warning urgent need has justified solution
play

Warning: urgent need has justified solution space work in parallel - PowerPoint PPT Presentation

May 30, 2023 •568 likes •832 views

IETF 107 Drone Remote Identification Protocol (DRIP) WG formerly Trustworthy Multipurpose Remote Identification (DRIP) BoF card-drip-reqs card-drip-arch stu.card@axenterprize.com 315-725-7002 adam.wiethuechter@axenterprize.com Robert

  1. IETF 107 Drone Remote Identification Protocol (DRIP) WG formerly Trustworthy Multipurpose Remote Identification (DRIP) BoF card-drip-reqs  card-drip-arch stu.card@axenterprize.com 315-725-7002 adam.wiethuechter@axenterprize.com Robert Moskowitz rgm@labs.htt-consult.com Warning: urgent need has justified solution space work in parallel w/requirements!

  2. ASTM Broadcast RID w/o DRIP enhancements: Unverifiable weakly correlated assertions of identity, position, velocity… UA broadcasts Basic ID etc . Observers: Needed! • attempt to correlate Basic ID w/other (esp. track) data • look up operator info in TBD registries via TBD query/response protocols protected by TBD access control mechanisms over the Internet.

  3. Our Proposed DRIP Approach UAS RID should be immediately actionable : • Trustworthy information – Show whether operator is trusted, even w/o observer Internet connectivity – Enable instant Observer to Pilot & M2M secure comms, when IP connectivity is available between endpoints – Privacy must be maintained if not forfeited by the UAS operator through clueless, careless or criminal actions Complement existing external standards  ASTM, CTA, International Civil Aviation Organization (ICAO), CAAs…  FAA cites ASTM F3411- 19 as potential means of compliance… but security & threat model not addressed!  Leverage existing Internet business models, services, infrastructure, protocols & IETF expertise  Complement ASTM F3411-19 to mitigate its shortfalls  Support a variety of applications related to UAS RID (e.g. C2, DAA, V2X)  Stretch goal: integrate sources of track information other than operator direct self-reports  Gateway Broadcast RID to Network RID  Enable multilateration of relayed reports 

  4. Some network issues compounded by aero comms, constraining solutions • Today’s Internet has significant weaknesses in − Mobility, Multicast, Multihoming − Management, QoS, Security Aero wireless networking compounds these • Each non-trivial aircraft has multiple radios of different types − − Many types of radios hand off between base stations frequently − Most open standard protocols are challenged by • Low data rates, High error (or loss) rates, Long latencies • Link asymmetry, Rapid wide variation in channel characteristics • ASTM F3411-19, per regulator guidance to support current smartphones as observer devices, imposes further constraints One-way Bluetooth 4 advertisement (beacon) broadcast frames carry at most 24 bytes of payload − − Even paged multi-frame messages carry at most 224 bytes (minus any ECC) to hold a signed message or certificate • Security protocols requiring cryptographic processing are further challenged by − Limited on-board processing power − Brief contact time w/fast moving platforms Yet enormous safety implications (e.g. drone crashes into people or critical infrastructure) of insecure or unreliable protocols • Aggregation of enough publicly broadcast RID transmissions enables inference of sensitive information about the physical world • (e.g. air operations routes & schedules)

  5. Updated ASTM F3411 + Updated Selected IETF Standards = DRIP • Mapping an observed UA’s physical location -> UAS ID similarity to the inverse problem of mapping an Internet host ID -> logical location (IP address) inspired leveraging Host Identity Protocol (HIP), bringing other benefits. We propose 2 minor tweaks to the ASTM F3411-19 UAS RID application standard. • Define a UAS ID Type (presumably 4) as a Hierarchical Host Identity Tag (HHIT) – Allow full 10 BT 4.x pages of Authentication Message to contain authentication data – We participated in ASTM F38.02 UAS RID standard ratification because FAA needed to cite something now. ASTM F38.02 leadership agrees revision is needed & likes our ideas but will wait for FAA NPRM feedback. We propose several updates/enhancements to the IETF HIP standards. • New crypto must be integrated to fit signatures & certificates in the very small Bluetooth packets. – Host Identity Tags (HITs) must be extended to allow for a registry hierarchy (HHITs). – • We have both integrated baseline ASTM F3411-19 (OpenDroneID) & prototyped some of our extensions. We have flown successfully test flown this at the NY UAS Test Site. – We have updated our prototypes to authenticate UAS RID claims & will soon fly again. –

  6. DRIP General Requirements easily satisfied if UAS ID is a HHIT in DNS & Whois (w/RDAP, EPP & XACML) 1. verify that messages originated from the claimed sender 2. verify that the UAS ID is in a registry & identify which one 3. lookup, from the UAS ID, public information 4. lookup, w/AAA, per policy, private information 5. structure information for both human and machine readability 6. provision registries with 1. static information on the UAS & its Operator / Pilot In Command / Remote Pilot 2. dynamic information on its current operation within the UTM 3. Internet direct contact information for services related to the foregoing 7. close the AAA-policy registry loop by 1. governing AAA per registered policies 2. administering policies only via AAA 8. dynamically establish, w/AAA, per policy, E2E strongly encrypted communications w/the UAS RID sender & entities looked up from the UAS ID, inc. the GCS & USS It is highly desirable that Broadcast RID receivers also be able to stamp messages with accurate date/time received and receiver location, then relay them to a network service (e.g. distributed ledger), inter alia for correlation to assess sender & receiver veracity.

  7. DRIP General Requirements easily satisfied if UAS ID is a HHIT w/proposed new crypto in DNS & Whois 1. verify that messages originated from the claimed sender 2. verify that the UAS ID is in a registry & identify which one 3. lookup, from the UAS ID, public information 4. lookup, w/AAA, per policy, private information 5. structure information for both human and machine readability 6. provision registries with 1. static information on the UAS & its Operator / Pilot In Command / Remote Pilot 2. dynamic information on its current operation within the UTM 3. Internet direct contact information for services related to the foregoing 7. close the AAA-policy registry loop by 1. governing AAA per registered policies 2. administering policies only via AAA 8. dynamically establish, w/AAA, per policy, E2E strongly encrypted communications w/the UAS RID sender & entities looked up from the UAS ID, inc. the GCS & USS It is highly desirable that Broadcast RID receivers also be able to stamp messages with accurate date/time received and receiver location, then relay them to a network service (e.g. distributed ledger), inter alia for correlation to assess sender & receiver veracity.

  8. DRIP: message authentication w/o Internet UA Broadcasts ID certificate & other messages (e.g. position + velocity) signed. Observers verify signatures, ensuring received data (e.g. position track) all really came from UA Not Needed! w/claimed ID. X X

  9. DRIP: operator trust classification w/o Internet Using small database on device (e.g., phone) listing only thousands of registries (not millions of UAS), Observer determines quadcopter is in general public registry & fixed wing in Observer X Not Needed! trusted registry (of trusted operators) using UA broadcast ID certificate.

  10. DRIP: operator registration Operator generates HI keypair ( HIo / HIo(priv) ) along with cert Coo . Operator sends Coo to Registry. Registry validates Coo and makes decision to add Operator to Registry. Registry (using its HI keypair) creates Cro and securely sends it back to Operator for confirmation.

  11. DRIP: ua registration (5) Operator securely embeds UA keypair and Cra into UA (2) Operator sends, Caa and Coa to Registry (1) Operator creates HI keypair for UA ( HIa / HIa(priv) ), generates cert Caa using them. Operator using his keypair creates Coa. (3.5) Registry adds (4) Croa and Cra HHIT and other info are transmitted (3) Registry validates Caa , plus to DNS securely back to inspects Coa and makes decision to add UA to Registry. Operator/UA Registry (using its HI keypair) creates Croa as proof of registration of UA to Operator. Registry also creates Cra to be used in DRIP Auth. Message.

  12. RDAP/XACML: access controlled registry lookup (3, 4) Observer w/credentials satisfying access control (5, 6) Observer w/credentials not satisfying policy looks up PII of Operator [XACML Authorized access control policy of this registration gets RDAP Query + Response]. denied PII of Operator [XACML Request + Denial]. (3, 4) (5, 6) Leverage scalable (1, 2) protocols, (1, 2) Operator privately infrastructure registers HHIT based domain & business name. models of Internet (*) domain name registration.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Rapid Restoration Diagnostic Motivate Enable Implement ++ Urgent Urgent Not easy Easy

Rapid Restoration Diagnostic Motivate Enable Implement ++ Urgent Urgent Not easy Easy

Rapid Restoration Diagnostic Motivate Enable Implement ++ Urgent Urgent Not easy Easy Urgency Not urgent Not urgent Not easy Easy - - Ease of implementation - - ++ IUCN/WRI Enabling Conditions Diagnostic e.g. Rwanda

473 views • 13 slides
Vessel Management Solution Advanced Predictive Maintenance with very early stage warning of

Vessel Management Solution Advanced Predictive Maintenance with very early stage warning of

Vessel Management Solution Advanced Predictive Maintenance with very early stage warning of emerging faults Neptunus Power Plant Services Pvt Ltd www.neptunus-power.com The Context Operations & Maintenance: Engine is a complex mechanical

739 views • 46 slides
Crises Important and urgent Goals and planning Important but not urgent Assess tasks using

Crises Important and urgent Goals and planning Important but not urgent Assess tasks using

Crises Important and urgent Goals and planning Important but not urgent Assess tasks using Eisenhower's Urgent/Important Principle Interruptions Not important but are urgent Today Tasks here should be done today Distractions Not Important

237 views • 4 slides
LIVING THE DREAM SIN Rom. 1-3 SALVATION Rom. 4-5 For we maintain that a man is justified

LIVING THE DREAM SIN Rom. 1-3 SALVATION Rom. 4-5 For we maintain that a man is justified

LIVING THE DREAM SIN Rom. 1-3 SALVATION Rom. 4-5 For we maintain that a man is justified by faith apart from works of the Law. Rom. 3:28 they began saying to His disciples, Why is He eating and drinking with tax- gatherers

471 views • 26 slides
CDA 3101 - Computer Organization 2 First Day Quiz - Solution May 16, 2018 1. Write the printf

CDA 3101 - Computer Organization 2 First Day Quiz - Solution May 16, 2018 1. Write the printf

CDA 3101 - Computer Organization 2 First Day Quiz - Solution May 16, 2018 1. Write the printf statement to print the double variable val, right justified by 15 spaces, with 4 digits after the decimal point. printf("%15.4lf \ n",

415 views • 3 slides
URGENT & EMERGENCY CARE Greater Manchester Health URGENT & EMERGENCY UEC and Social

URGENT & EMERGENCY CARE Greater Manchester Health URGENT & EMERGENCY UEC and Social

URGENT & EMERGENCY CARE Greater Manchester Health URGENT & EMERGENCY UEC and Social Care Partnership CARE UEC BY APPOINTMENT- RIGHT PLACE-RIGHT TIME Already part of GM UEC Transformation Plan Ambition to maintain

301 views • 3 slides
Below the Knee Interventions Are they ever justified for Claudication? Shant Vartanian, MD

Below the Knee Interventions Are they ever justified for Claudication? Shant Vartanian, MD

Below the Knee Interventions Are they ever justified for Claudication? Shant Vartanian, MD Associate Professor of Surgery Division of Vascular and Endovascular Surgery University of California, San Francisco 4/5/2019 Case Presentation 59

469 views • 17 slides
2 Romans 5:1-2 Therefore being justified by faith , we have peace with God through our Lord Jesus

2 Romans 5:1-2 Therefore being justified by faith , we have peace with God through our Lord Jesus

2 Romans 5:1-2 Therefore being justified by faith , we have peace with God through our Lord Jesus Christ : By whom also we have access by faith into this grace wherein we stand, and rejoice in hope of the glory of God. Ephesians 2:18 For through

833 views • 66 slides
How parties justified the 2014 EP election debate A comparative analysis in six EU countries

How parties justified the 2014 EP election debate A comparative analysis in six EU countries

source: https://doi.org/10.7892/boris.79414 | downloaded: 1.9.2020 How parties justified the 2014 EP election debate A comparative analysis in six EU countries Beatrice Eugster University of Berne ECPR Conference, Montral, Canada August 26-2

208 views • 10 slides
Urgent Care Report Claire Old Urgent Care Director January 2018 Ambulance Attendances 11% more

Urgent Care Report Claire Old Urgent Care Director January 2018 Ambulance Attendances 11% more

Shropshire, Telford and Wrekin Urgent Care Report Claire Old Urgent Care Director January 2018 Ambulance Attendances 11% more ambulance arrival than same period in 2016 7% more ambulance arrivals than November 17 Bed Occupancy Occupancy levels

556 views • 9 slides
Hertfordshire Integrated Urgent Care Update 14 th January 2020 Integrated Urgent Care Combining

Hertfordshire Integrated Urgent Care Update 14 th January 2020 Integrated Urgent Care Combining

Hertfordshire Integrated Urgent Care Update 14 th January 2020 Integrated Urgent Care Combining Out of Hours Services with NHS 111 and adding in Multi-Specialty Clinical Assessment Service (CAS) and Acute In-Hours Visiting Service (East

336 views • 10 slides
Multi-parameter MCMC notes by Mark Holder Review In the last lecture we justified the

Multi-parameter MCMC notes by Mark Holder Review In the last lecture we justified the

Multi-parameter MCMC notes by Mark Holder Review In the last lecture we justified the Metropolis-Hastings algorithm as a means of constructing a Markov chain with a stationary distribution that is identical to the posterior probability distribu-

435 views • 9 slides
CS70: Countability and Uncountability Alex Psomas June 30, 2016 Warning! Warning: Im really

CS70: Countability and Uncountability Alex Psomas June 30, 2016 Warning! Warning: Im really

CS70: Countability and Uncountability Alex Psomas June 30, 2016 Warning! Warning: Im really loud! Today. One idea, from around 130 years ago. At the heart of set theory. Started a crisis in mathematics in the middle of the previous

611 views • 48 slides
Urgent Treatment Centre: Patient Representative Induction Abi Ademoyero Interim Programme Lead

Urgent Treatment Centre: Patient Representative Induction Abi Ademoyero Interim Programme Lead

Urgent Treatment Centre: Patient Representative Induction Abi Ademoyero Interim Programme Lead for Urgent Emergency Care Transformation Shola Oke Procurement Lead for Urgent Treatment Centre Programme Clinical Commissioning Group?

612 views • 19 slides
Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning

Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning

I nternational Telecom m unication Union ITU-T Keynote Address Geneva, 19 Oct 2006 Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning Activities in the Private S ector Tony Rutkowski, VeriS ign VP

579 views • 13 slides
redemption that came by Christ Jesus." Romans 5:1 (NIV) "Therefore, since we have been

redemption that came by Christ Jesus." Romans 5:1 (NIV) "Therefore, since we have been

Romans 3:21-22 (NIV) "For all have sinned and fall short of the glory of God, and are justified freely by his grace through the redemption that came by Christ Jesus." Romans 5:1 (NIV) "Therefore, since we have been justified

558 views • 33 slides
Combination of calorimetric and Langmuir probe measurements as a plasma diagnostic tool F. Haase

Combination of calorimetric and Langmuir probe measurements as a plasma diagnostic tool F. Haase

Institute of Experimental and Applied Physics Kiel Combination of calorimetric and Langmuir probe measurements as a plasma diagnostic tool F. Haase 1 , D. Lundin 2 , S. Bornholdt 1 , H. Kersten 1 1 Institute of Experimental and Applied Physics

503 views • 36 slides
Develop Your Data Mindset Module 8 - Progress Monitoring Part 5 - Absorb, Ask, Accumulate, Access

Develop Your Data Mindset Module 8 - Progress Monitoring Part 5 - Absorb, Ask, Accumulate, Access

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Develop Your Data Mindset Module 8 - Progress Monitoring Part 5 - Absorb, Ask, Accumulate, Access & Analyze (Cycle 2 - Compute

558 views • 52 slides
Evalu luatin ing c commercia ial p l probe d data o on arteria ial f l facili ilitie

Evalu luatin ing c commercia ial p l probe d data o on arteria ial f l facili ilitie

Adventures in Crowdsourcing: Verifying Crowdsourced Data Evalu luatin ing c commercia ial p l probe d data o on arteria ial f l facili ilitie ies: Insi nsights s from the V he Veh ehicle P Probe be P Projec ect validation pr

605 views • 19 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (12/6/04) I E S R C E O V U

UMBC A B M A L T F O U M B C I M Y O R T 1 (12/6/04) I E S R C E O V U

Advanced VLSI Design Sequential Logic Design II CMPE 640 Smaller Static Flip-Flops Positive feedback is not the only means to implement a memory function. A capacitor can act as a memory element as well. In this case, a periodic refresh is

266 views • 22 slides
Optimal strategies for maintaining a chain of relays between an explorer and a base camp Lukas

Optimal strategies for maintaining a chain of relays between an explorer and a base camp Lukas

Optimal strategies for maintaining a chain of relays between an explorer and a base camp Lukas Humbel 2. Mai 2012 1/55 2/55 3/55 4/55 5/55 6/55 7/55 8/55 9/55 Outline Model Definition 1 Problem Statement Time/Relay Model What to

1.2k views • 94 slides
Data Collection through Device- to-Device Communications for Mobile Big Data Sensing Hanshang Li,

Data Collection through Device- to-Device Communications for Mobile Big Data Sensing Hanshang Li,

Data Collection through Device- to-Device Communications for Mobile Big Data Sensing Hanshang Li, Ting Li, Xinghua Shi and Yu Wang College of Computing and Informatics University of North Carolina at Charlotte May 17 , 2016 @ The First

566 views • 39 slides
Graphite@Scale: How to store million metrics per second Vladimir Smirnov System Administrator

Graphite@Scale: How to store million metrics per second Vladimir Smirnov System Administrator

Graphite@Scale: How to store million metrics per second Vladimir Smirnov System Administrator LinuxCon Europe 2016 5 October 2016 Why you might need to store your metrics? Most common cases: Capacity planning Troubleshooting and

633 views • 24 slides
Losses = 2 = P R I V I d Rrms Rrms Rrms S V R For a reasonable 100 mV at

Losses = 2 = P R I V I d Rrms Rrms Rrms S V R For a reasonable 100 mV at

Prof. S. Ben-Yaakov , DC-DC Converters [9- 1] Current Sensing 9.1 Resistor 9.2 Current transformer Prof. S. Ben-Yaakov , DC-DC Converters [9- 2] Current Sensing Control PCM, ACM Protection I R Sense Resistor V R Problems

423 views • 9 slides

More recommend