rid draft update migrating to iodef
play

RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH - PowerPoint PPT Presentation

Jul 01, 2023 •265 likes •365 views

RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH Working Group 04 March 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions, and

  1. RID Draft Update Migrating to IODEF Kathleen M. Moriarty IETF INCH Working Group 04 March 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions, and recommendations are those of the author and are not necessarily endorsed by the United States Government." MIT Lincoln Laboratory RID-INCH-1 KMM 2/25/2004

  2. RID Updates Purpose • RID and INCH • Messaging Format Changes • Packet based to XML – Define Extensions to IODEF Model • Communication Mechanism for RID Documents • Security Considerations • Consortiums – Privacy – MIT Lincoln Laboratory RID-INCH-2 KMM 2/25/2004

  3. Real-time Inter-network Defense (RID) Trace Security Incidents to the Source • Stop or Mitigate the Effects of an Attack or Security Incident • Facilitate Communications between Network Providers • Integrate with existing and future network components • Systems to trace traffic across a network – NetFlow, Hash Based IP Traceback, IP Marking, etc. Intrusion Detection Systems Network devices such as routers and firewalls Provide secure means to communicate RID messages • Consortiums agree upon use and abuse guidelines – Consortiums provide a key exchange method – Trusted PKI, certificate repository, cross certifications MIT Lincoln Laboratory RID-INCH-3 KMM 2/25/2004

  4. RID and INCH RID is used to communicate security incident handling • information between CSIRTs or NPs RID carries much of the same data as an IODEF document • RID requires a few additional data elements • Communication and proper transport of messages is in the • RID specification RID is now reformatted to use the IODEF specification • Packet based format to IODEF document – RID message types • Noted in a SOAP wrapper to an XML IODEF document – MIT Lincoln Laboratory RID-INCH-4 KMM 2/25/2004

  5. RID Extensions to IODEF AdditionalData Class from IODEF used to define Extensions • IPPacket Class – Allows hex packets to be stored in the RID message in a format that will be expected by the recipient of a RID message Multiple packets may be sent in a single message NPPath Class – Purpose is to identify the path of the trace and to avoid loops TraceStatus Class – Method for providing approval status from upstream peer after a trace request is made MIT Lincoln Laboratory RID-INCH-5 KMM 2/25/2004

  6. Communicating RID Messages SOAP Messaging Wrapper and XML Security • Method to transport messages – Provide integrity, authentication, authorization – XML digital signature, encryption, and public key infrastructure – Public Key Infrastructure • Provided by consortiums linking network providers for RID – messaging Message Types • Trace Request – Trace Authorization – Source Found – Relay Request – RID Systems Must Track the Requests by • Incident Number – Packet Contents – Completion Status – MIT Lincoln Laboratory RID-INCH-6 KMM 2/25/2004

  7. Security Considerations Consortiums • Agreements between entities involved in RID peering – Provide a secure key exchange repository/system (PKI) – Peering agreements and policies between consortiums and across – national boundaries or jurisdictions System use guidelines • Privacy considerations – Abuse policies – Use policies may vary across national network or consortium – boundaries Automated method to allow enforcement of use agreements RID server security policies • Network based access controls – Hardened systems – Communication security considerations for the exchange of RID • messages and the underlying protocols MIT Lincoln Laboratory RID-INCH-7 KMM 2/25/2004

  8. Summary Many updates from the previous version • Moved from packet based format to a solution based on IODEF – documents Extended the AdditionalData Class to accommodate the needs of RID – messaging Security will use XML Digital Signature and XML Encryption – PKI at the core of the security model, but provided by a consortium – Topology examples to address implementers questions – Extended information on system use and privacy considerations – Near Future Update will include • SOAP wrapper and more information on XML Security – Further specifications on automating a flag for system use – adherence guidelines May include additional examples of other message types – Any suggested revisions or clarifications – http://www.ietf.org/internet-drafts/draft-moriarty-ddos-rid-05.txt • MIT Lincoln Laboratory RID-INCH-8 KMM 2/25/2004

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IODEF Data Model Status <draft-ietf-inch-iodef-02> Roman Danyliw <rdd@cert.org>

IODEF Data Model Status <draft-ietf-inch-iodef-02> Roman Danyliw <rdd@cert.org>

IODEF Data Model Status <draft-ietf-inch-iodef-02> Roman Danyliw <rdd@cert.org> 1300-1500, Thursday, March 4. 2004 IETF 59, Seoul, Korea XML Schema Migration http://www.uazone.org/demch/projects/iodef/ STATUS Release a

332 views • 12 slides
IODEF Data Model Status (changes from 02 to 03) <draft-ietf-inch-iodef-03> tracked @

IODEF Data Model Status (changes from 02 to 03) <draft-ietf-inch-iodef-03> tracked @

IODEF Data Model Status (changes from 02 to 03) <draft-ietf-inch-iodef-03> tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw <rdd@cert.org> Thursday, November 11. 2004 IETF 61, Washington DC, USA Outline Changes from v02

146 views • 14 slides
IODEF Data Model Status (progress from -04) <draft-ietf-inch-iodef-05> tracked @

IODEF Data Model Status (progress from -04) <draft-ietf-inch-iodef-05> tracked @

IODEF Data Model Status (progress from -04) <draft-ietf-inch-iodef-05> tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw <rdd@cert.org> Wednesday, November 9. 2005 IETF 64, Vancouver, Canada Status of Issues -05

632 views • 13 slides
IODEF Data Model Status (progress from 03) <draft-ietf-inch-iodef-03> tracked @

IODEF Data Model Status (progress from 03) <draft-ietf-inch-iodef-03> tracked @

IODEF Data Model Status (progress from 03) <draft-ietf-inch-iodef-03> tracked @ https://rt.psg.com : inch-dm queue Roman Danyliw <rdd@cert.org> Wednesday, March 9. 2005 IETF 62, Minneapolis, USA Progress on issues from v03

297 views • 16 slides
IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft

IODEF Extensions for Phishing and Other E-Crimeware Patrick Cain Latest Status New draft out. Missed deadline by a little; should show up in repository soon. draft-ietf-inch-phishingextns-02 One Technical change Many

452 views • 5 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Case Study from GEO Grid Case Study from GEO Grid Kyoung-Sook Kim Data Science Research Group Information Technology

541 views • 18 slides
IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This

IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This

IODEF Incident object description and exchange format Developed within Terenas TF-CSIRT This material is public :) Jan Meijer <jan.meijer@surfnet.nl> IODEF: what is it about? Problem statement: define a common data format for sharing

320 views • 9 slides
NADA Implementation in Mozilla Browser and Draft Update draft-ietf-rmcat-nada-11 Xiaoqing Zhu,

NADA Implementation in Mozilla Browser and Draft Update draft-ietf-rmcat-nada-11 Xiaoqing Zhu,

NADA Implementation in Mozilla Browser and Draft Update draft-ietf-rmcat-nada-11 Xiaoqing Zhu, Rong Pan, Michael A. Ramalho, Sergio Mena, Paul E. Jones, Jiantao Fu, and Stefano D'Aronco July 2019 | IETF 105 | Montreal, Canada 1 Draft Update

472 views • 28 slides
Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp .. -jar myapp.jar Java 9 java -cp .. -jar myapp.jar Today's journey Running on Java 9 Java 9 modules Migrating to modules Modularising code

851 views • 45 slides
Migrating GNOME to Git Migrating GNOME to Git (a human & technical perspective) Frdric

Migrating GNOME to Git Migrating GNOME to Git (a human & technical perspective) Frdric

Migrating GNOME to Git Migrating GNOME to Git (a human & technical perspective) Frdric Pters Frdric Pters <fpeters@gnome.org> <fpeters@gnome.org> Rencontres Mondiales du Logiciel Libre Nantes - 10 juillet 2009

991 views • 49 slides
Implementing the IODEF at the CERT/CC Roman Danyliw <rdd@cert.org> INCH IETF 55

Implementing the IODEF at the CERT/CC Roman Danyliw <rdd@cert.org> INCH IETF 55

Implementing the IODEF at the CERT/CC Roman Danyliw <rdd@cert.org> INCH IETF 55 Incident Reporting Forms CERT Coordination Center (CERT/CC) Federal Computer Incident Response Capability (FedCIRC) National

437 views • 9 slides
Migrating Terrible Content to Drupal 8

Migrating Terrible Content to Drupal 8

Migrating Terrible Content to Drupal 8 https://events.drupal.org/seattle2019/sessions/migrating-terrible-static-content-drupal-8 Kristian Ducharme About Me Kristian Ducharme - Technical Lead / Product Manager / DevOps Engineer @ CivicActions

659 views • 35 slides
Draft-ietf-ipv6-2461bis-02 update Objective Summarise the status of the draft Briefly

Draft-ietf-ipv6-2461bis-02 update Objective Summarise the status of the draft Briefly

Draft-ietf-ipv6-2461bis-02 update Objective Summarise the status of the draft Briefly describe the updates Describe plans for the next rev Status Draft passed WG LC Late Comments from Pekka Savola included in the current

279 views • 7 slides
ESP Recreation & Tourism Update Draft Findings and Recommendations November 19, 2020 Update

ESP Recreation & Tourism Update Draft Findings and Recommendations November 19, 2020 Update

ESP Recreation & Tourism Update Draft Findings and Recommendations November 19, 2020 Update Objectives Legislative directive to prepare and update ESP. Assemble best available current data and analyses of visitation, economic

704 views • 17 slides
Best Practices for Migrating MySQL to the Cloud Juan Pablo Arruti Percona Agenda IaaS vs

Best Practices for Migrating MySQL to the Cloud Juan Pablo Arruti Percona Agenda IaaS vs

Best Practices for Migrating MySQL to the Cloud Juan Pablo Arruti Percona Agenda IaaS vs DBaaS Migrating Data Replication between On-Premises and Cloud Testing Cloud Environments High Availability Monitoring

885 views • 59 slides
Odd Manhattan Thomas PLANTARD Institute of Cybersecurity and Cryptology University of Wollongong

Odd Manhattan Thomas PLANTARD Institute of Cybersecurity and Cryptology University of Wollongong

Odd Manhattan Thomas PLANTARD Institute of Cybersecurity and Cryptology University of Wollongong http://www.uow.edu.au/ thomaspl thomaspl@uow.edu.au 13 April 2018 plantard (uow) Odd Manhattan 13 April 2018 1 / 10 Outline Description

400 views • 20 slides
Seminar and Inter-regional Dialogue on the protectjon of journalists Council of Europe

Seminar and Inter-regional Dialogue on the protectjon of journalists Council of Europe

Seminar and Inter-regional Dialogue on the protectjon of journalists Council of Europe Strasbourg 3 November 2014 The protectjon of journalists in internatjonal criminal law James K. Stewart, Deputy Prosecutor, ICC Protectjon of

412 views • 10 slides
NPA 2019-07 Management of Information Security Risks Juan Anton Cybersecurity in Aviation

NPA 2019-07 Management of Information Security Risks Juan Anton Cybersecurity in Aviation

NPA 2019-07 Management of Information Security Risks Juan Anton Cybersecurity in Aviation & Emerging Risks Section Manager 2 nd July 2019 EASA Workshop on NPA 2019-07 Your safety is our mission. An Agency of the European Union

737 views • 71 slides
Data Security in Todays Dealerships Kai Nielsen & Erik Nachbahr #DSES Kai Nielsen

Data Security in Todays Dealerships Kai Nielsen & Erik Nachbahr #DSES Kai Nielsen

Data Security in Todays Dealerships Kai Nielsen & Erik Nachbahr #DSES Kai Nielsen Director of Strategy & Business Operations Dealertrack DMS @KaiNielsen Kai Nielsen #DSES Erik Nachbahr President Helion Automotive Technologies

453 views • 34 slides
IBA Review of the FY 2015 Proposed Budget: Key Budget Review Committee Meeting Capital

IBA Review of the FY 2015 Proposed Budget: Key Budget Review Committee Meeting Capital

IBA Review of the FY 2015 Proposed Budget: Key Budget Review Committee Meeting Capital Improvements Program, Part 1 Tuesday, May 6, 2013 FY 2015 Proposed Budget: Key Infrastructure Issues The City of San Diego owns and Estimated

562 views • 14 slides
POLICY INFLUENCE ON DIGITALIZATION AND ECONOMIC DEVELOPMENT THE CASE OF GHANA DIODE NETWORK

POLICY INFLUENCE ON DIGITALIZATION AND ECONOMIC DEVELOPMENT THE CASE OF GHANA DIODE NETWORK

POLICY INFLUENCE ON DIGITALIZATION AND ECONOMIC DEVELOPMENT THE CASE OF GHANA DIODE NETWORK WORKSHOP OXFORD, UK EMMANUEL J. A. FIAGBENU - GMIC, NITA 9 TH 10 TH OCT. 2017 Overview Introduction Digitalization in Ghana Policy

601 views • 27 slides
Understanding Fire Alarm Understanding Fire Alarm Requirements & Inspections Requirements

Understanding Fire Alarm Understanding Fire Alarm Requirements & Inspections Requirements

Understanding Fire Alarm Understanding Fire Alarm Requirements & Inspections Requirements & Inspections Presented By Bill Conroy Presented By Bill Conroy Technical Sales For Technical Sales For Briscoe Protective Systems Inc Briscoe

623 views • 24 slides
Taiwan SIP/ENUM Trial Taiwan SIP/ENUM Trial Jeff Yeh <jeff@twnic.net.tw> Taiwan Network

Taiwan SIP/ENUM Trial Taiwan SIP/ENUM Trial Jeff Yeh <jeff@twnic.net.tw> Taiwan Network

Taiwan SIP/ENUM Trial Taiwan SIP/ENUM Trial Jeff Yeh <jeff@twnic.net.tw> Taiwan Network Information Center (TWNIC) Aug 25, APAN ENUM BoF AGENDA AGENDA SIP/ ENUM in Taiwan Objectives Milestones Noteworthy

487 views • 26 slides

More recommend