[Sis-ipo] Addressing Security in IP over CCSDS Space Links Magenta
book
Greg Kazz
greg.j.kazz at jpl.nasa.gov
Thu Feb 28 14:54:41 EST 2008
Fellow SIS-IPO members,
Along with the review of the latest draft IP over
CCSDS document, which I posted to the SIS-IPO
directory last week (Feb 25), please take a look
at the following security requirement from the
CCSDS Management Council that we need to consider
and discuss at the March 11 meeting.
Basically this WG needs to evaluate the Security
template below and determine what parts need to
be addressed in the IP over CCSDS specification.
Your comments are welcome before the meeting via
email to sis-ipo at mailman.ccsds.org
The template follows below.
best regards,
Greg Kazz
Chairman SIS-IPO
CMC E-Poll Identifier: CMC-P-2005-11-001
Proposed resolution to augment requirement for
security statement in CCSDS documents
CMC-R-2005-11-001: Augmentation of Requirement
for Security Statement in CCSDS Documents
The Management Council of the Consultative Committee for Space Data Systems,
CONSIDERING that, in the spring of 2004, the
Security WG (SecWG) conveyed a resolution through
the CESG recommending that all CCSDS documents
contain a security section, and that the SecWG
resolution was changed in the responding CMC
resolution to apply only to Blue Books and to provide a mechanism for waiver;
and NOTING that
CCSDS must ensure that security is adequately
addressed in its standards, and that
the current wording in the CMC resolution is too weak;
and RECOGNIZING that the CESG has by resolution
reiterated its recommendation that the CMC
require inclusion of a mandatory security section
in all future Blue, Orange, and Magenta Books;
AFFIRMS that all future Blue, Orange, and Magenta
Books shall contain a security section the
addresses at least the major security issues
detailed in the template contained in resolution
CMC-S04-R01, issued at the St-Hubert, Canada meeting of May 2004.
CMC Minutes - 25 May 2004, CSA, St Hubert, Canada
CMC-S04-R1.
CCSDS resolves to reaffirm its requirement for
the inclusion of a security section in all future
CCSDS Recommended Standards (Blue Books),
including those that are in an advanced stage of
development. To accomplish this, the CMC is asked
to increase the resources for the Security WG to
support an additional Security Audit function
that will assist each WG in developing the
rationale and explanation as to why or why not
Security must be addressed in the CCSDS
Recommended Standard, or to clearly state that
Security has not been addressed owing to lack of resources.
In the event that Security is addressed, the
Security Template includes the following information:
1.0 Security Background/Introduction
2.0 Statements of security concerns with respect to the
CCSDS document:
Data privacy
Data integrity
Authentication of communicating entities
Control of access to resources
Availability of resources
Auditing of resource usage
3.0 Potential threats and attack scenarios (how could someone
break the technology and why
4.0 Consequences of not applying security to the technology
(e.g., loss of life, loss of mission)
More information about the Sis-ipo
mailing list