[Css-dts] Re: [Sea-sec] CCSDS -DTS Worging Group - Security Issues for SLE Books

Peter Shames peter.shames at jpl.nasa.gov
Wed Jul 7 16:58:17 EDT 2004 

Dear Yves,

This appended message, which you apparently sent out from ESA last 
week, has only just now arrived in our in boxes here, apparently due to 
some snafu in the CCSDS mail list server configuration.  We did see a 
copy of it, which Fred Brosi forwarded on Monday, that was sent to the 
DTSWG, so we have had an opportunity to consider how best to respond.  
Because of the delay it is not clear that we will be able to provide a 
fully satisfactory response by the requested date of 10 July.  However, 
Fred Brosi, John Pietras, Howie Weiss, Adrian Hooke, and I have been 
consulting on this and we believe that we have a proposed approach that 
will work for all concerned.

We do collectively understand that there is a strong desire to both 
deliver the current Red Books in a timely manner and to not produce a 
specification that will break or invalidate existing implementations.  
At the same time we also believe that it will be best if we can provide 
some clear guidance in these, about to be Blue Books, on acceptable 
security approaches for future implementors.  Given that we do not have 
a prescriptive Blue Book that offers such guidance, either in the CSS 
SLE series or in the newer SEA Security series, we are going to propose 
use of (and updating of) the existing SLE Green Book.

John and Howie will shortly be providing a note with the details of the 
proposal.

I just wanted to let you know that we are working on it and that both 
the SEA and CSS members here are committed to finding a timely and 
satisfactory solution.  While we still lack the needed additional 
support for the Security WG from other agencies, NASA / JPL is 
providing some additional resources for the SecWG and the CSS to work 
specifically on this problem.  We hope that there will be at least a 
corresponding allocation of resources from other agencies to review 
what is being proposed and to validate its acceptability.

Best regards, Peter Shames


On Jul 5, 2004, at 9:06 AM, Yves.Doat at esa.int wrote:

> Dear all,
>
> As chairman of the DTS working group I triggered a discussion here in 
> Europe
> regarding the update of the 5 SLE books. Please find below the results 
> of our
> discussions.
>
>
> During the last CCSDS DTS WG meeting in Montreal the following 
> important items
> were reported:
>    The books sent in December to the CCSDS Secretariat were not 
> processed at all
>    without any notice to the editors of these books. As a consequence 
> the DTS
>    schedule slipped by 6 months.
>    During the CCSDS DTS Spring meeting the WG sent to secretariat a 
> set of  five
>    books for which the CMC resolved (CMC-S04-R3 that these books shall 
> be
>    published for Agency review (Red and Pink Books)).
>    ESA and DLR have started implementations on the basis of these new 
> books in
>    early 2004 to fulfil their mission requirements. Any changes of the
>    specifications as they may result from the Agency review can only 
> be injected
>    into these ongoing implementations, if the review process is 
> performed
>    without any further delay.
>    M.Pilgram (DLR representative in the DTS WG) participated in a 
> Security WG
>    meeting during the Montreal workshop. During that meeting, the 
> potential need
>    to modify the DTS books in order to adequately cover security 
> issues was not
>    reported to the DTS WG and thus the opportunity to tackle any such 
> issue in a
>    manner coordinated between the two WGs was missed.
>
> After the spring meeting, the CCSDS Security WG recommended to address 
> security
> issues in all new CCSDS books in a uniform manner. Regarding SLE Data 
> Transfer
> Service specifications, the DTS WG would like to bring to the 
> attention of the
> CCSDS Management the following issues:
>    Opening such a discussion after the spring meeting most probably 
> implies that
>    the Agency review cannot commence before the CCSSD Fall Meeting.
>    Impact of this delay on the on-going implementation depends on the 
> outcome of
>    the review process and therefore it cannot be assessed at this 
> time. However,
>    the risk of non-compliances is quite serious for the on-going 
> implementation.
>    ESA and DLR therefore cannot tolerate any further delays in the 
> publication
>    of the SLE Books.
>
>> From a technical point of view, the following points should be 
>> considered:
>    The SLE Transfer Service books specify application layer protocols 
> and
>    services and intentionally and explicitly do not specify underlying
>    communications services. We (ESA and DLR) are of the opinion  that
>    application layer security aspects are adequately covered in the 
> sections on
>    access control and authentication and that the other security 
> issues need to
>    be covered by the underlying communications service rather than the
>    application layer and are thus outside the scope of the SLE 
> Transfer Service
>    specifications.
>    The criticised absence of a precise specification of the 
> authencation
>    mechanism is intentional. While the lack of an unambiguous 
> specification and
>    the resulting need for a bilateral agreement may be regarded an 
> impediment to
>    interoperability, a specification that conflicts with the security 
> policy of
>    an agency could prevent approval of the complete specification.
>    The CCSDS WG recommended (See DTS spring meeting MOM) preparing an 
> "SLE API
>    Proxy" White Book. This book will address the complete mapping of 
> the SLE
>    Transfer Service application layer protocols onto ground 
> communications
>    services and therefore will also cover the security issues required 
> by the
>    Security WG.
>
> To be in line with CMC decision, the Security WG should provide the 
> wording to
> be inserted in the SLE books, taking into account the technical 
> considerations
> addressed above. In order not to delay any further the publication 
> such text
> should be provided no later than the 10.07.2004.
>
> Best regards.
>
> Y.Doat
> OPS-GIB
> ESA/ESOC
> Robert-Bosch str.5
> D-64293 Darmstadt
> Tel.: (+49)-6151-902288
>
>
>
> _______________________________________________
> Sea-sec mailing list
> Sea-sec at mailman.ccsds.org
> http://mailman.ccsds.org/mailman/listinfo/sea-sec
>
>
________________________________________________________

Peter Shames
CCSDS System Engineering Area Director

Jet Propulsion Laboratory, MS 301-265
California Institute of Technology
Pasadena, CA 91109 USA

Telephone: +1 818 354-5740,  Fax: +1 818 393-1333

Internet:  Peter.Shames at jpl.nasa.gov
________________________________________________________

We must recognize the strong and undeniable influence that our language 
exerts on our ways of thinking and, in fact, delimits the abstract 
space in which we can formulate - give form to - our thoughts.

							Niklaus Wirth

More information about the CSS-dts mailing list