World Class Standards Footer text (edit in View : Header and Footer) Security paradigms and RFID RFID03_03 Scott W CADZOW C3L

World Class Standards

Footer text (edit in View : Header and Footer)

Security paradigms and RFID

RFID03_03

Scott W CADZOW

C3L


Footer text (edit in View : Header and Footer) 2

Security and standards development

Risk based assessment Design based assurance


History of RFID

Origins not terribly well documented Henry Stockman, 1948 Mario Cardullo (US Patent 3,713,148) in 1973 Charles Walton (US Patent 4,384,288) in 1983

Standards development ISO, base standards ETSI??

• ITS active, passive transponders, road pricing



Standards (not radio)

ISO 14223/1 Radio frequency identification of Animals, advanced transponders –

Air interface

ISO 14443 HF (13.56 MHz) standard used as the basis of RFID-enabled passports

under ICAO 9303.

ISO 15693 HF (13.56 MHz) standard, used for non-contact smart payment and

credit cards.

ISO 18000-7 UHF (433 MHz) industry standard for active RFID products

ISO 18185 Industry standard for electronic seals for tracking cargo containers



Security issues in RFID

Well documented Aired in previous RFID workshops

Tracking – traffic analysis Masquerade may result

Physical weaknesses Chip can be broken Antenna can be broken Antenna can be easily masked

Religious fervour ??? Weird claim of RFID as mark of the beast (Revelation 13:16)



Objective Objective Objective

Function Function Function Function Function Function

Requirement Requirement

Existing StandardsExisting Standards

“System”

!!

Requirement

Requirement


Requirement



Requirement


Paradigm to be adopted

Design for assurance Advancement of ITU-T 3 stage method Development in line with Common Criteria (ISO/IEC 15408) Use of ETSI EG 202 387 as basis Development of Protection Profiles using ES 202 382 as template

Risk analysis as fundamental key in development ETSI TS 102 165-1 as the root document

Objective and requirements engineering Key to success being developed in TISPAN WI-07027

Security architecture and countermeasure analysis Using key capabilities from ISO/IEC 15408-2



Definitions to be going on with

Objectives Broad intention of system (WHAT)

Functions Abstract grouping of features

Requirements Implementation detail (HOW)


Understanding of security A Threat, enacted by a Threat Agent, may lead to an Unwanted

Incident breaking certain pre-defined security objectives Aim is to avoid Unwanted Incidents Countermeasures restrict the ability of threat agents to operate


The root model for eTVRAclass Security

ThreatThreatAgent

SecurityObjectiv e

«UnwantedIncident»Incident

+Enacts

1..*

+Is performed by

0..*

+Attacks 1..*

+IsAttackedBy 0..*

+May lead to


Threat types (#1)class ThreatTree

Threat

Interception Manipulation Repudiation DenialOfServ ice

Masquerade Forgery InformationCorruption InfornationLossUnauthorisedAccess


Threat types (#2)class ThreatThree2

Threat

Automated

ThreatAgent

Scripted

Manual

Controlled Autonomous

+Enacts

1..*

+Is performed by

0..*


SUMMARYWhere we need to go



Key points

Adoption of “design for assurance” paradigm Risk based development of security functions

Distribution of risk based on least cost loss function

Cryptographic development with SAGE as partners Systems security development with TISPAN and OCG-Sec as

partners



Thanks for listening

Scott CADZOW Scott @ Cadzow . com


Documents

World Class Standards Footer text (edit in View : Header and Footer) Security paradigms and RFID RFID03_03 Scott W CADZOW C3L