FREE ELECTRONIC LIBRARY - Abstracts, books, theses

Pages:   || 2 |

«ETSI TR 102 512 V1.1.1 (2006-08) Technical Report Terrestrial Trunked Radio (TETRA); Security; Security requirements analysis for modulation enhancements ...»

-- [ Page 1 ] --

ETSI TR 102 512 V1.1.1 (2006-08)

Technical Report

Terrestrial Trunked Radio (TETRA);


Security requirements analysis for

modulation enhancements to TETRA

2 ETSI TR 102 512 V1.1.1 (2006-08)




analysis, security, TETRA


650 Route des Lucioles

F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C

Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice

Individual copies of the present document can be downloaded from:

http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).

In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp

If you find errors in the present document, please send your comment to one of the following services:

http://portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission.

The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2006.

All rights reserved.

TM TM TM DECT, PLUGTESTS and UMTS are Trade Marks of ETSI registered for the benefit of its Members.

TM TIPHON and the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.

TM 3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.

ETSI 3 ETSI TR 102 512 V1.1.1 (2006-08) Contents Intellectual Property Rights


1 Scope

2 References

3 Definitions and abbreviations

3.1 Definitions

3.2 Abbreviations

4 Communications security model

4.1 Introduction

4.2 General model identifying security relationships

4.3 TVRA development model

5 Security objectives

5.1 General objectives

5.2 Objectives from the legislative framework

5.2.1 Privacy

5.2.2 Data protection

5.2.3 Security order

5.2.4 Lawful Interception

5.2.5 Contract

5.3 Summary

6 Vulnerability analysis

6.1 Introduction

6.2 TETRA system under evaluation

6.3 TETRA use cases (security scenarios)

6.3.1 Point to point communication within single TETRA SwMI

6.3.2 Point to multipoint communication within single TETRA SwMI

6.3.3 Broadcast communication within single TETRA SwMI

6.3.4 Point to point communication within multiple TETRA SwMIs

6.3.5 Point to multipoint communication within multiple TETRA SwMIs

6.3.6 Broadcast communication within multiple TETRA SwMIs

6.4 Overview of existing TETRA security measures

6.4.1 Security analysis and recommendation

6.4.2 Air interface capabilities Security profiles or classes Authentication Over the air key management support Encryption Over the Air enable and disable

6.4.3 Crypto capabilities TAA1 TEAx Overview TEA1 TEA2 TEA3 TEA4

6.5 System capabilities not covered by existing TETRA security measures

6.5.1 PEI Overview Objectives Threats and threat agents Summary of unwanted incidents

6.5.2 ISI

ETSI 4 ETSI TR 102 512 V1.1.1 (2006-08) 6.5.3 IP

6.5.4 Application level security

7 Identification of requirements for countermeasures

7.1 Overview

7.2 TETRA air interface modifications

7.2.1 Outline of modifications to TETRA air interface security


ETSI 5 ETSI TR 102 512 V1.1.1 (2006-08) Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http://webapp.etsi.org/IPR/home.asp).

Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document.

Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Terrestrial Trunked Radio (TETRA).

–  –  –

1 Scope The present document updates the threat analysis presented in ETR 086-3 [1] with respect to new services and capabilities offered by the enhancements to TETRA that aim to provide alternative modulation schemes with a view to offering higher data transmission rates.

NOTE: The analysis provided by ETR 086-3 [1] remains valid and the recommendations made by that document remain in force.

In clause 7 the analysis identifies security extensions required for EN 300 392-7 [3].

2 References

For the purposes of this Technical Report (TR), the following references apply:

–  –  –

[2] ISO/IEC 9798-2: "Information technology - Security techniques - Entity authentication:

Part 2: Mechanisms using symmetric encipherment algorithms".

–  –  –

[16] Common Methodology for Information Technology Security Evaluation; Evaluation methodology;

July 2005; Version 3.0 Revision 2 (CCMB-2005-07-004).

–  –  –

[21] Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications - OJ L 201, 31.07.2002).

–  –  –

[24] ITU-T Recommendation v.24: "List of definitions for interchange circuits between data terminal equipment (DTE) and data circuit-terminating equipment (DCE)".

–  –  –

3.1 Definitions For the purposes of the present document, the terms and definitions given in ETR 086-3 [1] apply.

3.2 Abbreviations

For the purposes of the present document, the following abbreviations apply:

–  –  –

4.1 Introduction

In the context of the present document, security means to be assured that the risk of a weakness being exploited either intentionally or unintentionally is low.

Many standards include aspects of security, such as:

–  –  –

The goals of security and of evaluation are:

• to provide product owners with confidence that countermeasures bring the risk to assets to an acceptable level;

• to implement assurance techniques which give confidence that countermeasures bring the risk to assets to an acceptable level;

• to ensure that evaluation provides evidence of assurance giving confidence that countermeasures bring the risk to assets to an acceptable level.

The standardization process plays a significant role in achieving these objectives. Firstly, in order to ensure that the requirements identified in a standard are expressed accurately, clearly and unambiguously, a standard is critically reviewed by its potential implementors. Such review, along with other validation techniques, helps to provide the assurance that any specified countermeasures will, in fact, minimize risk. Secondly, a protocol standard is accompanied by a conformance test specification which can be used in the evaluation process to provide evidence that any countermeasures required by the protocol standard have been implemented correctly in a product.

4.2 General model identifying security relationships Figure 1 shows a generic system model and the relationship of its components to each other. In order to assess a system it is necessary to identify the system components as these form the assets of the system under threat that may require protection by means of countermeasures.

–  –  –

4.3 TVRA development model In order to allow visibility there should be a clearly visible path identifying "Objective" to "Requirement" and of "Vulnerability" to "Threat" to "Risk".

–  –  –

Figure 2: Structure of security analysis and development in standards documents For the purposes of analysis, all assets should be considered to have weaknesses.

–  –  –

5.1 General objectives The objectives to be met for systems in general, and for systems where the initial link is by radio in particular, where

such systems are provisioned for commercial purposes, are summarized in the following bullets:

• to be able to prove the of identity of users and networks;

• to ensure confidentiality of communication;

• to ensure integrity of communication;

• to ensure the rights of privacy of the system's users;

NOTE: This is an objective that is maintained in law.

• to ensure the correct charging of the system's users;

• security management:

- The complex security functions within the network call for sophisticated control and management. The management functions are security critical themselves and, therefore, subject to security requirements.

5.2 Objectives from the legislative framework Operators of TETRA networks, and manufacturers of TETRA equipment, have an objective to ensure compliance with the legislative framework of the region in which they operate.

Telecommunications networks and systems are expected to operate within a particular legislative framework. Within Europe the Framework Directive [19] (comprising the Privacy Directive [21], the Authorisation Directive [18], the Access Directive [17] and the Universal Service Directive [20]) identifies a number of areas for which compliance is required and which are highlighted in the clauses that follow.

5.2.1 Privacy Privacy legislation is of increasing importance; there are strong restrictions in many countries with regard to storage and visibility of data. Therefore, when offering a TETRA service, or when designing data processing functions and defining the kind of data being generated or stored within TETRA systems, TETRA service providers should consider the relevant national data protection laws.

The definition of privacy for TETRA includes:

• privacy of information: keeping information exchanged between TETRA service functions away from third parties;

• limitations on collection, storage and processing of personal data: personal data may only be collected, stored and processed if there is a relationship between the data and the actual provision of TETRA services;

• disclosure: the obligation of a network and service providers to keep information concerning customers away from third parties;

• inspection and correction: the right of the customer to inspect and correct information about himself stored by the service and/or network provider.

–  –  –

Privacy legislation mostly concerns the security objectives regarding "confidentiality" and "integrity". For TETRA special concern in this respect should be paid to the contents of personal data in the TETRA service profile. These data and the access conditions to it for the service provider's personnel, the subscriber and the user himself should be limited, in accordance with the relevant European guidelines and national laws.

This legislation will mostly concern the security objectives regarding "accountability", "confidentiality" and "integrity".

5.2.2 Data protection Data protection measures are those measures made to cover the security of data over and above those dealing purely with privacy and cover the access to and use of data volunteered for any transaction to a third party. Additional protection measures may be necessary to ensure that measures related to data retention and lawful interception remain lawful.

This legislation will mostly concern the security objectives regarding "accountability", "confidentiality" and "integrity".

5.2.3 Security order

National laws concerning the security order:

• demand proper protection of information and infrastructure to ensure the availability and the integrity of the telecommunication network;

• may restrict the usage of cryptographic methods.

This legislation will mostly concern the security objectives regarding "confidentiality", "integrity" and "availability".

5.2.4 Lawful Interception Lawful interception means the obligation of the network operator to co-operate and provide information in case of criminal investigations (see TS 101 331 [10]).

This legislation will mostly influence the security objectives regarding "confidentiality".

5.2.5 Contract It should be possible to use information concerning the contract for communication services between two entities in case of a dispute in a court of law.

This legislation will mostly influence the security objectives regarding "accountability" and "integrity".

5.3 Summary

The objectives listed above can be summarized to the following main security objectives:

- confidentiality of TETRA service data, of TETRA management data, and of communications using TETRA;

- integrity of TETRA service data, of TETRA management data, and of communications using TETRA;

- availability of all TETRA services and of all TETRA management functions; and

- accountability for all TETRA service invocations and for all TETRA management activities.

Therefore the TVRA and security measures will only be based on these objectives.

–  –  –

6.1 Introduction

The vulnerability analysis for TETRA is presented in accordance with the guidance given in ETR 332 [11] and ISO/IEC 15408-3 [14] to ensure that the system strength can be independently evaluated.

A deployment of a TETRA system is analysed for possible threats. The base for this analysis is the TETRA system as developed to date for TETRA with those extensions required for the data rate extensions for an update of the TETRA air interface. Where existing security measures are available they have been included into the analysis in order to identify threats to the existing countermeasures.

The analysis is made for both private and public systems. The impacts of connection of the TETRA system to public or private fixed networks are included in the analysis.

A potential threat is doing no harm unless there is a corresponding weakness in the system and until the point in time when a weakness is exploited by the intruder. Thus, the threats must be evaluated, i.e. it should be attempted to characterize them according to cost/effort involved (occurrence likelihood) and according to potential benefit/damage that can be done (impact value).

For the risk assessment, the occurrence likelihood of threats is estimated with values from "1" to "3". The meaning of a

Pages:   || 2 |

Similar works:

«FACTA UNIVERSITATIS Series: Mechanics, Automatic Control and Robotics Vol.3, No 13, 2003, pp. 583 597 AN R-CURVE ASSESSMENT OF STABLE CRACK GROWTH IN AN ALUMINIUM ALLOY UDC 539.219.2 620.1 A. R. Luxmoore Faculty of Engineering, University of Wales Swansea, UK Abstract. An AlMgZn alloy has shown brittle behaviour when tested using standard fracture specimens, but larger specimens with the same contour geometry have produced stable fracture i.e. controlled crack propagation under either...»

«Mapping Biophysics through enhanced Monte Carlo techniques by Israel Cabeza de Vaca Lopez A dissertation presented to The department of Applied Physics at Universitat Politècnica de Catalunya In partial fulfilment of the requirements for the degree of Doctor per la Universitat Politècnica de Catalunya in the subject of Computational and Applied Physics Computational and Applied Physics Program Advisor: Prof. Victor Guallar Tasies Tutor: Prof. Manel Canales Gabriel Universitat Politècnica de...»

«Textural development and hydrogen adsorption of carbon materials from PET waste J.B. Parraa, C.O. Aniaa, A. Arenillasa, F. Rubieraa, J.M. Palaciosb and J.J. Pisa* a Instituto Nacional del Carbón, CSIC, Apartado 73, 33080 Oviedo, Spain b Instituto de Catálisis y Petroleoquímica, CSIC. Campus UAM-Cantoblanco. 28049 Madrid, Spain Abstract Polyethyleneterephthalate, PET, has become one of the major post-consumer plastic wastes. PET products present a problem of considerable concern due to the...»

«Drug and Alcohol Testing in Child Custody Cases: Implementation of Family Code Section 3041.5 FINAL REPORT TO THE CALIFORNIA LEGISLATURE JULY 2007 Judicial Council of California Administrative Office of the Courts Center for Families, Children & the Courts 455 Golden Gate Avenue San Francisco, CA 94102-3688 This report has been submitted to the California Legislature pursuant to Assembly Bill 1108 (2003). Copyright © 2007 by Judicial Council of California/Administrative Office of the Courts....»

«                                       !  ∀ # ∃%& # ∋ ( # %# ) ( ∗+ ∀# %   # , −./ 0   1 (   (1   #  (1     1 2   2  # 3! −30  4.∗4!5 6++∋ . 3∗4!  7  (///+. 34!/!/.3            8           Tether Monitoring for Entanglement Detection, Disentanglement and Localisation of Autonomous Robots Vishnu Arun Kumar Thumatty Rajan1,...»

«® UltraClean PCR Clean-Up Kit Catalog No. Quantity 12500-50 50 Preps 12500-100 100 Preps 12500-250 250 Preps Instruction Manual Please recycle Version: 02212013 Technical information: Toll free 1-800-606-6246, or 1-760-929-9911 Email: technical@mobio.com Website: www.mobio.com Table of Contents Introduction Protocol Overview Specifications Flow Chart. Equipment Required Kit Contents & Storage Precautions & Warnings Protocols: Experienced User Protocol Detailed Protocol (Describes what is...»

«2009 22nd Bled eConference eEnablement: Facilitating an Open, Effective and Representative eSociety June 14 17, 2009; Bled, Slovenia Exploring inter-organizational alignment with e3alignment – An Aviation Case Vincent Pijpers, Jaap Gordijn, Hans Akkermans VU University Amsterdam, The Netherlands pijpersv-,gordijn-, elly@few.vu.nl Abstract In this paper we present the e3alignment framework and approach, which we use to explore a wide range of inter-organizational alignment issues concerning...»

«SME TECHNICAL WORKING PAPERS SERIES Working Paper No. 11 Reforming State-Owned Enterprises: Lessons of International Experience, Especially for the Least Developed Countries Reforming State-Owned Enterprises: Lessons of International Experience, especially for the Least Developed Countries by Richard M. Kennedy Senior Industrial Development Officer and Leroy P. Jones UNIDO Consultant UNITED NATIONS INDUSTRIAL DEVELOPMENT ORGANIZATION Small and Medium Enterprises Branch Programme Development and...»

«HISTO-ANATOMICAL INVESTIGATIONS ON SOME CUSCUTA SPECIES C. TOMA. ASPAZlA ANDRONACHE. IRINA I'OMA The authors investigated the stem and haustoria structure in three C~iscwtaspecies parasite on different dicotyledonous species. In all 3 species. the stems have not tector hairs; the vascular bundles are not typical, being collaterally closed. the mechanical tissues are weakly developed or absent. The haustoria penetrate the host plant, especially in the phloem, sometimes arising in the pith The...»

«Millionaire Traders How Everyday People Are Beating Wall Street at Its Own Game Kathy Lien Boris Schlossberg Millionaire Traders Millionaire Traders How Everyday People Are Beating Wall Street at Its Own Game Kathy Lien Boris Schlossberg Copyright 2007 by Kathy Lien and Boris Schlossberg. All rights reserved C Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada. Wiley Bicentennial Logo: Richard J. Pacifico No part of this publication may be reproduced,...»

«Power-Aware SoC Test Planning for Effective Utilization of Port-Scalable Testers ANUJA SEHGAL, SUDARSHAN BAHUKUDUMBI, and KRISHNENDU CHAKRABARTY Duke University Many system-on-chip (SoC) integrated circuits contain embedded cores with different scan frequencies. To better meet the test requirements for such heterogeneous SoCs, leading tester companies have recently introduced port-scalable testers, which can simultaneously drive groups of channels at different data rates. However, the number of...»

«Polyhedral Mesh Generation and Optimization for Non-manifold Domains Rao V. Garimella, Jibum Kim, and Markus Berndt Los Alamos National Laboratory, Los Alamos, NM, USA {rao,jibumkim,berndt}@lanl.gov Abstract. We present a preliminary method to generate polyhedral meshes of general non-manifold domains. The method is based on computing the dual of a general tetrahedral mesh. The resulting mesh respects the topology of the domain to the same extent as the input mesh. If the input tetrahedral mesh...»

<<  HOME   |    CONTACTS
2017 www.sa.i-pdf.info - Abstracts, books, theses

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.