An ITU-T Vision on SPAM

Transcription

1 International Telecommunication Union Aspectos Jurídicos del Comercio Electrónico An ITU-T Vision on SPAM Sesión 9 Telecommunication Standardization Bureau Simão Campos Counsellor, ITU-T Study Group 16 1 AntiSpam Forum 2004 CABASE / AMDIA Buenos Aires, Argentina, 3 June 2004 Overview Information about ITU High-level directives Understanding the problem Towards a standards-based solution Some existing ITU-T foundational standards Some additional ITU Resources Conclusion About ITU Additional Slides 3 4 ITU Structure ITU-T Study Groups Radiocommunication Sector (ITU-R / BR) Study Groups Strategic Planning Unit (SPU) Secretary General Telecommunication Standardization Sector (ITU-T / TSB) Study Groups Telecom Telecommunication Development Sector (ITU-D / BDT) Study Groups The International Telecommunication Union is an international organization within the United Nations System where governments and the private sector coordinate global telecom networks and services SG 2 Operational aspects of service provision, networks and performance SG 3 Tariff and accounting principles including related telecommunications economic and policy issues SG 4 Telecommunication management, including TMN SG 5 Protection against electromagnetic environment effects SG 6 Outside plant SG 9 Integrated broadband cable networks and television and sound transmission SG 11 Signalling requirements and protocols SG 12 End-to-end transmission performance of networks and terminals SG 13 Multi-protocol and IP-based networks and their internetworking SG 15 Optical and other transport networks SG 16 Multimedia services, systems and terminals SG 17 Data networks and telecommunication software SSG Special Study Group "IMT-2000 and beyond" TSAG Telecommunication Standardization Advisory Group 5 6 1

2 ITU-T Study Group 17 Lead Study Group for Communication System Security Coordination/prioritization of security efforts Development of core security Recommendations Manage the ITU-T Security Project Maintain Compendia on Security-related Recommendations and Security Definitions Network / Protocol perspective Existing Recommendations include Security architecture, model, frameworks, and protocols for open systems (X.800- & X.270-series) Trusted Third Party Services (X.842/X.843) Public-key and attribute certificate frameworks (X.509) Security architecture for end-to-end communications (X.805) ITU-T Study Group 2 Lead SG on Service Definition, Numbering, Routing and Global Mobility Users perspective principles of service provision, definition and operational requirements of service emulation; numbering, naming, addressing requirements and resource assignment routing and interworking requirements; human factors operational aspects networks and associated performance requirements interworking between traditional and evolving telecommunication networks; Existing Recommendations include E.408 (ex-e.sec.1): Telecommunication networks security requirements >> E.409 (ex-e.sec.2): Incident organization and security incident handling >> Handbook on IP Policy (under development) >> 7 8 ITU Plenipotentiary Conference 2002 Resolution Strengthening the role of ITU in information and communication network security High level directives resolves 1 to review ITU's current activities in information and communication network security; 2 to intensify work within existing ITU study groups in order to: a) reach a common understanding on the importance of information and communication network security by studying standards on technologies, products and services with a view to developing recommendations, as appropriate; b) seek ways to enhance exchange of technical information in the field of information and communication network security, and promote cooperation among appropriate entities; c) report on the result of these studies annually to the ITU Council Two Phases: Geneva, December 2003 Tunis, November 2005 Website Phase 1 Output Documents: Declaration of Principles Plan of Action URL: >> Declaration of Principles Build confidence and security in the use of ICTs (Sec.5, pg.5, para.35, 36, 37) Strengthening the trust framework Prevention of cybercrime/misuse of ICT Fight SPAM (unsolicited electronic messages)

3 Plan of Action (Action Line C5) Cooperation of all stakeholders (gov ts, civil society, private sector) Guidelines, legislation, share good practices User education (privacy, etc) National legal instruments for formal recognition of electronic documents (e.g. authentication) Strengthen real-time incident handling and response Development of secure and reliable applications Contributions to the intergov l agencies working groups (e.g. ITU) Understanding the problem A Taxonomy Vulnerabilities, Threats and Risks General Guidance/Architecture Network perspective ( SG 17) Users perspective ( SG 2) System/Application-Specific ( SGs 4, 9, 11, 13, 15, 16, SSG) Secure Infrastructure End-to-end security Vulnerability: something to be exploited threat model (e.g. SS7) design (e.g. Ambiguities in BGP4 parameters) implementation (e.g. SNMP & ASN.1) configuration (e.g b WiFi) Threat: people willing to exploit a vulnerability (hackers, criminals, terrorists, etc) Risk: the consequences of such an exploitation (data loss, fraud, loss of public confidence, etc) While threats change over time, security vulnerabilities exist throughout the life of a protocol Risks must be continuously reassessed!!! SPAM: a security risk (among other things ) Security vulnerabilities Threat analysis Implementation Configuration combined with a security threat (abusive ers, virus creators, etc) produces a security risk: SPAM Towards a standards-based solution

4 What to do? Pragmatism Learned-lessons for a comprehensive framework X.400 SMTP Foundational standards Protocol requirements Standardizers & Implementors Best practices Users perspective New or revised standards Transitional measures Clarify role of different players: ICT industry; governments; users (merchants; ISPs; private persons) Learned-lessons Security considerations are a must! Understand SMTP vulnerabilities; e.g. Lack of authentication mechanisms (positive identification of the sender) (Eric Allman, creator of sendmail, et alii) No mechanism for an inbound host to selectively refuse a message (J.Postel, RFC706, 1975) Consider solutions already available in other frameworks e.g. ITU-T Rec. X.400 & X.500 Collect the best of existing Best Practices Players: all A way forward Roles of Government Pragmatic, multi-pronged approach Educate users for safe use of existing systems Identify relevant existing or new Foundational Standards Standards: a technical specification developed in an open environment, through a consensus-based decision process!!! Standardizers & Implementors: agree on Foundational standards; agree on specific Standards Governments: identify actions that can help solve the problem (executive and legislative actions) Implementors: closely apply the agreed Standards Users and User Groups: strive to adhere to defined standards and disseminate Best Practices Legislative Create new or adapt existing national legislation to curb abuses and ensure protection of consumer s rights Executive Public education initiatives X.509 Public key Infrastructure / Digital Signature Example: Spanish government >> Joint activity between regulators: Sharing skills, knowledge, experience Where legislation exists, joint enforcement Multilateral frameworks for international cooperation (ITU BDT: drafting group of 6 countries; Dec.2004) Roles of Users Flock together Share experiences Develop Best Practices Participate in the debate, contribute to the next steps influence the standardizers Learn about secure practices Recognize that the problem is beyond only Spam Irrelevant information & information overload Need of change in paradigm / practices: (Opt-in) distribution channels (RSS) Electronic collaboration tools / distributed workspaces Instant messaging Some existing ITU-T foundational standards

5 Three Layers VULNERABILITIES Three Planes X Security Architecture for End-to-End Communications Security Layers Applications Security * * * Services Security Infrastructure Security End User Plane Control Plane Management Plane Access Control Authentication Non-repudiation Data Confidentiality Communication Security Data Integrity Availability Privacy THREATS Destruction Corruption Removal Disclosure Interruption ATTACKS 8 Security Dimensions SecMan_F.1 * Conventional Security dimensions New concepts in X.805 (extra slides) Vulnerabilities can exist in each Layer, Plane and Dimension 72 Security Perspectives (3 Layers 3 Planes 8 Dimensions) 25 X.400 Message handling system and service overview First approved: 1984 (now in its version 5) Defines Message Handling System (MHS) elements of service for User Agent (UA)-to-UA [Mail Client] Message Transfer Agent (MTA)-to-MTA, UA-to-MTA, and UA-to-Message Storage (MS) [Mail Server] Application Layer security services: confidentiality, integrity, authentication, non-repudiation and access control 26 X.509 OSI/The Directory: Publickey and attribute certificate frameworks 1st edition in 1988; 5th in preparation Written to satisfy multiple needs Extensibility allows organizations to enhance as needed Good cooperation between ITU, ISO, and IETF In products such as securing browser traffic and signing executable code Laws enabling electronic/digital signature Some additional ITU Resources ITU Resources ITU-T Recommendations >> ITU Activities on Countering Spam >> ITU SPU newslog on Spam >> Virtual Conference on Regulatory Cooperation on Spam (30/Mar/2004) >> Conclusions ITU WSIS Thematic Meeting on Countering Spam (Geneva, 7-9/Jul/2004) >> (template for a multilateral MoU for a framework & future collaborative action)

6 Conclusions: Problem recognition The social problems and network congestion caused by Internet SPAM are well recognized In the future, as the line between Internet appliances and telecommunications devices blur, there are opportunities for even greater misuse Action is needed, but the problem is complex Conclusions: Key factors for success and challenges Understand existing vulnerabilities Take advantage of learned lessons and adopt a pragmatic, multi-pronged approach: patches & fixes for the short-term look for a mid- & long-term solution Develop a set of global and compatible open, consensus-based Standards Solutions need to consider national sovereignty & cost aspects Partnership between all players Rethink paradigms & practices to minimize information overload simao.campos@itu.int (T) (F) ITU / Place des Nations CH1211 Geneva 20 Switzerland Thank You! Simão Ferraz de Campos Neto joined the ITU-TSB in 2002 and is the Counsellor for ITU-T Study Group 16, where standardization work takes place on multimedia services, protocols, systems, terminals and media coding. He was the Coordinator in TSB of the 2003 ITU-T Informal Forum Summit, and has also organized several workshops (IP and Multimedia in Satellites, Telecommunications for Disaster Relief and recently on Standardization in E-health). Prior to joining ITU in 2002, Mr Campos worked as a scientist in COMSAT Laboratories performing standards representation and quality assessment for digital voice coding systems. A Senior Member of the IEEE, Mr Campos authored several academic papers and position papers, and served in the review committee of several IEEE-sponsored conferences. He was the editor of the first edition of the TSB Security Manual. Mr Campos received in 1993 an MSc on Telecommunications from the State University of Campinas, Brazil, and a BSc in Electronic Engineering from the same university in International Telecommunication Union Supplemental Material ITU-T Security Blocks Some X-series Recommendations Overview of Technical Solutions Detailed ITU Structure AntiSpam Forum 2004 CABASE / AMDIA Buenos Aires, Argentina, 3 June 2004 ITU-T Security Building Blocks Security Architecture Framework X.800 Security architecture X.802 Lower layers security model X.803 Upper layers security model X.805 Security architecture for systems providing end-to-end communications X.810 Security frameworks for open systems: Overview X.811 Security frameworks for open systems: Authentication framework X.812 Security frameworks for open systems: Access control framework X.813 Security frameworks for open systems: Non-repudiation framework X.814 Security frameworks for open systems: Confidentiality framework X.815 Security frameworks for open systems: Integrity framework X.816 Security frameworks for open systems: Security audit and alarms framework Protocols X.273 Network layer security protocol X.274 Transport layer security protocol Security in Frame Relay X.272 Data compression and privacy over frame relay networks Security Techniques X.841 Security information objects for access control X.842 Guidelines for the use and management of trusted third party services X.843 Specification of TTP services to support the application of digital signatures Directory Services and Authentication X.500 Overview of concepts, models and services X.501 Models X.509 Public-key and attribute certificate frameworks X.519 Protocol specifications Network Management Security M.3010 Principles for a telecommunications management network M.3016 TMN Security Overview M TMN management services for IMT-2000 security management M.3320 Management requirements framework for the TMN X-Interface M.3400 TMN management functions Systems Management X.733 Alarm reporting function X.735 Log control function X.736 Security alarm reporting function X.740 Security audit trail function X.741 Objects and attributes for access control Facsimile T.30 Annex G Procedures for secure Group 3 document facsimile transmission using the HKM and HFX system T.30 Annex H Security in facsimile Group 3 based on the RSA algorithm T.36 Security capabilities for use with Group 3 facsimile terminals T.503 Document application profile for the interchange of Group 4 facsimile documents T.563 Terminal characteristics for Group 4 facsimile apparatus Televisions and Cable Systems J.91 Technical methods for ensuring privacy in long-distance international television transmission J.93 Requirements for conditional access in the secondary distribution of digital television on cable television systems J.170 IPCablecom security specification Multimedia Communications H.233 Confidentiality system for audiovisual services H.234 Encryption key management and authentication system for audiovisual services H.235 Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals H.323 Annex J Packet-based multimedia communications systems Security for H.323 Annex F (Security for simple endpoint types) H Directory services architecture for H.235 H.530 Symmetric security procedures for H.323 mobility in H.510 Some ITU-T X-series Recommendations

7 X.805 is a Multi Part Standard Joint Project with ISO/IEC JTC 1/SC 27, Information technology Security techniques IT network security Part 1: Network security management Part 2: Network security architecture (X.805) Part 3: Securing communications between networks using security gateways Part 4: Remote access Part 5: Securing communications across networks using virtual private networks 37 Three Layers VULNERABILITIES Three Planes X Security Architecture for End-to-End Communications Security Layers Applications Security * * * Services Security Infrastructure Security End User Plane Control Plane Management Plane Access Control Authentication Non-repudiation Data Confidentiality Communication Security Data Integrity Availability Privacy THREATS Destruction Corruption Removal Disclosure Interruption ATTACKS 8 Security Dimensions SecMan_F.1 * Conventional Security dimensions New concepts in X.805 (next slide) Vulnerabilities can exist in each Layer, Plane and Dimension 72 Security Perspectives (3 Layers 3 Planes 8 Dimensions) 38 X.805 Security Dimensions X.805 differentiates Privacy (association of users to their action) /Confidentiality (eavesdropping, tampering, etc) Communication security dimension ensures that information flows only between authorized end points (information is not diverted or intercepted between these end points) Access Control security: prevention of unauthorized access to resources. It is related but beyond authentication. Availability dimension: avoid network interruption (includes network restoration, disaster recovery, etc) X.402 MHS Overall architecture Security procedures and Object Identifiers for use in MHS protocols to implement Application Layer services related to: confidentiality, integrity, authentication, non-repudiation and access control X.500 OSI/The Directory: Overview of concepts, models and services Procedures for interconnection of information processing systems to provide directory services and its security features Alternative: LDAP X.509 Specifies Public-key certificate binds name of entity to a public key if certificate issuer trusted then the entity can be authenticated by the use of the associated private key Attribute certificate asserts an entity s privileges, i.e. its right, to access information or services replaces the need for managing rights in the asset holding system

8 X.509 is widely used Public-key certificates are widely deployed prevents the classic man-in-the-middle attack used in Secure Sockets Layer (SSL) to secure browser traffic protect content and authenticates source replacing notarized signatures in some areas Initial products did not need to be pure e.g. early, and some current, browsers do not check certificate revocation status Some attribute certificate implementations are being studied Example: Spain s Fabrica Nacional de Moneda y Timbre Public Certificate Programme >> Overview of Technical Solutions What is Spam? (1) What is Spam? (2) No universally-agreed definition Term generally describes unsolicited electronic communications over personal computers or mobile handsets Objective is usually to market commercial products or services But also the method of choice for delivery of viruses Scam mail by fraud artists to deceive users into releasing privileged information (credit card numbers, account info, etc) One of the major plagues affecting today's digital world Efficiency loss Other hidden costs But it is beyond only Spam Irrelevant information & information overload Need of change in paradigm / practices: (Opt-in) distribution channels (RSS) Electronic collaboration tools / distributed workspaces Instant messaging Overview of Technical Solutions At the source server Three stages for implementing measures against Spam: At the source server At the destination server At the end user client Source rate limiting Limit how many s can be sent from the source server within a given timeframe Authentication Source server provides mechanisms whereby the destination server, or the end-user client can verify that the is indeed sent out by the source server and/or by the claimed user Payment Server mechanism to charge the user for sending out via the source server Hard cash or virtual cash (e.g. CPU cycles in a challengeresponse system)

9 At the destination server At the end user client Destination rate limiting Limit how many s can be received by the destination server within a given timeframe Destination reputation system Destination server determines whether to admit an incoming based on the known (bad or good) reputation of the source server Based on earlier behavior mail servers (blacklist/ whitelist) Checksum approach Server keeps a hash of every received message and a frequency count of the number of hits of that hash High counts indicate mass mailing Local tables (large sites) or distributed tables (small & medium sites) Static filtering approach Simple, constant rules (e.g. Outlook, procmail) Adaptive filtering approach Dynamic rules (e.g. Bayesian filters) Reputation system (end-user client) Messages classified according to earlier behavior of source mail servers (based on black & white lists) Challenge-response system as possible second criteria Structure of ITU (detailed) Plenipotentiary Conference Radiocommunication Sector Telecommunication Standardization Sector Development Sector Council World/Regional Conferences Radiocommunication Assembly World Telecommunication Standardization Assembly (WTSA) World/Regional Conferences World Conferences on International Telecommunications Radio Regulations Board Study Groups Study Groups Study Groups Coordination Committee Secretary-General Deputy Secretary-General Director Advisory Group Director Advisory Group Director Advisory Group General Secretariat Bureau Bureau Bureau 51 9