Embed Size (px)
Citation preview
Security WG:Report of the Spring
2008 Meeting
Marriott Courtyard Crystal City, VAMarch 14, 2008Howard Weiss
NASA/JPL/[email protected]+1-443-430-8089
Meeting Agenda• 10 March 2008
– 08:00 – 09:00: CCSDS Plenary– 09:00 – 12:00: Systems Engineering Area (SEA) Plenary
• 11 March 2008 (09:00 – 17:00)– 09:00 – 10:30: Welcome, opening remarks, logistics, agenda bashing, Introduction for new attendees
+ Review of document progress and results of Fall 2008 meeting– 10:30 – 12:00: Joint meeting with Spacecraft Monitoring & Control– Document Status (encryption, authentication, key management, mission planners, security green
book)– 1200-1300: Lunch – Authentication Document Discussion (HMAC replacement?) (All)– Security Architecture Document Discussions (Black)– CFDP Security (Pajevski)
• 12 March 2008 (09:00 – 17:00)– Key Management (Fischer)– Mission Planner’s Guide (Wells, Biggerstaff)– 1200-1300: Lunch – Other discussions (per Jan 2008 telecon):
» “Color” of books (magenta vs. blue)» SCPS-SP» SLE security experiences» Encryption & authentication application-specific parameters» Review of CCSDS doc security sections » Threat doc review» Common Criteria for mission security profiles (knit docs together)» Agency security implementations (approach, requirements, security services)
• 13 March 2008 (09:00 – 12:00)– Joint meeting with SLS to discuss link-layer security BOF
• 14 March 2008– 1300-1700: SEA Wrap-up Plenary
AttendanceName Organization Email Address
Howard Weiss (Chair) NASA/JPL/SPARTA [email protected]
Gordon Black BNSC/Logica [email protected]
Daniel Fischer ESA/ESOC [email protected]
Martin Pilgram DLR [email protected]
Stefano Zatti ESA/ESRIN [email protected]
Clayton Sigman NASA/GSFC [email protected]
Craig Biggerstaff NASA/JSC/Lockheed [email protected]
Boyd Wells NASA/JSC [email protected]
Ignacio Aguilar-Sanchez ESA/ESTC [email protected]
Mike Pajevski NASA/JPL [email protected]
Kellep Charles NASA/GSFC [email protected]
Shea Williams U of Col-Boulder [email protected]
Irene Bibyk NASA/HQ [email protected]
Lorezno Chessa ASI [email protected]
Executive Summary
Attendees from BNSC, ESA/ESOC, ESA/ESRIN, DLR, ASI, NASA/GSFC, NASA/JSC and NASA/JPL. CNES did not attend.
NASA and ESA participation from multiple, respective Agency centers continues to be the norm.
Reviewed the comments on the latest revision of the SecWG Security Architecture. All resolved but one. May need to extend the architecture to reinforce the use of link-layer security since its becoming a “hot” topic
Delivered encryption documents to secretariat after WG last review. Discussed the authentication document. Decided to keep HMAC but also add G
MAC (as a “should”) and CMAC (as a “may”) to the doc. Joint meeting held with SM&C to discuss their security architecture. Discussed possible CFDP security extensions. Discussed key management green and magenta books. Discussed 2nd draft of mission planners guide. Discussed possible “revival” of SCPS-SP – decided no. Discussed the use of Common Criteria to create “space” Protection Profiles and i
n particular the work that the FAA has done with PPs for the National Air Space (NAS)
Joint meeting held with Space Link to begin a BOF for Space Link Layer Security Standardization
Summary of Goals and Deliverables
1. Security Architecture document will be revised based on comment review and need to re-emphasize link-layer security.
2. Authentication document will be revised to include cipher-based message authentication codes: GMAC (“should”) and CMAC (“may) based on ESA-sponsored algorithm study. GMAC “won” but CMAC (and CBC-MAC predecessor) has been used.
3. Making good progress on Key Management documents.4. Excellent progress continues on Mission Planners Guide.5. Good discussion on CFDP security and the whole topic of application lay
er security in-general.6. While the use of the Common Criteria met with general approval as a st
andardized means to generate mission security requirements, there were no volunteers to work on a PP and therefore this work will be on a “slow roll.”
7. Continue to work with other Areas and their WGs with respect to security.v Joint mtg w/SM&C to review their security architecturev Joint mtg w/SLS to create space link layer security BOF
SEA Area MID-TERM REPORTSUMMARY TECHNICAL STATUS
1. Security WG
Goal:
Working Status: Active _X_ Idle ____
Summary progress: Five documents actively being produced (Security Architecture, Authentication, Key Management (2), Mission Planners Guide). All docs green.
Progress since last meeting: Encryption doc completed. Agree to revise authentication doc, positive movement on Security Architecture doc, mission planners guide and KM.
Problems and Issues: Resources – Excellent right now but need to ensure continued participation from all member agencies
status: OK CAUTION PROBLEM
Comment: Working Group is advancing and producing good
products.
Docs OK. Authentication revisions needed.
Near-Term ScheduleDeliverable Milestone Date
CCSDS Security Architecture
• Revise & update per meeting 06/08 R10/08 M
Authentication/Integrity
• Revise per meeting consensus. 06/08
10/08
Key Management Green Book
• Revise per meeting comments 04/08
10/08 G
Near-Term Schedule (cont)
Key Management Magenta Book
Being revised and restructured per internal ESA reviews and WG comments
10/08
03/09 M
Mission Planners Security Guide
Work in progress 10/08 G1
03/09 G2
10/09 G
Common Criteria Protection Profiles
Just starting 07/08 (white paper)
Open Issues
Authentication Algorithms Do we have too many options?
Mission planners guide just started but on the right path Starting Common Criteria…. Slow roll Joint work with SLS to create link layer security standards Status of SCPS-SP
Shows up as Blue Book on web site Not revised since 1999 SIS “think” it has been retired Need to move to historical w/note regarding vulnerability if
used in only integrity mode.
Action Items
Item Number Action Item: Assigned to: Date Due:
SecWG0308:1 • Provide final comments on the SM&C security architecture
ALL As required by SM&C
SecWG0308:2 • Update Authentication Document to include GMAC and CMAC cipher-based message authentication code algorithms
Howard Weiss 07/08
SecWG0308:3 • Revisit digital signature algorithm – currently specified as DSA – should this become RSA because of the prevalence of use in commercial products?
ALL 06/08
SecWG0308:4 • Harmonize section 3.6 of the Security Architecture with NIST
Clayton Sigman & Gordon Black
06/08
SecWG0308:5 • Check how pre-shared key can be used with TLS per section 7.5.3 of the Security Architecture
Howard Weiss 06/08
Action Items (2)SecWG0308:6 • Create a concept paper “white
book” discussing CFDP (in specific) and application layer security in general
Mike Pajevski 10/08
SecWG0308:6 • Review the ESA profile document
ALL 04/08
SecWG0308:7 • Obtain existing Agency key management schemes (as obtainable and releasable) for inputs into the magenta Key Management document
ALL 05/08
SecWG0308:8 • Add a document roadmap to the Mission Planners Guide illustrating the various security documents and how they are used.
Craig Biggerstaff 10/08
SecWG0308:9 • Can CCSDS “borrow” words from existing ISO documents (e.g., ISO 270002) for the Mission Planners Guide
Howard Weiss 08/08
SecWG0308:10 • Set up a WebEx Telecon for 4 June 2008, 10am EDT
Howard Weiss 5/08
Resource Problems
Resources appear to be adequate to perform the current tasks. Resources are increasing:
ESA has provided additional resources NASA has provided additional resources We keep seeing and getting more interest
Risk Management Update
Must ensure that the current trend of additional resources remains and that resources don’t shrink.
Cross Area WG / BOF Issues
Joint meeting with SM&C to review their security architecture. Joint meeting with SLS to create a new dual-area BOF
Create space link layer security standards (e.g., TM, TC, AOS, Prox-1 standard security mechanisms)
Resolutions to be Sent to CESG and Then to CMC
None
New Working Items, New BOFs, etc.
Authentication algorithm revisions Common Criteria Protection Profiles Joint SLS/SEC Space Link Security BOF
Already approved by SLS AD (who attended the meeting) Needs approval by SE AD
