Post on 04-Jan-2016
Security WG:Report of the Fall 2008
Meeting
DIN, Berlin GermanyOctober 17, 2008
Howard WeissNASA/JPL/SPARTA
hsw@sparta.com+1-443-430-8089
Meeting Agenda• 13 October 2008
– 08:00 – 09:00: CCSDS Plenary– 09:00 – 12:00: Systems Engineering Area (SEA) Plenary
• 14 October 2008 (09:00 – 12:00)– Space Data Link Layer Security BOF
• 15 October 2008 (09:00 – 17:00)– Welcome, opening remarks, logistics, agenda bashing, introduction for new
attendees + Review of document progress and results of Spring 2008 meeting– Document Status (encryption, authentication, key management, mission planners)– “Big Picture” discussions (Black)– 1200-1300: Lunch – Security Architecture Document Discussions (Black)– Mission Planner’s Guide (Biggerstaff)
• 16 October 2008 (09:00 – 17:00)– Key Management (Fischer)– Application Layer Security (Pajevski/Weiss) – 1200-1300: Lunch – Other discussions (from last meeting):
» “Color” of books (magenta vs. blue)» Encryption & authentication application-specific parameters» Common Criteria for mission security profiles (knit docs together)» Agency security implementations (approach, requirements, security services)
– Meeting with DTN BOF (tentative)• 17 October 2008
– 1300-1700: SEA Wrap-up Plenary
AttendanceName Organization Email Address
Howard Weiss (Chair) NASA/JPL/SPARTA howard.weiss@sparta.com
Gordon Black BNSC/Logica gordon.black@logicacmg.com
Daniel Fischer ESA/ESOC daniel.fischer@esa.int
Martin Pilgram DLR martin.pilgram@dlr.de
Stefano Zatti ESA/ESRIN stefano.zatti@esa.int
Clayton Sigman NASA/GSFC clayton.sigman@nasa.gov
Craig Biggerstaff NASA/JSC/Lockheed craig.biggerstaff-1@nasa.gov
Paolo Chinetti ASI paolo.chinetti@asi.it
Ignacio Aguilar-Sanchez ESA/ESTC ignacio.Aguilar.Sanchez@esa.int
Sebastain Kuzminsky University of Colorado seb@highlab.com
Steve Rader NASA/JSC steven.n.rader@nasa.gov
Zhao Heping CAST zhpcast@public3.bta.net.cn
Lee Pits NASA/MSFC robert.l.pitts@nasa.gov
Executive Summary
Attendees from BNSC, ESA/ESOC, ESA/ESRIN, ESA/ESTEC, DLR, ASI, CAST, NASA/GSFC, NASA/JSC, NASA/MSFC, and NASA/JPL. CNES did not attend (a baby is due).
NASA and ESA participation from multiple, respective Agency centers continues to be the norm.
Joint meeting held with Space Link to begin a BOF for Space Link Layer Security Standardization
Reviewed the comments on the latest revision of the SecWG Security Architecture. With respect to the ongoing work in the SLS-BOF, we will add link layer security to the architecture core.
Encryption document out for pre-review review. Authentication document completed w/security section and submitted t
o secretariat. Discussed application layer security. Discussed color of books. Reviewed key management green and magenta books. Reviewed mission planners guide. Discussed the use of Common Criteria to create “space” Protection Profi
les again Discussed future work areas.
Summary of Goals and Deliverables
1. Discussion on the “big picture” of what the SecWG is doing and plans to do.
2. Security Architecture document will be revised based: new link layer security column will be added to the “core” combinatorics table.
3. Continue making good progress on Key Management green book. Stuck on KM magenta book pending information on current KM schemes used by the Agencies.
4. Excellent progress continues on Mission Planners Guide.5. Good discussion on application layer security and what could be used t
o provide “security shims” including the potential application of security integrated into messaging frameworks (e.g., AMS, SM&C).
6. Still mixed opinions on the use of the Common Criteria to write unambiguous security documents using an ISO standard language and format. Backburner pending some demonstration of its use.
7. Continue to work with other Areas and their WGs with respect to security.v Joint mtg w/SLS to create space link layer security BOF v Joint mtg DTN-BOF
SEA Area MID-TERM REPORTSUMMARY TECHNICAL STATUS
1. Security WG
Goal:
Working Status: Active _X_ Idle ____
Summary progress: Four documents actively being produced (Security Architecture, Key Management (2), Mission Planners Guide). All docs green.
Progress since last meeting: Authentication doc completed. Positive movement on Security Architecture doc, mission planners guide and KM. Link layer sec proposal
Problems and Issues: Resources – Excellent right now but need to ensure continued participation from all member agencies
status: OK CAUTION PROBLEM
Comment: Working Group is advancing and producing good
products.
Docs OK. Architecture revisions needed.
Near-Term ScheduleDeliverable Milestone Date
CCSDS Security Architecture
• Revise & update per meeting 06/09 R10/09 M
Key Management Green Book
• Revise per meeting comments 01/09
03/09 G
Key Management Magenta Book
• Being revised and restructured per internal ESA reviews and WG comments
03/09
03/10 M
Near-Term Schedule (cont)
Mission Planners Security Guide
Work in progress 10/08 G1
03/09 G2
10/09 G
Common Criteria Protection Profiles
Just starting 03/09 (white paper)
Application Layer Security
Just starting 03/09 (white paper)
Open Issues
None
Action ItemsItem Number Action Item: Assigned to: Date Due:
SecWG1008:1 • Assign hard dates to outstanding documents & vet with document authors
Howard Weiss 10/30/08
SecWG1008:2 • Provide re-write Security Architecture document section 7.5.1 to Gordon Black
Howard Weiss 11/15/08
SecWG1008:3 • Update & distribute revised Security Architecture document for WG final review
Gordon Black 1/30/08
SecWG1008:4 • Modify architecture diagram for possible inclusion into Security Architecture document
Ignacio Aguilar-Sanchez 11/30/08
SecWG1008:5 • Provide existing key management schemes for KM Magenta document to Daniel Fischer
ALL 12/15/08
SecWG1008:6 • Set up a WebEx telecon to exclusively review the KM documents – Jan 7 2009 @ 10:00 EST, 16:00 CEST
Howard Weiss 10/30/08
Action Items (2)SecWG1008:7 • Provide comments/updates to KM green book ALL 12/1/08
SecWG1008:8 • Provide comments/updates to KM magenta book ALL 1/1/09
SecWG1008:9 • Investigate use case scenarios, define/categorize the application layer problem. Identify interoperability scenarios/issues. Investigate use of message systems (AMS).
Mike Pajevski 03/09
SecWG1008:10 • How does CFDP plan to meet security req when docs are revised? What missions are now using CFDP and plan to use it?
Howard Weiss 11/30/08
SecWG1008:11 • Revise Mission Planners Guide roadmap diagrams. Ensure that 20007 controls are correctly mapped into our document.
Craig Biggerstaff 01/30/09
SecWG1008:12 • Write “awareness” statement for algorithms to be integrated into Security Architecture and/or Mission Planners Guide
Daniel Fischer 11/1/08
Action Items (3)
SecWG1008:13 • Plan for next meeting in Colorado Springs – become familiar with existing standards that might be applicable to our work (e.g., Common Criteria, IATF, etc).
ALL 03/09
SecWG1008:14 • Create a Powerpoint template for briefings by the agencies on their specific security practices
Howard Weiss 11/15/08
Resource Problems
Resources appear to be adequate to perform the current tasks. Resources are increasing:
ESA has provided additional resources NASA has provided additional resources We keep seeing and getting more interest
Risk Management Update
Must ensure that the current trend of additional resources remains and that resources don’t shrink.
Cross Area WG / BOF Issues
Joint meeting with SLS to create a new dual-area BOF NASA (JSC, JPL, GSFC) proposal for link layer protocol
Joint meeting with DTN
Resolutions to be Sent to CESG and Then to CMC
Resolution from link layer security BOF to charter as WG (from Gilles Moury)
New Working Items, New BOFs, etc.
Common Criteria Protection Profiles (backburner) Joint SLS/SEC Space Link Security BOF -> WG