7 Matching Results

Search Results

Advanced search parameters have been applied.

Comprehensive test ban treaty international monitoring system security threats and proposed security attributes

Description: To monitor compliance with a Comprehensive Test Ban Treaty (CTBT), a sensing network, referred to as the International Monitoring System (IMS), is being deployed. Success of the IMS depends on both its ability to preform its function and the international community`s confidence in the system. To ensure these goals, steps must be taken to secure the system against attacks that would undermine it; however, it is not clear that consensus exists with respect to the security requirements that should be levied on the IMS design. In addition, CTBT has not clearly articulated what threats it wishes to address. This paper proposes four system-level threats that should drive IMS design considerations, identifies potential threat agents, and collects into one place the security requirements that have been suggested by various elements of the IMS community. For each such requirement, issues associated with the requirement are identified and rationale for the requirement is discussed.
Date: March 1, 1996
Creator: Draelos, T.J. & Craft, R.L.
Partner: UNT Libraries Government Documents Department

Initial CTBT international monitoring system security findings and recommendations

Description: An initial security evaluation of the proposed International Monitoring System (IMS) suggests safeguards at various points in the IMS to provide reliable information to the user community. Modeling the IMS as a network of information processing nodes provides a suitable architecture for assessing data surety needs of the system. The recommendations in this paper include the use of public-key authentication for data from monitoring stations and for commands issued to monitoring stations. Other monitoring station safeguards include tamper protection of sensor subsystems, preservation of data (i.e. short-term archival), and limiting the station`s network services. The recommendations for NDCs focus on the need to provide a backup to the IDC for data archival and data routing. Safeguards suggested for the IDC center on issues of reliability. The production of event bulletins should employ {open_quotes}two-man{close_quotes} procedures. As long as the data maintains its integrity, event bulletins can be produced by NDCs as well. The effective use of data authentication requires a sound key management system. Key management systems must be developed for the authentication of data, commands, and event bulletins if necessary. It is recommended that the trust placed in key management be distributed among multiple parties. The recommendations found in this paper offer safeguards for identified vulnerabilities in the IMS with regard to data surety. However, several outstanding security issues still exist. These issues include the need to formalize and obtain a consensus on a threat model and a trust model for the IMS. The final outstanding security issue that requires in-depth analysis concerns the IDC as a potential single point of failure in the current IMS design.
Date: August 1, 1996
Creator: Craft, R.L. & Draelos, T.J.
Partner: UNT Libraries Government Documents Department

Authentication of data for monitoring a comprehensive test ban treaty

Description: The important issue of data integrity in the CTBT International Monitoring System (IMS) is discussed and a brief tutorial on data authentication techniques is offered. The utilization of data authentication as a solution to the data integrity problem is evaluated. Public key data authentication is recommended for multilateral monitoring regimes such as the CTBT. The ramifications and system considerations of applying data authentication at various locations in the IMS, or not at all, are reviewed in a data surety context. The paper concludes with a recommendation of authenticating data at all critical monitoring stations.
Date: May 1, 1996
Creator: Craft, R.L. & Draelos, T.J.
Partner: UNT Libraries Government Documents Department

Proactive DSA application and implementation

Description: Data authentication as provided by digital signatures is a well known technique for verifying data sent via untrusted network links. Recent work has extended digital signatures to allow jointly generated signatures using threshold techniques. In addition, new proactive mechanisms have been developed to protect the joint private key over long periods of time and to allow each of the parties involved to verify the actions of the other parties. In this paper, the authors describe an application in which proactive digital signature techniques are a particularly valuable tool. They describe the proactive DSA protocol and discuss the underlying software tools that they found valuable in developing an implementation. Finally, the authors briefly describe the protocol and note difficulties they experienced and continue to experience in implementing this complex cryptographic protocol.
Date: May 3, 1998
Creator: Draelos, T.; Hamilton, V. & Istrail, G.
Partner: UNT Libraries Government Documents Department

A key management concept for the CTBT International Monitoring System

Description: Cryptographic authentication (commonly referred to as ``technical authentication`` in Working Group B) is an enabling technology which ensures the integrity of sensor data and security of digital networks under various data security compromise scenarios. The use of cryptographic authentication,however, implies the development of a key management infrastructure for establishing trust in the generation and distribution of cryptographic keys. This paper proposes security and operational requirements for a CTBT (Comprehensive Test Ban Treaty) key management system and, furthermore, presents a public key based solution satisfying the requirements. The key management system is instantiated with trust distribution technologies similar to those currently implemented in industrial public key infrastructures. A complete system solution is developed.
Date: August 1, 1997
Creator: Herrington, P.; Draelos, T.; Craft, R.; Brickell, E.; Frankel, Y. & Silvestri, M.
Partner: UNT Libraries Government Documents Department

Data surety demonstrations

Description: The use of data surety within the International Monitoring System (IMS) is designed to offer increased trust of acquired sensor data at a low cost. The demonstrations discussed in the paper illustrate the feasibility of hardware authentication for sensor data and commands in a retrofit environment and a new system and of the supporting key management system. The individual demonstrations which are summarized in the paper are: (1) demonstration of hardware authentication for communication authentication in a retrofit environment; (2)demonstration of hardware authentication in a new system; and (3) demonstration of key management for sensor data and command authentication.
Date: August 1, 1998
Creator: Draelos, T.; Harris, M.; Herrington, P. & Kromer, D.
Partner: UNT Libraries Government Documents Department

Authenticated In-Plant Process Monitor

Description: Transparent and secure process monitoring systems may become an important tool in the dismantlement schemes in support of bilateral and multi-lateral treaties. A prototype system, using public key cryptography to authenticate compliance data, has been developed by Sandia National Laboratories. The Authenticated In-plant Process Monitor (AIPM) is an embedded process monitoring system capable of accepting up to sixteen industry standard process variables, at sample rates of up to two samples per second. Each AIPM will synchronously sample the process, authenticate, and transmit the data in real-time to the host receiving station. The receiving station will validate the compliance data and then display in real-time while updating a relational database. This new generation of monitoring systems must include protection from a host of possible threat scenarios while providing the user authentic clear text data. Data threats are controlled by the use of a public key Treaty Data Authentication Module (TDAM) utilizing the National Institute of Standards and Technology (NIST) Digital Signature Standard. System threats are minimized by the use of a tamper indicating enclosure that monitors unauthorized entry and environmental attacks. Insider threats will be controlled by the use of an authenticated bi-directional communication link between each remote AIPM and the host receiving station. This security envelope will be monitored on a real-time basis with appropriate action taken if an attack occurs. The employment of these security features allows the inspectorate to distribute unprocessed clear text data and an attached digital signature with confidence that the data cannot be forged.
Date: July 1, 1993
Creator: Leahy, P. & Draelos, T.
Partner: UNT Libraries Government Documents Department