Security - Telenor

More documents

Recommendations

Info

Henning Wright Hansen (28) is Research Scientist at Telenor R&D, Kjeller, where he has been working on aspects related to Internet security since 1996. His research interests include wide aspects of security related to computing, focusing on the security consequences of introducing Internet mobility as well as solutions making the Internet a safer place to be for the mobile users of the future. He is also involved in the TigerTeam activities (practical security testing) at Telenor R&D. henning-wright.hansen @telenor.com Dole Tandberg (38) is Research Scientist in the Security Group at Telenor R&D, Kjeller, where he has been working since 1997. His research interests include security in Internet and mobile distributed systems. He is also involved in the TigerTeam activities and practical security exploits. Background: 1982–1988 University of Zagreb, Croatia; 1988– 1996 ABB Corporate Research; 4 patents holder (2 WW and 2 UK); 1994 Sheffield University (UK), Largest civilian FEM-test research program; 1995 London Conference “New Era Technology” paper holder. dole-stojakovic.tandberg @telenor.com 26 Security in a Future Mobile Internet HENNING WRIGHT HANSEN AND DOLE TANDBERG Introduction Everyone knows it – computers are getting more and more common. Computers are also getting more and more portable. At the same time the Internet has become a common place. The professional computer users demand the possibility to work as usual independent of time and place. And why not? The technology that will make this happen is more or less here. However, the companies that own and control the computers used by these demanding users have second thoughts. What about security? The Internet is itself a “dangerous” place to be, and even highly skilled personnel make mistakes when implementing security solutions to protect the internal network from script kiddies or maybe even worse, from unscrupulous competitive companies or foreign governments. Who really knows what might be out there? And now the users want to open up the internal network to be accessed from the Internet. How could this be done in a satisfyingly secure manner? How should the mobility management be implemented to allow for transparent access – both to and from the machines on the road? This article will try to cover these issues and propose solutions that may become the future foundation for secure Internet mobility in the years to come, with a particular focus on the users and their terminals. Only selected security technologies will be covered, focusing on the mobile users and their terminals. A Mobile Wireless Network of the Future The Internet has traditionally offered very poor support for mobility. It is of course possible to move computers connected to the Internet from one local area network to another, but there has been no support for mobility. That is; when moving a computer from one LAN to another, you have to supply it with a brand new IP address. From the network point of view, this is seen as a totally different computer since the IP address is used to identify it. Even today, some legacy operating systems claimed to be “up to date” need to be rebooted in order to use a different IP address. Mobile IP is about to change this, however, allowing the computer to be moved to keep its old IP address used for identification, and at the same time obtain and use a new topologically correct IP address. This may be achieved by using e.g. tunneling mechanisms. Internet mobility may be achieved without altering the routers or other hosts on the Internet, the only thing really needed is a Home Agent placed on the home network. The Home Agent is responsible for registering the current locations (IP addresses) of mobile nodes, and forwarding packets destined for the mobile node out to its current location. Authentication is built-in in order to make it difficult to redirect traffic to unauthorised hosts, this will help prevent someone stealing traffic destined to the mobile nodes. When a mobile node connects back to the home network, an extension is made from the LAN to the Mobile Node. Traffic traditionally being internal and restricted to the LAN only, now ends up being routed over the Internet for everyone to see. Utilising VPN technology is therefore very important if privacy, authenticity and integrity of the data exchanged is of any concern. Traditionally VPN systems have been used for protecting traffic between different kinds of networks, but the same technology may be integrated directly on the mobile nodes in a network-to-host scenario. (Or host-to-host for that matter.) The technology used to achieve this is typically IPsec. At the home network, the extension of the home network towards the mobile nodes is typically combined with the use of firewalls. The firewall is supposed to enforce a security policy separating those “inside” from those “outside” the firewall. Wireless technology such as the IEEE 802.11 may be used as one attractive method of accessing the Internet or LAN IP networks. The security mechanisms in these standards are however limited in flexibility, and VPN technology is therefore needed on top. WLAN technology is sometimes envisioned to replace traditional wired LAN networks, particularly in dynamic and new environments. Time and money may be saved as the need for cabling is reduced considerably. In future office environments, WLAN technology may be used as a shared access technology, e.g. within a large office building. It would be much more efficient to offer WLAN access to all employees in different firms within the building, instead of having each firm imple- Telektronikk 3.2000
menting its own WLAN system. Visitors may also be given network access through the WLAN within or nearby the office building. However, using WLAN technology in this manner, the concept of firewalls separating the “internal” from the “external” network is no longer useful. The once physically protected internal network is now more or less publicly available. To maintain the concept of a “secured local area network” completely new firewalls, VPN, as well as other security mechanisms are needed. This article describes selected techniques needed to fulfil the security needs in such a future wireless mobile network. Secure Networking in the Future Technical Solutions Local Adaptive Firewall Services A commonly used technique used to protect a “private” or “internal” network from an external network such as the Internet is to implement a firewall service. Firewalls started out as simple packet filters, capable of filtering out packets based on IP addresses and information contained within other higher level protocols, such as the TCP and UDP headers. The simplified firewall illustrated in Figure 1 accepts only inbound connections from TCP port 80, which is dedicated to HTTP traffic, and rejects other types of traffic. While traditional “static” terminals typically are protected from the Internet by the use of firewalls, mobile terminals of the future are envisioned to roam freely, using the Internet wherever it is available. The firewalls on the home “Telnet” to an internal machine Surfing the web´, Internet Explorer “Ftp” to an internal machine Request to an Intranet server Telektronikk 3.2000 network will not be able to protect those users. This is the reason why firewalls must be implemented locally on the mobile terminals, and not only on the borders of the home network. It is however not enough to install “traditional” firewalls on these mobile terminals, some requirements that firewalls on mobile terminals should meet include the following: • They need to be configured dynamically, depending on the current location; • They should be able to adapt themselves to the current network traffic (e.g. blocking attacks dynamically); • They need to be easily and securely remotely controlled by their administrator or automatically by a server on the corporate network; • They need to adapt to dynamic IP addresses; • They need to automatically adapt to the network interfaces currently in use (ethernet, modems/ISDN, IrDA, Bluetooth, etc.); • They need to be integrated seamlessly and transparently (for the user) with other applications running on the mobile nodes, rejecting all network connections unless the firewall has been properly activated; • They need to be integrity protected as well as verifiable, ensuring that the configuration is trustworthy. To administer these firewalls will be a challenge in the future world of mobile communication. Some of the same principles presented here are also found in a recently published paper from Steven M. Bellovin, Distributed Firewalls [1]. Figure 1 A simple packet filtering firewall allowing web surfing only 27
Page 2 and 3: Telektronikk Volume 96 No. 3 - 2000
Page 4 and 5: Øyvind Eilertsen (34) is Research
Page 6 and 7: 4 E(P) = a ⋅ P + b (mod 26) D(C)
Page 8 and 9: 6 In 1997, NIST initiated the proce
Page 10 and 11: 8 decrypt the signed hash value, re
Page 12 and 13: Lars R. Knudsen (38) is Professor a
Page 14 and 15: Table 1 Timetable for AES Table 2 T
Page 16 and 17: 14 K m i Stream cipher algorithm Fi
Page 18 and 19: 16 6 Use of Encryption in Telecommu
Page 20 and 21: 18 mode, integrity mode, key divers
Page 22 and 23: 20 7 Beaver, D. Computing with DNA.
Page 24 and 25: 22 In both cases, my trust depends
Page 26 and 27: 24 A number of standard PC applicat
Page 30 and 31: 28 Securing Locally Stored Informat
Page 32 and 33: Figure 3 A simple Public Key Infras
Page 34 and 35: 32 The Policy Control Center An imp
Page 36 and 37: Tønnes Brekne (31) is on leave fro
Page 38 and 39: 36 Sets definable by such predicate
Page 40 and 41: 38 A failure is caused by some type
Page 42 and 43: Figure 1 This figure illustrates th
Page 44 and 45: 42 ating system(s) and/or platform
Page 46 and 47: Message Sender Recipient Message pa
Page 48 and 49: 46 Assume some agent a carries with
Page 50 and 51: 48 gateway from attack, while the i
Page 52 and 53: 50 transfer at the expense of secur
Page 54 and 55: 52 7 FORE Systems. Firewall Switchi
Page 56 and 57: Figure 2-1 Object invocations throu
Page 58 and 59: Figure 4-1 3 Levels of different fi
Page 60 and 61: 58 phase two, in which the client r
Page 62 and 63: 60 5 CORBA Firewall Traversal 5.1 F
Page 64 and 65: 62 7.2 Visibroker Gatekeeper of Inp
Page 66 and 67: 64 References 1 Abie, H. An Overvie
Page 68 and 69: Cost Figure 1 Minimising total cost
Page 70 and 71: 68 In the coming years it is likely
Page 72 and 73: 70 financial, social, environmental
Page 74 and 75: Consequence 72 Insignificant Substa
Page 76 and 77: 74 in a one week time-frame, using

Security - Telenor

Create successful ePaper yourself

Delete template?

Save as template?