전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향

- 소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로 -

한국전기연구원 전문가 자문 발표

발표일 :2009 년 10 월 20 일발표장소 : 한국전기연구원

발표자 : 강장묵 ( 세종대 정보통신공학과 )redsea@sejong.ac.kr

Who is kang, JM?

• 공학박사 ( 정보보호 전공 )• 정보보호진흥원 등 자문 활동

• ( 현 ) 세종대학교 정보통신공학과 교수- 유비쿼터스 컴퓨팅 사업단 -

• 미디어 다음 열린사용자 위원회 위원

2

연구 분야1. 웹 2.0 중 소셜 네트워크 서비스2. 유비쿼터스 컴퓨팅 중 증강현실3. 디지털컨텐츠 중 UCC4. 정보보호 중 개인정보5. 학제간 연구 ( 정보 소통 및 사회문화의 기술사회구성론적 분석 )

3

생각할 문제

방송과 통신 융합은 서비스간 경계를 허물었다 . 트위터와 페이스북은 OPEN 환경에서 연동 및 공유된다 . 유비쿼터스 컴퓨팅기술로 공간 융합 , 서비스 통합 , mash-up 으로 정보 공유는 취약점을 키우는가 ? 편리함만 주는가 ?서비스간 보안 규칙과 보안 대상 수준과 다루는 정보의 민감도도 허물어지지 않는가 ?개인화된 서비스와 광고로 수익을 얻는 비즈니스는 개인정보 더 나아가 프라이버시에 치명적 위협이지 않은가 ?전력기반 통신에 적용 가능한 유연한 기술은 새로운 보안 취약점을 야기하지 않는가 ?

발표 내용 및 보안 토픽

PGP S/MIME

SSL TLS

IPSec

Cryptography

Symmetric Key

Public Key

Algorithms

Encryption

Digital Signatures

Certificates

Algorithms

Encryption

Key Mgmt

발표내용간략한 보안 이슈 중 선별한 개론 수준의 개념

소셜 네트워크 환경에서 보안 이슈와 적용전력계통망에서 새로운 비즈니스에 대한 플랫폼 차원의 보안

발표자가 관심 갖는 보안 관련 연구 내용 ( 기관 요청 )

5

Platform Security

• Protecting your information, technology, property, products and people, thus protecting your business.

• The Information Security Triad is the foundation for Information Security and is based on concepts and principles known as CIA.

• Confidentiality• Integrity• Availability

IPSec – IP Security• Secures the IP packet by adding additional header

• Selection of encryption, authentication and hashing methods left to the user

• It requires a logical connection between two hosts, achieved using Security Association (SA)

• An SA is defined by:– A 32-bit security parameter index (SPI)– Protocol type: Authentication Header (AH) Or Encapsulating Security

Payload (ESP)– The source IP address

IP HeaderIPSec Header Rest of the PacketNew IP Header

IP Header IPSec Header Rest of the Packet Transport Mode

Tunnel Mode

OR

보안 기술 소개 1.

Pretty Good Privacy (PGP)

110.ico

Alice

Hash Function

Digest

Encrypt

Alice’s private key

1116.ico

+ 110.ico

Signed Digest

Message plus Signed Digest

Encrypted (secret key & message + digest) to Bob

1

2

3Encrypt

1116.ico

Bob’s public key

Encrypt

1116.ico

One-time secret key

+

4

5

6

Sender site

The message and digest are encrypted using one time

secret key created by Alice

보안 기술 소개 2.

PGP (contd.)

110.ico

Receiver site

Bob

Decrypt Hash Function

Digest

1116.ico

Alice’s public key

DigestX

Compare

9 10

11

Encrypted (secret key & message + digest)

1116.ico

Bob’s private key

1116.ico

Decrypt

Decrypt

Encrypted (message + digest)

One-time secret key

7

8

The two digests are compared, thus providing

authentication and integrity

보안 기술 소개 2.

S/MIME• Working principle similar to PGP• S/MIME uses multipart MIME type to include the cryptographic information

with the message• S/MIME uses Cryptographic Message Syntax (CMS) to specify the

cryptographic information • Creating S/MIME message:

MIME EntityCMS Object S/MIME

Certificates

Algo identifiers

CMS Processing

MIME Wrapping

보안 기술 소개 3.

10

Transport Layer Security (TLS)• Designed by IETF; derived from SSL• Lies on top of Transport layer• Uses two protocols:

– Handshake Protocol

– Data exchange protocol– Uses secret key to encrypt data.– Secret key already shared during handshake

Hello

Certificate

Secret key

End Handshaking

Encrypted Ack

Client Server

Server decrypts secret key with its private key.

Uses secret key to decode message ad sends encrypted ack

보안 기술 소개 4.

11

Chain of Trust• Query propagation similar to DNS queries • At any level, the CA can certify performance of CAs in the next level

i.e. level-1 CA can certify level-2 CAs.• Thumb-rule: Everyone trusts Root CA

Root CA

Level-1CA 1

Level-2CA 3

Level-2CA 4

Level-2CA 5

Level-2CA 6

Level-2CA 2

Level-2CA 1

Level-1CA 2

보안 기술 소개 5.

12

DDoS Attack Scenario

공격자

ZombieiZombie

n

Zombie

1. . . . . . . . . . . .

Step 1.Probing vulnerable computers to make them zombies

Step 2.Install attack program in

Compromised zombies

Step 3.Send attack commands to zombies to launch DDoS* Source: Random Spoofed Address* Destination: Victim Address

Step 4.Victim network capacity was

Saturated by DDoS attack traffic

희생자

최근 분산공격 사례

13

• The Information Security Triad is the foundation for Information Security and is based on concepts and principles known as CIA.

• People• Processes• Technology

The Components of Information Security

Need for message security

• Privacy– Am I sure no body else knows this?

• Authentication– Am I sure that the sender is genuine and not an imposter?

• Integrity– Am I sure that the message has not been tampered on its way?

• Non-repudiation– What will I do if the sender denies sending the message?

15

XML 의 발전과 위협

16

Web 2.0 기반 언어 체계의 위협

17

정책의 유연성 : 융합 환경에서 이기종 간 정책의 일관성 유지 수준에서

What is International Telecommunication Union (ITU) ?

• Headquartered in Geneva, is the UN specialized agency for telecom

ITU-TTelecommunicatio

nstandardization of

network and serviceaspects

ITU-DAssisting

implementationand operation of

telecommunications in

developing countries

ITU-RRadiocommunicationstandardization and

global radio spectrummanagement

Study Group Organization

(TSAG)

(WTSA)

SG 17, Security, Languages and Telecommunication Software Lead Study Group on Telecommunication Security

SG 2, Operational Aspects of Service Provision, Networks and Performance

SG 4, Telecommunication Management SG 5, Protection Against Electromagnetic Environment Effects SG 9, Integrated Broadband Cable Networks and Television and

Sound Transmission SG 11, Signalling Requirements and Protocols SG 13, Next Generation Networks SG 15, Optical and Other Transport Network Infrastructures SG 16, Multimedia Terminals, Systems and Applications SG 19, Mobile Telecommunication Networks

19

Federal Information Security Management Act

Roles & Responsibilities• Agency Head

• CIO

• Agency Security Officer

Security Program

1. Periodic risk assessments

2. Policies and procedures

3. Security plans

4. Security awareness training

5. Periodic testing & evaluation

6. Remediation activities

7. Incident response capabilities

8. Continuity of operations

Annual Security Review

•Determine sufficiency of security program

•Independent Evaluation (e.g., IG)

•Safeguard evaluation data

Annual Reporting• Reports from CIO & IG

• Report material weaknesses

• Provide performance plans

§3544(a)

§3544(b)

§§ 3544(c), 3545 (e)§§

3544(c), 3545 (e)

인증과 인가 :IT Security in the SDLC

2 3 4 5

1 - 1

1 - 1

· Security Categorization

· Preliminary Risk Assessment

· Perception of a need

· Linkage to mission and performance objectives

· Assessment of alternatives to capital assets

· Preparing for investment review and budgeting

Needs Determination

SD

LC

Sec

uri

ty C

on

sid

erat

ion

s

3 - 43 - 4 3 - 4 4 - 5 4 - 54 - 5 4 - 5 4 - 5

· Fun. Stmt of Need· Market Research· Feasibility Study· Req. Analysis· Alt. Analysis· Cost Ben. Analysis· Software

Conversion Study· Cost Analysis· RM Plan· Acquisition

Planning

· Risk Assessment· Sec. Funct. Req.

Analysis· Sec. Assurance

Req. Analysis· Cost

Considerations and Reporting

· Sec. Control Dev.· Dev. ST&E· Other Planning

· Inspection and Acceptance

· System Integration· Security

Certification· Security

Accreditation

· Configuration Management and Control

· Continuous Monitoring

· Information Preservation

· Media Sanitization· Hardware and

Software Disposal

· Installation· Inspection· Acceptance Testing· Initial User Training· Documentation

· Appropriateness of Disposal

· Exchange and sale· Internal

Organization screening

· Transfer and Donation

· Contract Closeout

· Performance Measurement

· Contract Modification

· Operations· Maintenance

InitiationAcquisition/

Development ImplementationOperations/ Maintenance Disposition

--NIST SP 800-64

21

Security Control Automation Protocol—SCAP

• XML and protocols to exchange technical security information between products

• “Glue Code” between the following data sets:– Common Vulnerabilities and Exposures (CVE) – Common Configuration Enumeration (CCE) – Common Platform Enumeration (CPE) – Common Vulnerability Scoring System (CVSS) – Extensible Configuration Checklist Description Format

(XCCDF) – Open Vulnerability and Assessment Language (OVAL)

• More products certified weekly

22

Observations and Truthinesses( 보안 방식의 결정 )

• Control v/s audit burdens• Skill of the constituency• Need a security professional at each layer

Is it all just a matter of centralized v/s decentralized?

NGN architecture overview (Y.2012)

Transport stratum

Service stratum

ControlMedia

Managem

ent

Funct

ions

ANI

Transport Control Functions

Resource and Admission

Control Functions

Network Attachment Control Functions

NNIUNI

Application Support Functions & Service Support Functions

Applications

Transport Functions

End-UserFunctions

OtherNetworks

Service ControlFunctions

Service UserProfiles

Transport User Profiles

Packet-based network with QoS sup-port and Security

Separation between Services and Transport

Access can be provided using many underlying technologies Should be reflected in policy

Decoupling of service provision from network

Support wide range of services/applications Converged services between Fixed/Mobile

Broadband capabilities with end-to-end QoS Compliant with regulatory requirements

Emergency communications, security, privacy, lawful interception

ENUM Resources, Domain Names/ Inter-net Addresses

NGN Peering Trust Model

TrustedZone

Trusted butVulnerable

Zone

UntrustedZone

NGNnetwork

Elements

DomainBorder

Elements(DBE)

NGNnetwork

Elements

DomainBorder

Elements(DBE)

Provider B fromProvider A’s point of

view

Provider A

IdentityConnecting users with services

and with others (Federation)

At your Desk

Managed Office

Whatever you’re doing(applications)

In the Air

On the Road

Collaboration

Voice Telephony

ERP

In Town

PDA

Cellular

Smart Phon

e

Wherever you are(across various access types)

Whatever you’re using(devices)

At Home

Video

Web Apps

• Network Identity is essential• Need end-to-end trust model

PC

People have multiple identities, each within a specific context or domain

Work – me@company.comFamily – me@smith.familyHobby – me@icedevils.teamVolunteer – me@association.org

26

노드 - 허브 - 클러스트 등 네트워크 계층

• At what layer do you address a specific problem?

• Can a specific solution “scale up” to the Federation/ Community Layer?

• How do I get “clueful” people at each layer?

• How do I communicate between layers?

27

Trusted Internet Connections—TIC

• Reduce Government Internet connections to 50

• Lowers the demand for skilled personnel• Uses models from DoD and DHS• Agencies share Internet connections• In theory: simplifies protecting Internet

connections Government-wide• http://www.whitehouse.gov/omb/memoran

da/fy2008/m08-05.pdf

28

The Cybertastic Future: Management

• Use the Enterprise, Project, and Integration Layers

• Start in bite-sized pieces and consolidate wherever possible

• Need “clueful” people at all layers• Organization at the Federation Layer for

self-regulation—some people are already doing it

Some useful web resources

• ITU-T Home page http://www.itu.int/ITU-T/• Security Roadmap

http://www.itu.int/ITU-T/studygroups/com17/ict/index.html• Security Manual http://www.itu.int/publ/T-HDB-SEC.03-2006/en• Cybersecurity Portal http://www.itu.int/cybersecurity/• Cybersecurity Gateway

http://www.itu.int/cybersecurity/gateway/index.html• Recommendations http://www.itu.int/ITU-T/publications/recs.html• ITU-T Lighthouse http://www.itu.int/ITU-T/lighthouse/index.phtml• ITU-T Workshops http://www.itu.int/ITU-T/worksem/index.html• LSG on Security

http://www.itu.int/ITU-T/studygroups/com17/tel-security.html

30

질의와 토론

최근 특허 사례 ( 출원인 : 세종대 , 동국대 , 발명가 : 강장묵 외 )

효율적인 개인정보 유통경로의 안전관리를 위한 개인 정보 보호 장치 및 방법{PERSONAL INFORMATION PROTECTION APPARATUS AND METHOD

FOR MANAGING DISTRIBUTION CHANNEL OF PERSONAL INFORMATION EFFICIENTLY AND SAFELY}