Status Briefing- SEA-SEC
Download
Report
Transcript Status Briefing- SEA-SEC
Security WG Status Review
ESA European Space Operations Centre
Darmstadt, Germany
16 April 2012
Howard Weiss
NASA/JPL/SPARTA
[email protected]
+1-443-430-8089
skype: hsweiss
Boulder Meeting Agenda
•31 October 2011
–08:45 – 09:45: CCSDS Plenary
–09:45 – 12:00: Systems Engineering Area (SEA) Plenary
•1 November 2011 (09:00 – 17:00)
–Welcome, opening remarks, logistics, agenda bashing, introductions
–Review results of Spring 2011 (Berlin) meeting
–Status of documents
–Review newly updated CWE entries: charter, programs, schedules
–Security Architecture RID Disposition (Black)
–Algorithm Document review (Weiss)
–Algorithm Yellow Book review (Weiss)
–Glossary Review (Weiss)
Meeting Agenda (cont)
• 2 November 2011 (09:00 – 17:00)
– Key Management (Fischer/Aguilar-Sanchez)
– Threat book review (All)
– Cross Support (All) ??
– SM&C Support (Fischer) ??
– Network Layer Security Update (Weiss)
– Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez)
– Other areas of discussion
– New work areas
• 3 November 2011
– 09:00-17:00: Space Data Link Security WG
• 4 November 2011
– 09:00-12:30: Space Data Link Security WG
– 13:00-17:00: SEA Wrap-up Plenary
Attendance
Name
Organization
Email Address
Howard Weiss (Chair)
NASA/JPL/Cobham
[email protected]
Gordon Black
UK Space Agency/Logica
[email protected]
Daniel Fischer
ESA/ESOC
[email protected]
Martin Pilgram
DLR
[email protected]
Craig Biggerstaff
NASA/JSC/Lockheed
[email protected]
Ignacio Aguilar-Sanchez
ESA/ESTEC
[email protected]
Clayton Sigman
NASA/GSFC
[email protected]
Dorothea Richter
DLR
[email protected]
Executive Summary
Attendees from UK Space Agency, ESA/ESTEC, ESA/ESOC, DLR,
NASA/JSC, NASA/GSFC, and NASA/JPL. No attendees from ASI or
CNES (CNES says they will attend in the Spring).
Reviewed charter updates as recorded on CWE. Need to add Network
Layer Blue Book as new work area.
Reviewed and dispositioned the 86 RIDS against the Security
Architecture document.
Reviewed Security Glossary. A few minor changes need to be made
and then the document will be submitted to the AD.
Reviewed Algorithm Blue Book: a few more minor changes and the
document will be submitted to AD.
Reviewed the updated version of the Algorithm Yellow Book.
Discussed KM Blue Book. Minimal progress since last mtg due to
resource constraints.
Reviewed network layer security profile – Adaptation Profile BB
SDLS making good progress. SDLS papers being submitted to IEEE
Aero Conference (Big Sky) + SpaceOps.
Summary of Goals and Deliverables
1. Recent charter update didn’t include network layer security.
Change made – some conflict resulted but has been cleared up.
2. Minimal changes to Algorithm document. Yellow Book for
testing (2nd draft) discussed and will be revised with a few
changes. ESA, DLR, GSFC potential testing sites.
3. Key Management green book submitted to AD. published
4. KM Blue Book for symmetric KM hit resource constraints.
5. Security glossary needs a few tweaks and then submit.
6. Network layer security for use of IPsec slated to be an
“Adaptation Profile” Blue Book.
7. Cross Support & SM&C Security: discussed but no activity.
8. Reviewed & discussed revisions to the Threat Green Book.
Near-Term Schedule
Deliverable
Milestone
Date
Charter Update
•
Update for network layer security
11/11
Algorithm Blue
Book
•
Incorporate changes per mtg &
submit to AD
12/11
Key
Management
Blue Book
•
Continue drafting next revision
04/12
Network Layer
Profile
•
Layout of document
02/12
Threat
Document
Revision
•
Determine revision contents
02/12
Information
Security
Glossary
•
Final edits & submit to AD
12/11
Near-Term Schedule (cont)
Common Criteria
Protection Profiles
On hold
TBD
Application Layer
Security
On hold
TBD
Open Issues
Deciding what/how to revise Threat Green Book.
Action Items
Item Number
Action Item:
Assigned to:
Date Due:
Status
SecWG1111:1
•
Update charter for Network Layer
Security
Howard Weiss
11/18/11
Complete
SecWG1111:2
•
Provide RID disposition feedback and
revise Security Architecture document.
Gordon Black
01/15/12
Complete
SecWG1111:3
•
Check the meaning of Security
Architecture RID #17 with ESA author.
Daniel Fischer
11/10/11
Complete
SecWG1111:4
•
Obtain a document number for the
Information Security Glossary from the
Secretariat Editor
Howard Weiss
11/10/11
CCSDS 350.8-G
SecWG1111:5
•
Update the Information Security
Glossary and submit final to AD
Howard Weiss
12/2/11
Complete –
submitted
Nov 2011
SecWG1111:6
•
Update the Algorithm Blue Book and
submit to AD
Howard Weiss
12/16/11
Complete
Action Items (2)
SecWG1111:7
•
Update Algorithm Yellow Book per
comments.
Howard Weiss
01/16/12
Complete
SecWG1111:8
•
Check to ensure that all the Algorithm
Yellow Book references are needed
and are normative.
All
01/16/12
Complete
SecWG1111:9
•
Obtain a number for the Algorithm
Yellow Book from the Secretariat
Editor
Howard Weiss
11/10/12
CCSDS 352.1-Y
SecWG1111:10
•
Determine SA Lifetimes for the
Network Layer Security Profile
Howard Weiss
01/16/12
Default appears to
be 1 hour. Cisco
allows up to 24 hrs
or 10 Mb.
SecWG1111:11
•
Coordinate Algorithm testing
Dorothea Richter,
Daniel Fischer,
Clayton Sigman
01/16/12
SecWG1111:12
•
Determine if a threat registry exists.
Craig Biggerstaff,
Howard Weiss
11/10/12
None found.
closed
SecWG1111:13
•
Develop an outline/roadmap for
revising the Threat Green Book.
Gordon Black,
Craig Biggerstaff,
Howard Weiss
02/22/12
Open
New Working Items, New BOFs, etc.
Channel coding for security (based on Shannon codes)
Security for software defined radios
Continue to discuss security additions for SLE and SM&C.