 027) Data Retention (WI 07 032)
All the TISPAN activities related to the core IMS have been delegated to the 3GPP
ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS 22
World Class Standards
Conclusions NGN is divided into Security domains. Domains are considered to
be trusted environment Core or intra-domain security is mainly under the responsibility of
the Operator Inter-domain security is provided by SEGF Access Authentication is performed on both service layer (e.g.
IMS) and network attachment (NASS) IMS-AKA (as defined by 3GPP plus NAT support) is the preferred
solution for IMS authentication: Identity and keys stored on smart card (UICC) Mutual authentication between Network and UE (AKA) IPSEC for the protection of the signalling only
Other authentication mechanisms (NBA, HD) have been defined for early deployment scenarios (short term solutions).