Security in the PEPPOL



Similar documents
CS 356 Lecture 28 Internet Authentication. Spring 2013

Information Security Basic Concepts

Security + Certification (ITSY 1076) Syllabus

Public Key Infrastructure (PKI)

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Anypoint Platform Cloud Security and Compliance. Whitepaper

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Goals. Understanding security testing

OIO SAML Profile for Identity Tokens

NIST s Guide to Secure Web Services

This Working Paper provides an introduction to the web services security standards.

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

Addressing Cloud Computing Security Considerations

ITL BULLETIN FOR JULY Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance

State of Illinois Department of Central Management Services GENERAL SECURITY FOR STATEWIDE NETWORK RESOURCES POLICY

Independent Accountants Report

WEB SERVICES SECURITY

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Biometric Single Sign-on using SAML

Biometric Single Sign-on using SAML Architecture & Design Strategies

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

The Protection Mission a constant endeavor

Protecting Your Organisation from Targeted Cyber Intrusion

Autodesk PLM 360 Security Whitepaper

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Software Defined Perimeter Working Group. SDP Hackathon Whitepaper

IBX Business Network Platform Information Security Controls Document Classification [Public]

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Extended SSL Certificates

Introduction to the DANE Protocol

Using Entrust certificates with VPN

Securing DNS Infrastructure Using DNSSEC

APIs The Next Hacker Target Or a Business and Security Opportunity?

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Intelligent Security Design, Development and Acquisition

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Achieving PCI Compliance Using F5 Products

Overview. SSL Cryptography Overview CHAPTER 1

An Oracle White Paper Dec Oracle Access Management Security Token Service

Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999

Network Security Fundamentals

FINAL May Guideline on Security Systems for Safeguarding Customer Information

PCI Requirements Coverage Summary Table

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING

Web Services Trust and XML Security Standards

Systematization of Knowledge Lessons Learned From SSL/TLS Attacks

Passing PCI Compliance How to Address the Application Security Mandates

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

Internal Server Names and IP Address Requirements for SSL:

How To Understand And Understand The Security Of A Key Infrastructure

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Healthcare Compliance Solutions

DNS security: poisoning, attacks and mitigation

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Lecture VII : Public Key Infrastructure (PKI)

Web Services Security: What s Required To Secure A Service-Oriented Architecture. An Oracle White Paper January 2008

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Project 25 Security Services Overview

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard. Summary of Changes from PCI DSS Version 2.0 to 3.0

IBM Connections Cloud Security

PCI Requirements Coverage Summary Table

APPENDIX C - PRICING INDEX DIR-SDD-2514 VERIZON BUSINESS NETWORK SERVICES, INC SERVICES

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

Frequently Asked Questions. Frequently Asked Questions: Securing the Future of Trust on the Internet

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

CTS2134 Introduction to Networking. Module Network Security

CICS Web Service Security. Anthony Papageorgiou IBM CICS Development March 13, 2012 Session: 10282

A HELPING HAND TO PROTECT YOUR REPUTATION

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Chapter 10. Cloud Security Mechanisms

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Chapter 1 The Principles of Auditing 1

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Information Technology Security Review April 16, 2012

The Role of Identity Enabled Web Services in Cloud Computing

CompTIA Security+ (Exam SY0-410)

Eleventh Hour Security+

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

American International Group, Inc. DNS Practice Statement for the AIG Zone. Version 0.2

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

CLOUD FRAMEWORK & SECURITY OVERVIEW

Deploying DNSSEC: From End-Customer To Content

Web Service Security Vulnerabilities and Threats in the Context of WS-Security

Den Gode Webservice - Security Analysis

Becoming PCI Compliant

Transcription:

Security in the PEPPOL infrastructure Presentation for OASIS BUSDOX TC, March 2011 Thomas Gundel, IT Crew

Agenda PART I Security goals in PEPPOL Scope and requirements Security overview PART II Trust models Authentication assurance Secure communication Operational security requirements PART III Attacks and mitigations

Security Goals Enable confidence and faith in the infrastructure by setting high security standards Establish a common minimum-level of security in the PEPPOL infrastructure across organizations and countries Prevent fraud and security incidents

Scope of infrastructure security Infrastructure security scope: Communication to/from AP / SMP / SML i.e. (not end-to-end) Independent of payload Sender authentication Outside of scope: Document or Business level security: Between sender and receiver (end-to-end) Requirements for payload (e.g. signed and/or encrypted documents)

Infrastructure Security Overview Security rests on five pillars: Trust via a Public Key Infrastructure Ensuring service providers sign an agreement before they join the infrastructure Agreement regulate responsibilities, requirements, liability Checks for compliance may be performed Using secure communication protocols Employs encryption, signing, certificates, security tokens Operational security requirements for service providers Firewalls, intrusion detection, patching, logging, penetration test Sender authentication Sender Access Point vouches for sender identity

Trust How do service providers know whether communicating peers are valid members of PEPPOL? For example, if a received message is from a valid PEPPOL Access Point? Is metadata signed by a PEPPOL Service Metadata Publisher? Different trust mechanisms have been considered: a) Establish a PEPPOL PKI b) Publish Trusted Parties Lists c) Establish a service where trusted service providers can be looked up

Trust via PEPPOL PKI A public key infrastructure can be established by: A Certificate Authority issuing digital certificates under a central PEPPOL root certificate Anyone with a PEPPOL certificate is considered a valid member of the infrastructure (closed user group PKI) The PEPPOL Governing Board acts as Registration Authority

Trust via PEPPOL PKI Advantages: The CA service can be acquired as a standard offering by PKI vendors Service providers can validate peers just by installing the PEPPOL root certificate (does not need to invoke services) Validation of certificates is offered out-of-the-box by most middleware Scales well Proven technology Easy to revoke members Reasonable cost (centralized)

Linking Trust and Agreements Service Providers can only join the infrastructure (and receive a PEPPOL certificate) once they have signed the relevant agreements with the PEPPOL Governing Board. When entering the agreement, service providers commit to fulfill the stated quality and security requirements. The PEPPOL Governing Board may perform checks on new Service Providers including review of documentation, review of auditor statements on compliance etc.

Secure Communication We want to achieve the following properties for secure communication in the infrastructure: Authentication Who sent a document? Integrity Has the contents been altered? Is it correct? Confidentiality Can outsiders learn the content?

Secure Communication (2) Secure communication is achieved by: Signing SOAP messages (WS-Security) Authentication of service providers Message integrity Using transport-layer security (SSL / TLS) Confidentiality & integrity Including SAML tokens vouching for sender identity (WS- Security) Sender authentication Similar to OIO Identity-Based Web Services

Sender authentication Sender Access Point is required to authenticate sender of document and vouch for the identity to the recipient Recipient is relieved from the complexity of handling many different types of credentials Recipient needs only to know sender identity credential not details of their Sender Access Points have business relationships with their customers and should know how to authenticate them (may e.g. have issued their credential)

Sender authentication (2)

Sender authentication (3) Sender Access Point issues SAML 2.0 token stating: Sender Identity (result of authentication) Level of identity assurance (1-4) Issuer of token (signed with PEPPOL certificate) Level of identity assurance: 1 => low confidence in claimed in identity 4 => very high confidence in claimed identity Technology Agnostic Assurance level classified according to Liberty Alliance Identity Assurance Framework Takes into account: The technical quality of the credential The credential issuing process Organizational factors Discussion with STORK project to align (eid focused)

Operational security req. Goal: ensure that service providers operate their it-systems in a secure and controlled manner Security requirements are an annex to the agreement service providers sign with the PEPPOL Governing Board Example requirements: Requirement for information security programme Use of digital certificates (PEPPOL PKI), revocation checks Allowed cryptographic algorithms and key lengths Incident reporting Penetration testing Firewalls and network segmentation Logging Patching and vulnerability scanning Surveillance and intrusion detection

Attacks and mitigations DNS poisoning DNSSEC can be used Registering signed top-level response Denial of service attacks Hard to guard against (needs cooperation from ISPs) Robustness and scalability of DNS helps with SML Individual Access Points and SMP must work with their ISPs Rogue PEPPOL certificates: impersonate AP or SMP Liability for mis-use of your private key Operational security requirements (e.g. document key management procedures) Certificate revocation

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information