Security and LI; ETSI - PowerPoint PPT Presentation

About This Presentation

Title:

Security and LI; ETSI

Description:

ETSI works in Protocols, Algorithms and Systems. Specialist Technical Bodies ... SAGE offer crypto design, testing and analysis services ... – PowerPoint PPT presentation

Number of Views:23

Avg rating:3.0/5.0

Slides: 17

Provided by: scottc95

Category:

more less

Transcript and Presenter's Notes

Title: Security and LI; ETSI

1
Security and LI ETSIs role in standards
GSC9/Joint_013
SOURCE ETSI (TC LI)
TITLE Security and LI ETSIs role in standards
AGENDA ITEM Joint 4.3
CONTACT Scott Cadzow (scott_at_cadzow.com)

1
GSC-9, Seoul
2
Security

New challenges and maintenance

3
ETSIs track record

ETSI works in Protocols, Algorithms and Systems
Specialist Technical Bodies
Develop protocols and security frameworks
Authentication, key distribution, signature
Examples TETRA, DECT, DVB, GSM/UMTS
Algorithm expertise
SAGE offer crypto design, testing and analysis
services
Develop public and restricted algorithms
including A5/x, Milenage, TETRA-TEAx,
Systems
Electronic signature, e-commerce, TETRA, TISPAN

4
Smart cards

SCP Smart Card Platform Group
Mobile radio - 3G and GSM and other standards
Objective is to make multi application cards
Additional Communication and Financial
applications
Machine readable cards
Access tokens in public transport
Banking and payment
Healthcare

5
Major area of work

In following ETSIs remit as a telecommunications
standardisation body primary focus to date has
been
ComSec Communications Security
Primarily provision of security equivalent to the
fixed network for radio based access technologies
TETRA, DECT, GSM/UMTS

6
New environment, new challenges

Telecommunications not telephone network
Service providers often not networking providers
Convergence of IT and tele-communications
ITSec joins ComSec
Fixed network not as trusted as 10 years ago
Equivalence to fixed network no longer sufficient
Packet versus circuit challenge
Routing versus switching challenge
Mix of traffic sharing the network
Mix of traffic value on shared network
Mobility of users no longer just a radio problem
Number portability
Remote access

7
New challenge - Assurance

NIS report stresses importance of assurance
Information Technology based (ITSec, Common
Criteria)
Recommendation to extend to ComSec
Challenge is how?
ETSI, through TISPAN, will answer this challenge
Guide to use of methods for security standards
development to allow compliant products to
achieve assurance level
Conformance as well as interoperability based

8
Lawful interception

Interception challenges and Handover capabilities

9
What is lawful interception?

Used in the support of criminal investigation and
to counter terrorism
Applies to data in transit
It is not a search of records
Applied to any data in transit
Signalling
Speech
Video
E-mail
Web
Etc.

10
Why ETSI?

Source of many communications protocols
Knowledge centre for how to intercept
Membership driven
National and regional requirement to support LI
identified to members
Lower cost to members if protocol and data model
is standard (one model fits wherever the
communications protocols are used)

11
Simple architecture
12
More technically
13
Who does what in ETSI?

Division by function
Handover
Interception
Handover
Led by TC LI
Defines means for delivering intercepted
signalling and communication to LEMF
Interception
Performed within technology TBs
Defines how technology specific data is
intercepted

14
The documents (handover)

Architecture
TR 101 943v111, Concepts of Interception in a
Generic Network Architecture
Handover
ES 201 671, Handover interface for the lawful
interception of telecommunications traffic
This covers handover for 64kb/s switched networks
(Annex A), packet switched handover (Annex B),
use of ROSE (or FTP) for HI2 (Annex C)
TS 102 232, Handover Specification for IP
Delivery

15
The documents (interception)