28 pages

English

Secure Device Identity Tutorial

Urzoe - Mike Borza

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

28 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

Borza/Vie ga Secure Device Identity Tutor ialSecure Device Identity TutorialMik e Bo rzaJohn Viegawith Charles QiK aren Zelenko2005-07-18 Page 1Borza/Vie ga Secure Device Identity Tutor ialA genda● Secure Device Identity – 100,000 foot view● The 5 criteria● The 10,000 foot view● Related technologies● Related presentations–Charles Qi, Broadcom Broadsafe HSM–Karen Zelenko – Phoe nix Technologies security modules2005-07-18 Page 2Borza/Vie ga Secure Device Identity Tutor ialThe 100,000 Fo ot View2005-07-18 Page 3Borza/Vie ga Secure Device Identity Tutor ialWhat is it?● Unique per-device identifiers –M ethod or methods for authenticating that the device is uniquely bound to that identifier–M anufacturing ID may be augmented with Locally Significant Ide ntity (LSID )● What is a device?– “Anything with an identity” – Nor m Finn ● Distributed trust model, no central registry–no extra administration or cost within IEEE to implement2005-07-18 Page 4Borza/Vie ga Secure Device Identity Tutor ialWhy is it needed?● No standard ways to identify devices across network architectures● MA C addresses are not sufficient–M ultiple per device–Reconfigurable–Not cryptographically bound● Device identity is important for completing chains of trust–Closes a significant window of vulnerability2005-07-18 Page 5Borza/Vie ga Secure Device Identity Tutor ialWhere will it be used?● Network equipment provisioning● Identification of devices joining a ...

Informations

Publié par	Urzoe
Nombre de lectures	63
Langue	English

Extrait

Borza/Viega

2005-07-18

Secure Device Identity Tutorial

Mike Borz

John Viega

with Charles Qi

Karen Zelenko

Page 1

Borza/Viega

Agenda

Secure Device Identity Tutorial

●Secure Device Identity – 100,000 foot view

●The 5 criteria

●The 10,000 foot view

●Related technologies

●Related presentations

–Charles Qi, Broadcom Broadsafe HSM –Karen Zelenko – Phoenix Technologies security modules

2005-07-18

Page 2

Borza/Viega

2005-07-18

Secure Device Identity Tutorial

The 100,000 Foot View

Page 3

Borza/Viega

What is it?

Secure Device Identity Tutorial

●Unique per-device identifiers –Method or methods for authenticating that the device is uniquely bound to that identifier –Manufacturing ID may be augmented with Locally Significant Identity (LSID) ●What is a device?

–“Anything with an identity”– Norm Finn ●Distributed trust model, no central registry

–no extra administration or cost within IEEE to implement

2005-07-18

Page 4

Borza/Viega

Why is it needed?

Secure Device Identity Tutorial

●No standard ways to identify devices across network architectures ●MAC addresses are not sufficient –Multiple per device –Reconfigurable –Not cryptographically bound ●Device identity is important for completing chains of trust –Closes a significant window of vulnerability

2005-07-18

Page 5

Borza/Viega

● ● ● ● ● ● ●

Secure Device Identity Tutorial Where will it be used?

Network equipment provisioning Identification of devices joining a network Authenticated key exchange in other protocols –E.g., 802.1AF, 802.1X Inventory management Internal component identification LLDP chassis IDs …

2005-07-18

Page 6