ioag8 esa security authenticate briefing

Information about ioag8 esa security authenticate briefing

Published on October 29, 2007

Author: Nikita

Source: authorstream.com

Content

Data Security and Authentication E. M. Soerensen OPS-ONV 21st July 2005:  Data Security and Authentication E. M. Soerensen OPS-ONV 21st July 2005 CCSDS STANDARDS:  CCSDS STANDARDS There are no approved standards for authentication or encryption at the CCSDS Data link Layer There are no approved standards for key management and distribution. TC Authentication – Centralised :  TC Authentication – Centralised TC Authentication – Centralised:  TC Authentication – Centralised Only CLTU service can be supported Security requirements and implementation is transparent to the cross supporting agency. There is no need to distribute the security key to the cross supporting agency The supporting agency does not require any knowledge of the security keys and security algorithms. This architecture would not require any changes to the current implementation already in place for cross support and should also not compromise spacecraft security requirements. TC Authentication – De-centralised :  TC Authentication – De-centralised TC Authentication – De-centralised:  TC Authentication – De-centralised All forward SLE transfer services are available for cross support like the Forward Space Packer Service and Forward CLTU All missions and ground station requiring for the cross support services must implement authentication units to a common specification. In particular, they most use the same authentication algorithm and use the same key length. As each mission will use a different key, the SLE service management must therefore ensure that the appropriate key is loaded for proper execution of the SLE forward data service. The Problem is KEY MANAGEMENT:  The Problem is KEY MANAGEMENT Key Management (1):  Key Management (1) Key generation - The requirements should identify the key production facility and the method of key generation. Key randomness - Key generation should be a random process. Lack of randomness effectively reduces the size of the key space. Key encryption algorithm - The requirements should identify the algorithm used for key encryption. Ideally, this should not be the same algorithm that is used for encryption of data. If the same algorithm is used it should be used in a different mode. Key transfer – The requirements should defined how the keys are to be distributed within the networks. This includes the key protocol and key updating. Note that if key material must be double encrypted if it is sent over untrusted networks or links that can be intercepted. Key Management (2):  Key Management (2) Key Period – The requirements should define the period of use for each key type. Key Storage – The requirements shall define how keys are to be stored within the system. Key Compromise – The requirements should define how the system is to recover from key compromise. Key Destruction – The requirements for key destruction must be specified. Keys must be destroyed securely. Key Re-use – Under normal operations a key should not be re-used after its period of use has expired. Key Roll-over – The change from a current key to the next key should be accomplished without interrupting any services. Conclusion:  Conclusion Cross support using SLE has been validated and is already in place for a number of missions. This cross support is based on the three basic services Forward CLTU for commanding and Return RAF and Return RCF for telemetry. The use of a centralised architecture for implementing security makes the use of these existing services transparent to the security implementation and security can be support today using the existing operational cross support systems.

Related presentations


Other presentations created by Nikita

Modems
28. 11. 2007
0 views

Modems

Intro to CMMI
02. 10. 2007
0 views

Intro to CMMI

Mantsch Mazur Tank Insulation
06. 11. 2007
0 views

Mantsch Mazur Tank Insulation

embrapa2
27. 11. 2007
0 views

embrapa2

G050249 00
28. 11. 2007
0 views

G050249 00

csw06 lord
25. 10. 2007
0 views

csw06 lord

AboutCaravaggio
31. 10. 2007
0 views

AboutCaravaggio

THE RENAISSANCE
31. 10. 2007
0 views

THE RENAISSANCE

HeWhoLaughs LastsPlenary
02. 11. 2007
0 views

HeWhoLaughs LastsPlenary

JavaScript UE1
05. 11. 2007
0 views

JavaScript UE1

buchner
05. 11. 2007
0 views

buchner

6 3 Ship Framing System
06. 11. 2007
0 views

6 3 Ship Framing System

NOROVIRUSESpres
07. 11. 2007
0 views

NOROVIRUSESpres

Volkswagen Stiftung
14. 11. 2007
0 views

Volkswagen Stiftung

Trigonometry examples
15. 11. 2007
0 views

Trigonometry examples

Lufthansa
16. 11. 2007
0 views

Lufthansa

pipeline to the pros updated
20. 11. 2007
0 views

pipeline to the pros updated

tango in a nutshell
22. 11. 2007
0 views

tango in a nutshell

en what is turtle f2f
19. 12. 2007
0 views

en what is turtle f2f

Qatar 2005
28. 12. 2007
0 views

Qatar 2005

butterflydance
23. 11. 2007
0 views

butterflydance

H3NPSmall
02. 01. 2008
0 views

H3NPSmall

nano5
02. 01. 2008
0 views

nano5

flex components slides
28. 11. 2007
0 views

flex components slides

jmcmorrow
06. 12. 2007
0 views

jmcmorrow

fishing
07. 01. 2008
0 views

fishing

Dormancy
07. 01. 2008
0 views

Dormancy

TE Tutorial ACL07
31. 10. 2007
0 views

TE Tutorial ACL07

Knots A
25. 10. 2007
0 views

Knots A

Tutorial AOD 100305
29. 10. 2007
0 views

Tutorial AOD 100305

38006461
21. 11. 2007
0 views

38006461

helioseismology
14. 11. 2007
0 views

helioseismology

Knoblock p123
15. 11. 2007
0 views

Knoblock p123

Lt2 BusiPortfoAnalysis
20. 02. 2008
0 views

Lt2 BusiPortfoAnalysis

Guidaversione19 0SistemaDRG
30. 10. 2007
0 views

Guidaversione19 0SistemaDRG

Modern Ideas
24. 02. 2008
0 views

Modern Ideas

Lotrel and Diovan Talk
05. 03. 2008
0 views

Lotrel and Diovan Talk

BusinessBuddyPresent ation
03. 10. 2007
0 views

BusinessBuddyPresent ation

DFASColumbusConferen ce
01. 11. 2007
0 views

DFASColumbusConferen ce

student movement
25. 12. 2007
0 views

student movement

elettivo2006
04. 12. 2007
0 views

elettivo2006

akshaya friends
21. 12. 2007
0 views

akshaya friends

lctpcremarks
27. 03. 2008
0 views

lctpcremarks

AUTNZFuturesDWYER
30. 03. 2008
0 views

AUTNZFuturesDWYER

Lecture24 07
09. 10. 2007
0 views

Lecture24 07

Lesko Homestake Minn
05. 12. 2007
0 views

Lesko Homestake Minn

2005 FX PAL VS
01. 11. 2007
0 views

2005 FX PAL VS

Deadlock 1941
13. 11. 2007
0 views

Deadlock 1941

20070615 POLICY grid
24. 12. 2007
0 views

20070615 POLICY grid

NYU Brownbag
06. 11. 2007
0 views

NYU Brownbag

Meow
05. 11. 2007
0 views

Meow

ahm2004 workflow
14. 12. 2007
0 views

ahm2004 workflow

08Tirpak
07. 11. 2007
0 views

08Tirpak

UNFFOlgas website
26. 11. 2007
0 views

UNFFOlgas website

rtd Jul24 03
30. 11. 2007
0 views

rtd Jul24 03

Princeton Oct05
05. 11. 2007
0 views

Princeton Oct05