Applicability of Host Identities in Securing Network Attachment and Ensuring Service Accountability
Heikkinen, Seppo (2011)
Heikkinen, Seppo
Tampere University of Technology
2011
Tieto- ja sähkötekniikan tiedekunta - Faculty of Computing and Electrical Engineering
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tty-2011120114923
https://urn.fi/URN:NBN:fi:tty-2011120114923
Tiivistelmä
IP is often seen as the “lingua franca” of modern communication. It provides interoperability across various heterogeneous link layer technologies and enables access to a rich set of services available in the Internet. As the number of users has exploded, it has been essential to ensure that the establishment of connectivity is a relatively painless procedure for the ordinary users. However, often the ease of use overcomes the requirement to have proper security in place. This is evident in the current practise of con-figuring the IP access. With the proliferation of ubiquitous and wireless access, such security concerns become more profound.
IP access is the part of the attachment procedure that a user has to go through in order to enjoy interworking services. Thus, the attachment dictates the steps that need to be taken in order to enable communication between two entities, which often comprise of the user device and the access point capable of providing interworking services. This thesis investigates mechanisms to ensure the security of that attachment procedure. The approach taken leans heavily on the ideas presented in the development of Host Identity Protocol (HIP), a current Internet Engineering Task Force (IETF) experimental standard. Thus, as a baseline, the nodes are expected to be in possession of secure identities, which can be bound to the configuration procedure in order to enhance the security properties of the attachment process. In essence, these identities are names for which the nodes are able to provide a proof of possession without having to resort to external par-ties. However, the external parties, for example, trusted third parties, can still be used to enhance liability, that is, ensure that a known entity will ultimately cover the generated costs.
In order to ensure liability, one needs to find an assured way to account for the actions taken, especially if the accounting is used as a basis of compensation, which most often involves payment. Such assured accounting is another focal point of this thesis. The thesis describes how host identities can be employed to produce non-repudiable evidence in a typical IP-based service. In addition, the scheme allows devising a solution, which takes into account the granularity of the service provisioning. In other words, the participants of the provisioning are able to control their level of commitments, so that neither party is able to get an unfair upper hand. Thus, if no service is provided, provision of undeniable usage evidence can be terminated. Similarly, if no user-committed evidence of service usage is provided, service provisioning can be terminated.
The above points are also considered from the point of view of service provisioning platforms, mainly the IP Multimedia Subsystem (IMS). Such systems have been kept tightly in control of one entity, such as an incumbent operator. The concepts of secure identities and non-repudiable evidence are used to enhance the system, so that more technical incentives for moving away from the strict single administrative domain con-cept can be provided. This is especially beneficial in a future networking environment, where the interactions between the operator level entities become more dynamic in nature.
While this thesis considers the technical functionalities to enhance the security properties of the evolved networks, there are various hindrances to such visions. The deployability of new solutions, such as HIP, is challenging to well-established platforms, if the migration cannot be done in a compatible way. Also, financial motivations, especially those of dominant entities, do not always favour more open approaches.
IP access is the part of the attachment procedure that a user has to go through in order to enjoy interworking services. Thus, the attachment dictates the steps that need to be taken in order to enable communication between two entities, which often comprise of the user device and the access point capable of providing interworking services. This thesis investigates mechanisms to ensure the security of that attachment procedure. The approach taken leans heavily on the ideas presented in the development of Host Identity Protocol (HIP), a current Internet Engineering Task Force (IETF) experimental standard. Thus, as a baseline, the nodes are expected to be in possession of secure identities, which can be bound to the configuration procedure in order to enhance the security properties of the attachment process. In essence, these identities are names for which the nodes are able to provide a proof of possession without having to resort to external par-ties. However, the external parties, for example, trusted third parties, can still be used to enhance liability, that is, ensure that a known entity will ultimately cover the generated costs.
In order to ensure liability, one needs to find an assured way to account for the actions taken, especially if the accounting is used as a basis of compensation, which most often involves payment. Such assured accounting is another focal point of this thesis. The thesis describes how host identities can be employed to produce non-repudiable evidence in a typical IP-based service. In addition, the scheme allows devising a solution, which takes into account the granularity of the service provisioning. In other words, the participants of the provisioning are able to control their level of commitments, so that neither party is able to get an unfair upper hand. Thus, if no service is provided, provision of undeniable usage evidence can be terminated. Similarly, if no user-committed evidence of service usage is provided, service provisioning can be terminated.
The above points are also considered from the point of view of service provisioning platforms, mainly the IP Multimedia Subsystem (IMS). Such systems have been kept tightly in control of one entity, such as an incumbent operator. The concepts of secure identities and non-repudiable evidence are used to enhance the system, so that more technical incentives for moving away from the strict single administrative domain con-cept can be provided. This is especially beneficial in a future networking environment, where the interactions between the operator level entities become more dynamic in nature.
While this thesis considers the technical functionalities to enhance the security properties of the evolved networks, there are various hindrances to such visions. The deployability of new solutions, such as HIP, is challenging to well-established platforms, if the migration cannot be done in a compatible way. Also, financial motivations, especially those of dominant entities, do not always favour more open approaches.
Kokoelmat
- Väitöskirjat [4848]