ATM Security

ATM Network Management : Introduction, Security Objectives, ATM Security Model

Introduction
Network need to be protected from various kind of attack. Need to protect network to provide secure transfer of information from one node to another.

Security Objective for ATM Networks

Functional Objectives Customer Objectives Operator Objectives

Functional Objectives
Functional Objectives:
It refer in term of 1. security mechanism i.e. confidentiality 2. data integrity. ATM network should be accountable.

Customer Objectives
Customer Objectives:
It refer to objective like 1. data integrity, 2. data confidentiality, 3. privacy protection, 4. service subscription management (including activation/deactivation), 5. availability of functional ATM network services, 6. correct and verifiable billing 7. capability to use service anonymously.

Operator Objectives
Operator Objectives: To maximize revenue and reduce cost.
It refer to 1. availability of network services and network management system, 2. correct and verifiable billing, 3. non-repudiation for all ATM network services used, 4. preservation of reputation, 5. accountability for all activities, 6. data integrity, 7. data confidentiality 8. privacy protection.

Basics of Network Security

Threats
Masquerade Eavesdropping Unauthorized access Loss or corruption of information Repudiation Forgery Denial of service

Basics of Network Security

Elements of Network security :
Data integrity Origin authentication Authentication Confidentiality Replay-protection

Basics of Network Security

Encryption Techniques:
Symmetric (secret key) techniques Asymmetric (public key) techniques

Basics of Network Security

Kay management in network:
Physical delivery Secure channel Exchange of public keys prior to communication start. Public key certificate

Basics of Network Security

Data Integrity :
Hashing techniques.

Others - Firewalls

Security requirement for ATM networks

Verification of Identities - Authentication Controlled access and authorization Access control Protection of confidentiality Access control/confidentiality Protection of data integrity - Access control/ integrity Strong accountability Non-Repudiation Activity logging Security alarm, Audit trail and Recovery. Alarm reporting - Security alarm, Audit trail and Recovery. Audit - Security alarm, Audit trail and Recovery. Security Recovery. Management of Security.

ATM Security Model

In ATM security is provided by SA - Security Agent. Agent reside at end-system or intermediate switches and act as firewall. Security Association in ATM : Its the distributed contextual information that control security for a given VC.

Extension to UNI and PNNI for Security

Security Information Exchange : Its negotiation of services with peer security agent Security Message Exchange (SME) Protocol: --Its a signalling-based protocol and realized through extension of UNI and PNNI protocol. --It add Security Service information element (SSIE)

User Plane Security Authentication

User Plane Security

User plane security provide support for :
Identity authentication Confidentiality Data origin authentication and data integrity Access control.
For authentication, symmetric and asymmetric techniques can be used i.e. RSA, DES, Triple DES and Digital signature. For confidentiality, data origin authentication and data integrity and access control some sort of supported algorithm is defined

Control Plane Security

Specifies support for data origin authentication and data integrity. It is realized through the message authentication code and is used by the control plane. The two ends of signallig channel have preconfigured shared secret master key and initial session keys for MAC.