Security - Telenor
Security - Telenor
Security - Telenor
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
32<br />
The Policy Control Center<br />
An implementation of a policy enforcement<br />
mechanism described in the previous section<br />
is currently being developed at <strong>Telenor</strong> R&D,<br />
called a “Policy Control Center”. The Policy<br />
Control Center is controlled by a secured “Policy<br />
Control Center Server” located at the home/<br />
corporate network.<br />
For communication between mobile terminals<br />
and this server (between the Policy Control Center<br />
and the Policy Control Center Server) LDAP<br />
over SSL is currently being used with both client<br />
and server side certificates.<br />
The Policy Control Center Server contains different<br />
policies for different users, as well as different<br />
policies for different network configurations.<br />
When a mobile terminal is outside the corporate<br />
network, we enforce a stricter security<br />
policy compared to the case where the mobile<br />
terminal is connected via a physically “secured”<br />
cable inside the corporate network (and behind<br />
the corporate firewalls).<br />
However, when introducing the concept of Multiple<br />
shared virtual VPNs as described earlier<br />
where a physically secured cable is simply not<br />
available, you need to introduce a security policy<br />
similar to the one used when connected directly<br />
to the Internet.<br />
The initial implementation of the Policy Control<br />
Center was running on Linux, where we have<br />
investigated among other things the following<br />
security technologies to be integrated and used<br />
to secure the mobile terminal:<br />
• Local firewall service through the use of<br />
“Ipchains”. This is a rather basic packet filtering<br />
firewall available on Linux systems.<br />
• A simplified network Intrusion Detection System<br />
by a combination of “Ipchains” and “Port-<br />
Sentry” [2], allowing dynamical blocking of<br />
unauthorised network attacks using TCPwrappers.<br />
• Host based Intrusion Detection System<br />
through the use of “LIDS” [3], the Linux<br />
Intrusion Detection System.<br />
• Integrity protection on the PCC itself as well<br />
as on all system critical parts of the file system<br />
through the use of “LIDS” [3]. LIDS<br />
enables the strict enforcement of read-only<br />
policies, making selected parts of the file system<br />
read-only or append only even for the<br />
superuser (root).<br />
• VPN access through the use of “FreeS/WAN”<br />
[4], a Linux IPsec implementation.<br />
• Disk encryption mechanisms.<br />
All policies need to be verifiable. To verify that<br />
the policies defined are actually implemented<br />
correctly on the mobile terminal, we need to<br />
build our implementation upon strong cryptographic<br />
protection mechanisms as much as possible.<br />
All software components to be used as part<br />
of the Policy Control Center need to be integrity<br />
protected so that as many attempts as possible on<br />
modifying and bypassing the protection mechanisms<br />
are discovered. Successfully bypassing<br />
of the Policy Control Center could mean that a<br />
compromised mobile terminal is able to access<br />
the internal corporate network.<br />
We are currently investigating the possibility of<br />
integrating local information protection through<br />
further use of disk encryption, incorporating the<br />
use of smartcards and PKI systems as well as all<br />
other security mechanisms required covered earlier<br />
in this article, in order to achieve the best<br />
possible security for the future users of Internet<br />
mobility.<br />
Our current work covers the development of a<br />
pure JAVA version of the Policy Control Center,<br />
making sure that all kinds of different terminals<br />
running JAVA may be secured using our PCC.<br />
Although the PCC implementation is platform<br />
independent, the policies themselves are however<br />
highly platform dependent.<br />
Challenges currently under investigation include<br />
for example:<br />
• How to most efficiently and securely write<br />
and handle the policies for different platforms;<br />
• How to protect the Policy Control Center<br />
itself from unauthorised modification and<br />
bypassing attempts;<br />
• Making sure the right policy is selected automatically,<br />
how do you know where you are?<br />
Conclusions<br />
Keeping a computer system connected to the<br />
Internet secure is a challenging task even for<br />
experienced security personnel. New software is<br />
frequently being introduced, often with little or<br />
no concern for potential security implications,<br />
and new vulnerabilities are constantly being<br />
found both in old and new software. In particular,<br />
without an open development model, mistakes<br />
made before are bound to be repeated over<br />
and over again without the customers ever hav-<br />
Telektronikk 3.2000