security considerations for m2m ieee 802.16 presentation submission template (rev. 9) document...
TRANSCRIPT
Security considerations for M2MIEEE 802.16 Presentation Submission Template (Rev. 9)
Document Number:IEEE 802.16ppc-10/0037
Date Submitted:2010-07-09
Source:Eldad Zeira, Alex Reznik E-mail: [email protected] Communications Corp.
Venue:Session #68, San Diego
Base Contribution:None
Purpose:To be discussed and adopted by 802.16 Project Planning Committee / 802.16p
Notice:This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It represents only the views of the participants listed in the “Source(s)” field above. It is offered as a basis for discussion. It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material contained herein.
Release:The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that
this contribution may be made public by IEEE 802.16.
Patent Policy:The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>.Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and <http://standards.ieee.org/board/pat >.
204/18/23
• M2M networks are more vulnerable to security threats than traditional networks– … and handle highly critical missions
• Network attacks can lead to false situational awareness, loss of privacy, and even become physical attacks – Compromised by physical or remote reconfiguration or
impersonation
• SR recognizes this issue and recommends that it is in scope of the M2M PAR
304/18/23
• M2M devices handle highly critical missions while being… – deployed in highly distributed networks
– provisioned in the field and managed over the air
– operated without human supervision
• M2M networks and applications are vulnerable to:– Misleading reports
– Network (denial of service) attacks
– Loss of privacy
– Cyber attacks can become physical attacks
• The awareness of an attack is in itself an important security related information
404/18/23
Security susceptibilities of M2M use casesSusceptibility Misleading
reportsNetwork attacks(particularly for WAN)
Data privacy Cyber attacks become physical attacks
M2M use case
Secured access, surveillance , remote maintenance
False situational awareness
DoS attacks prevent obtaining of situational awareness
Tracking, tracing & recovery
False location reports
Prevents timely tracking
Public safety Similar to security , especially if acts of terrorism are considered
Payment Transmission of information to unauthorized parties
Health Care False situational awareness
Prevents awareness of emergency conditions
Transmission of information to unauthorized parties
Malicious control can have serious health implications
Smart grid Prevention of timely control requires unavailable electrical resources
Malicious control can cause lasting damage to grid
504/18/23
The vulnerabilities, more precisely…• Physical Attacks such as insertion of valid authentication tokens into a manipulated
device, inserting and/or booting with fraudulent or modified software (“re-flashing”), and environmental/side-channel attacks, both before and after in-field deployment.
• Compromise of Credentials comprising brute force attacks on tokens and (weak) authentication algorithms, physical intrusion, or side-channel attacks, as well as malicious cloning of authentication tokens residing on the device.
• Configuration Attacks such as fraudulent software update/configuration changes, mis-configuration by the owner, subscriber or user, mis-configuration or compromise of the access control policies.
• Attacks on the Network. These are the main threats to the network operator: Impersonation of devices, traffic tunneling between impersonated devices, mis-configuration of the firewall in the modem/router/gateways, Denial of Service (DoS) attacks against the core network. They may also include changing the device’s authorized physical location in an unauthorized fashion or attacks on the radio access network, using a rogue device.
604/18/23
Security requirements in SR (0002r7, sec. 4.7)
• 802.16 security functions, including integrity protection and the confidentiality for M2M service traffic shall be supported for M2M devices. Expected use cases for WAN M2M systems make them vulnerable to security threats in the form of physical or remote attacks on hardware, software / firmware, compromise of credentials, configuration and network attacks (e.g., denial of service).
• WAN M2M system should support appropriate level of authentication for the M2M device or M2M gateway to provide secure access to the authorized M2M devices. The system should support verification and validation of the exchanged data
704/18/23
What do we need to do?
• 5.7 Security (from SR)– Enhanced security may require changes to the
network entry/re-entry procedure.
• No other standardized changes in MAC / PHY are required
804/18/23
Proposed modification to M2M PAR scope
• This amendment specifies IEEE Std 802.16 medium access control (MAC) enhancements and minimal OFDMA PHY modifications to provide functionalities for efficient Machine to Machine communication. Enhancements are lower power consumption at the subscriber station, support by the base station of significantly larger numbers of devices, enhanced access priority, time-tolerant/controlled operation, improved device authentication at network entry and efficient support for small burst transmissions. This amendment provides continuing support for WirelessMAN-Advanced Air Interface and legacy WirelessMAN-OFDMA equipment.