Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

TR50-20121030-013R2__PN-4940.022

advertisement 
PN-4940.022: Smart Device Communications; Securing and Deploying Applications
1
2
Contents
3
4
1)
INTRODUCTION ............................................................................................................................... i
5
2)
REFERENCES ................................................................................................................................... ii
6
2.1
Normative References .................................................................................................................. ii
7
2.2
Informative References ................................................................................................................ ii
8
3)
DEFINTIONS, SYMBOLS AND ABBREVIATIONS ............................................................................... 3
9
3.1
Definitions ..................................................................................................................................... 3
10
3.2
Abbreviations ................................................................................................................................ 4
11
4)
Cryptology Introduction ................................................................................................................. 5
12
4.1
Block Cipher .................................................................................................................................. 5
13
4.2
Stream Cipher ............................................................................................................................... 6
14
4.3
Symmetric Cryptography .............................................................................................................. 6
15
4.4
Asymmetric Cryptography ............................................................................................................ 6
16
4.5
Key ................................................................................................................................................ 6
17
4.6
Digital Signature ............................................................................................................................ 6
18
4.7
Hash .............................................................................................................................................. 7
19
5)
Deploying and Securing Applications ............................................................................................. 8
20
21
Contents
|
i
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
List of Figures
2
Figure 1 - Certificate Chaining .................................................................................................8
3
Figure 2 - Architecture for Securing and Deploying Applications............................................9
4
List of Figures
|
ii
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
Foreword
2
(This foreword is not part of this Standard.)
3
This document was formulated under the cognizance of the TIA Committee
TR-50, Smart Device Communications.
4
5
6
7
8
The contents of the present document are subject to continuing work within
the Formulating Group and may change following formal approval. Should
the Formulating Group approve modification, the present document will be rereleased with an identifying change of release level, for example:
TIA-4940.050-A
revision level
part number
standard number
9
10
The document contains informative annexes.
11
Suggestions for improvement of this document are welcome, and should be
sent to:
12
13
14
15
16
Telecommunications Industry Association,
Standards and Technology,
2500 Wilson Boulevard, Suite 300
Arlington, VA 22201-3834
17
Foreword
|
iii
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
2
3
4
5
6
7
8
9
10
11
Scope
This document is a member of a multi-part standard that, when taken in total,
defines the requirements for communications pertaining to the access agnostic
(e.g., PHY and MAC agnostic) monitoring and bi-directional communication
of events and information between smart devices and other devices,
applications and networks.
This standard enables organizations to increase security when deploying the
applications across a hostile network.
This standard provides a common foundation for personnel who support or
use risk management processes for IT systems.
12
Scope
|
iv
PN-4940.022: Smart Device Communications; Securing and Deploying Applications
1
1) INTRODUCTION
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
This standard is designed to build on existing cyber security policies and
procedures, help organize and clarify risk management goals, and provide a
consistent approach in which to make risk decisions.
The guidance provided in this standard is intended to address only the
management of cyber security related risk derived from or associated with the
operation and use of information technology and systems and/or the
environments in which they operate. The guidance is not intended to replace
or subsume other risk-related activities, programs, processes, or approaches
that organizations have implemented or intend to implement addressing areas
of risk management covered by other legislation, regulation, policies,
programmatic initiatives, or mission and business requirements. Additionally,
this guidance is not part of any regulatory framework. Rather, the cyber
security risk mitigation guidance described herein is complementary to and
should be used as part of a more comprehensive enterprise risk management
program.
18
INTRODUCTION
|
i
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
2) REFERENCES
2
3
2.1
Normative References
The following standards contain provisions which, through reference in this
text, constitute provisions of this Standard. At the time of publication, the
editions indicated were valid. All standards are subject to revision, and parties
to agreements based on this Standard are encouraged to investigate the
possibility of applying the most recent editions of the standards indicated
below. ANSI and TIA maintain registers of currently valid national standards
published by them.
4
5
6
7
8
9
10
14
References are either specific (identified by date of publication, release level,
etc.) or non-specific. For a specific reference, subsequent revisions do not
apply. For a non-specific reference, the latest version applies: a non-specific
reference implicitly refers to the latest version.
15
[1]
11
12
13
16
17
18
19
2.2
TIA-4940.005: Smart Device Communications;
Reference Architecture
Informative References
The following documents may be useful to the reader
[a]
TSB-4940: Smart Device Communications; Security Aspects
REFERENCES
|
ii
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
3) DEFINTIONS, SYMBOLS AND ABBREVIATIONS
This section contains definitions, symbols and abbreviations that are used in
this document.
2
3
4
5
3.1
6
For the purposes of the present document, the following terms and definitions apply:
7
8
Definitions
Asymmetric Cryptography: Public key cryptography is an asymmetric scheme that
uses a pair of keys for encryption.
10
Attack Surface: All A set of vulnerabilities that, when unprotected, may compromise
a system.
11
Authentication: The process of verifying the identity of entity.
12
Certificate: A document that binds a signature to an entity.
13
Cipher: An algorithm for performing encryption (reverse is decryption).
14
Ciphertext: Encrypting plaintext results in unreadable text.
15
Cleartext: Data that can be read and understood without any special measures. This
term is used interchangeable with “plaintext” in this document.
9
16
18
Confidentiality: The assurance to an entity that no one can read a particular piece of
data except the receiver(s) explicitly intended.
19
Cryptanalysis: The science of analyzing and breaking secure communication.
20
Cryptographic algorithm/cipher: A mathematical function used in the encryption and
decryption process.
17
21
23
Cryptography: The science of using mathematics to secure data via encrypting and
decrypting data.
24
Cryptology: Study of both cryptography and cryptanalysis.
25
Data-at-rest: Data that is stored within entities in a M2M system.
26
Data-in-transit: Data moving between entities in a M2M system.
27
Decryption: The process of reverting ciphertext to its original plaintext.
28
Diffie-Helman: is an anonymous (non-authenticated) key-agreement protocol, it
provides the basis for a variety of authenticated protocols, and is used to provide
perfect forward secrecy in Transport Layer Security's ephemeral modes.
22
29
30
31
32
33
34
Digital Signature: Enables the recipient of information to verify the authenticity of
the information’s origin, and also verify that the information is intact.
Encryption: The method of disguising plaintext in such a way as to hide the actual
content of the text.
DEFINTIONS, SYMBOLS AND ABBREVIATIONS
|
3
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
Hash: A one-way function takes variable-length input and produces a fixed-length
output; that ensures the information has not changed in any way.
1
2
Integrity: The assurance to an entity that data has not been altered (intentionally or
unintentionally) between “there” and “here” or between “then” and “now.”
3
4
Key: A value that works with a cryptographic algorithm to produce a specific
ciphertext.
5
6
Non-Repudiation: Ensures that an author cannot refute that they signed or encrypted
a particular message once it has been sent, assuming the private key is secured.
7
8
Public Key Infrastructure: PKI is a set of hardware, software, people, policies, and
procedures needed to create, manage, store, distribute, and revoke Digital
Certificates. A Public Key Infrastructure (PKI) enables users of a basically unsecure
public network such as the Internet to securely and privately exchange data through
the use of a public and a private cryptographic key pair that is obtained and shared
through a trusted authority.
9
10
11
12
13
14
Symmetric Cryptography:
decryption.
15
16
One secret key is used both for encryption and
17
18
3.2
Abbreviations
19
For the purposes of the present document, the following abbreviations apply:
20
CIA: Confidentiality, Integrity and Availability.
21
CA: Certification Authority.
22
CRL: Certification Revocation List.
23
DH: Diffie-Helman.
24
DSA: Digital Signature Algorithm.
25
ECC: Elliptical Curve Cryptography.
26
ECDSA: Elliptic Curve Digital Signature Algorithm.
27
FIPS: Federal Information Processing Standards.
28
HTTP: Hypertext Transfer Protocol.
29
IoT: Internet of Things.
30
IPSec: Internet Protocol Security.
31
M2M: Machine to Machine.
32
MQV: Menezes-Qu-Vanstone algorithm.
33
SHA: Secure Hashing Algorithm.
34
SSL: Secure Sockets Layer
DEFINTIONS, SYMBOLS AND ABBREVIATIONS
|
4
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
4) Cryptology Introduction
2
To familiarize the reader with cryptology concepts and terminology that are
used within this standard, this introductory section attempts to provide easily
understandable definitions and explain cryptology concepts.
3
4
5
Data that can be read and understood without any special measures is called
plaintext or cleartext. The method of disguising plaintext in such a way as to
hide its content is called encryption. Encrypting plaintext results in unreadable
text that is called ciphertext. Encryption ensures that information is hidden
from anyone for whom it is not intended, even those who can see the
encrypted data. The process of reverting ciphertext to its original plaintext is
called decryption.
6
7
8
9
10
11
12
Cryptography is the science of using mathematics to encrypt and decrypt data.
Cryptography enables entities to store sensitive information or transmit data
across insecure networks (like the Internet) so that such data cannot be read by
anyone except the intended recipient.
13
14
15
16
While cryptography is the science of securing data, cryptanalysis is the
science of analyzing and breaking secure communication. Classical
cryptanalysis involves an interesting combination of analytical reasoning,
application of mathematical tools, pattern finding, patience, determination,
and luck. Cryptology embraces both cryptography and cryptanalysis.
17
18
19
20
21
22
A cryptographic algorithm, or cipher, is a mathematical function used in the
encryption and decryption process. A cryptographic algorithm works in
combination with a key—a word, number, or phrase—to encrypt the plaintext.
Encrypting plaintext with different keys produces different ciphertext. The
security of encrypted data is entirely dependent on two things: the strength of
the cryptographic algorithm and the secrecy of the key.
23
24
25
26
27
28
29
One of the main categorization methods for encryption techniques commonly
used is based on the form of the input data they operate on or utitilze. The two
types are Block Cipher and Stream Cipher.
30
31
32
33
34
35
36
37
4.1
Block Cipher
In this method data is encrypted and decrypted if data is in the form of blocks.
In its simplest mode, you divide the plain text into blocks which are then fed
into the cipher system to produce blocks of cipher text.
38
Cryptology Introduction
|
5
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
4.2
Stream Cipher
Stream cipher functions on a stream of data by operating on it bit by bit.
Stream cipher consists of two major components: a key stream generator, and
a mixing function. Mixing function is usually just an XOR function, while key
stream generator is the main unit in stream cipher encryption technique. For
example, if the key stream generator produces a series of zeros, the outputted
ciphered stream will be identical to the original plain text.
2
3
4
5
6
7
8
9
4.3
Symmetric Cryptography
In conventional cryptography, also called secret-key or symmetric-key
encryption, one key is used both for encryption and decryption. The key must
be kept secret in order for this type of cryptography to work. Example usage
includes email, http, IPsec. Symmetric cryptography is magnitudes faster than
asymmetric cryptography.
10
11
12
13
14
15
16
4.4
Asymmetric Cryptography
Public key cryptography is an asymmetric scheme that uses a pair of keys for
encryption: a public key, which encrypts data, and a corresponding private, or
secret key for decryption. You publish your public key to the world while
keeping your private key secret. Anyone with a copy of your public key can
then encrypt information that only you can read. It is computationally
infeasible to deduce the private key from the public key. Anyone who has a
public key can encrypt information but cannot decrypt it. Only the person who
has the corresponding private key can decrypt the information. Encryption
using asymmetric key algorithms is very slow, Asymmetric encryption
techniques are almost 1000 times slower than Symmetric techniques, because
they require more computational processing power especially when the data
size is large; hence, they are not used when doing bulk encryption. For bulk
encryption, symmetric algorithms should be used. The asymmetric algorithms
can be used to do key exchange.
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
4.5
Key
A key is a value that works with a cryptographic algorithm to produce a
specific ciphertext. In public key cryptography, the bigger the key, the more
secure the ciphertext.
33
34
35
36
37
38
39
40
4.6
Digital Signature
A major benefit of public key cryptography is that it provides a method for
employing digital signatures. Digital signatures enable the recipient of
information to verify the authenticity of the information’s origin, and also
Cryptology Introduction
|
6
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
verify that the information is intact. Thus, public key digital signatures
provide authentication and data integrity. A digital signature also provides
non-repudiation, which means that it prevents the sender from claiming that
he or she did not actually send the information. These features are every bit as
fundamental to cryptography as privacy, if not more.
1
2
3
4
5
6
7
8
9
10
11
12
4.7
Hash
A one-way hash function takes variable-length input—in this case, a message
of any length, even thousands or millions of bits—and produces a fixed-length
output; say, 160-bits. The hash function ensures that, if the information is
changed in any way—even by just one bit—an entirely different output value
is created.
13
Cryptology Introduction
|
7
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
5) Deploying and Securing Applications
2
The challenge of securing and deploying applications in a hostile operating
environment is solved using modern cryptography leveraging public key
infrastructure. Previous generation of deploying and securing configuration
and applications to the device relied on pre shared keys. Pre shared keys are
vulnerable to undetected compromise and theft through exploitation
techniques that are well documented and not detailed in this document.
3
4
5
6
7
8
In order to satisfy the requirements of confidentiality, integrity and
availability (CIA) in policy generation the use of certificates are implemented
in a standardized “trust” model, of which a base trust must be given to an
entity that can create, or “vouch” for surrogate entity certificates. This type of
relationship is referred to “certificate chaining” and as such, can be used to
delegate trust within the trust model. The base entity is called a root certificate
authority or “CA” which can authorize additional certificates (entities) to be
used and implemented within the trust model that has been created. On the
device or client, trust certificates may be installed at device creation,
deployment or another “trusted” method as defined by, for example, a
manufacture security policy. Certificate chaining can be conceptually viewed
in Figure 1.
9
10
11
12
13
14
15
16
17
18
19
20
21
Consortium
Root Certificate
CORP A
Regional Certificate
DIVISION A. CORP A
Regional Certificate
DIVISION B, CORP A
Regional Certificate
ROOT CA
Regional CA, Certificate
Signed by ROOT
CORP A
Regional Certificate
Division Regional CA, Certificate
Signed by ROOT, & CORP
DIVISION C, CORP A
Regional Certificate
Home Gateway Unit A
Regional Certificate
Home Gateway Unit B
Regional Certificate
Home Gateway, Certificate Signed
by ROOT, CORP & DIVISION
Home Gateway Unit C
Regional Certificate
22
23
24
25
26
Figure 1 - Certificate Chaining
Compromised or expired entities can be withdrawn or revoked from the trust
model through a certificate revocation list (CRL) server. CRL’s are only
effective when properly used by both client and servers. Clients must use the
Deploying and Securing Applications
|
8
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
2
3
CRL server to verify that each certificate within a certificate chain is indeed
valid, which preserves the CIA triad, and servers must be maintained and
updated with serial numbers from withdrawn certificates.
4
5
6
The architecture for securing and deploying applications within the reference
architecture [1] is detailed below pictorially in Figure 2
7
Deploying and Securing Applications
|
9
“New”
POA
=
67BAF54
67BAF54
“Company A”
Public Key
Decrypt
Operation
5936B3E
Payload
Application
SHA 256/386
IPSec, SSL, TLS, etc..
5936B3E
+
Payload
Application
5936B3E
+
Payload
Application
ECC Encrypt
Operation
(HASH)
67BAF54
SHA 256/386
Payload
Application
Company B
ECC Encrypt
Operation
(HASH)
67BAF54
SHA 256/386
Payload
Application
“Company B Signed
by Consortium”
Private Key
Hash of Document
“Company A Signed
by Consortium”
Private Key
Hash of Document
Public Key
Private Key
Certificate
X.509 Chained Certificate
Company B’s Certificate,
Signed (authorized) by
Consortium
Public Key
Private Key
Certificate
Public Key
Private Key
Certificate
X.509 Chained Certificate
Company A’s Certificate,
Signed (authorized) by
Consortium
Figure 2 - Architecture for Securing and Deploying Applications
Note: applications can not bring in there own certificates.
Secure Connection
(MITM Prevention)
To Container @ URI:
5936B3E
Payload
Application
HOSTILE NETWORK
Digital Signatures are used to detect unauthorized modifications to data and to authenticate the identity of the
signatory. In addition, the recipient of signed data can use a digital signature as evidence in demonstrating to a third
party that the signature was, in fact, generated by the claimed signatory. This is known as non-repudiation, since the
signatory cannot easily repudiate the signature at a later time.
1
Container
Company A
The purpose of a certificate chain is to
establish a chain of trust from a peer
certificate to a trusted CA certificate.
The CA vouches for the identity in the
peer certificate by signing it. If the CA is
one that you trust (indicated by the
presence of a copy of the CA certificate
in your root certificate directory), this
implies you can trust the signed peer
certificate as well.
CONSORTIUM
Certificate Authority
ROOT CA (Self Signed)
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
Deploying and Securing Applications
|
10
PN-4940.022: Smart Device Communications;
Deploying and Securing Applications
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
The consortium certificate fills the base trust entity role, or root CA. This may
be a self-signed certificate, or obtained from CA vendor. Company A may
join the trust model set forth by the consortium by satisfying the consortium
test and conformance procedure that provides validation metrics for company
A. Leveraging the trust from the consortium; company A may then develop
applications that will validate against the consortiums certificate, since
company certificate was signed by the consortium. The integrity of company
A application can be assured by “signing” the application that company A
produced. A digital fingerprint of the application is created (hashed) and the
fingerprint is encrypted by using the private key of company A. The
application, encrypted fingerprint and certificate chain (minus private keys) is
sent through a hostile network via a multilayer security tunnel [a] to the TIA
container. The container implements the steps that company A used to
encrypt the fingerprint by regenerating the fingerprint of the application
(application was not encrypted, only the fingerprint). The container validates
the certificate chain that was passed by company A by comparing each
certificate in the chain to installed certificate(s) until the container reaches a
certificate that is in its trust model, in this case, it may be the root CA, or
another certificate that the container “trusts”. Once trust is established, the
public key of company A is used to decrypt the fingerprint that was created by
company A. If the decrypted fingerprint is equal to the container’s calculated
fingerprint of the application, the container can then be assured that the
application is genuine and has not been corrupted by the hostile network.
24
Deploying and Securing Applications
|
11
Related documents
Child Protection study day 12th June 2007
Child Protection study day 12th June 2007
Application for Land Value Tax Rate Applicable to Land Used for
Application for Land Value Tax Rate Applicable to Land Used for
PAFCPIC Claims Requirements
PAFCPIC Claims Requirements
Application for Land Value Tax Rate Applicable to Land Used for
Application for Land Value Tax Rate Applicable to Land Used for
Enhancing Research Practice Programme
Enhancing Research Practice Programme
Diploma Order Verification Form
Diploma Order Verification Form
Download
advertisement