presentation of etsi tc m2m security features group name: wg4 securtity source: francois ennesser,...

Presentation of ETSI TC M2M security features

Group Name: WG4 SecurtitySource: Francois Ennesser, GemaltoMeeting Date: 2013-04-15Agenda Item: SEC

High Level ETSI ArchitectureHigh Level ETSI Architecture

M2M Service Capabilities Layer (M2M

NSCL)

M2M GatewayM2M Device

M2M Device Service

Capability (DSCL)

M2M Device

WIRELESS

MOBILE

FIXED

.. OTHER

M2M AREA

NETWORK

M2M Gateway Service

Capability (GSCL) M2M

Application

M2MApplication

Proprietary

M2M Device

Prop

rieta

ry In

terfa

ce

WIDE AREA NETWORK

mId

mId

2

mIa

dIa dIa

dIa

mIa

mIa

M2M App. M2M App.

M2M App.

M2MApplication

M2M Network DomainM2M Network DomainM2M Device & Gateway DomainM2M Device & Gateway Domain

REFERENCEREFERENCE POINTSPOINTS

Network Network ApplicationApplication

(NA)(NA)

Device Device ApplicationApplication

(DA)(DA)

2

ETSI M2M architecture principles• ETSI M2M adopted a RESTful architecture style

– Information represented by resources structured as a tree

• ETSI M2M standardizes resource structure that resides on an M2M Service Capability Layer (SCL)– Each SCL contains a resource structure where the information is kept

• M2M Application and/or M2M Service Capability Layer exchange information by means of these resources over the defined reference points

• ETSI M2M standardizes the procedure for handling the resources

33

ETSI M2M Security features• Identification of the M2M Application and the M2M Devices• Mutual authentication between Network Service Capability

Layer and Device/Gateway Service Capability Layer that are connected

• Secure channel for transporting data over mId reference point• Device/Gateway Integrity validation at Bootstrap and Service

Connection

• However due to schedule constraints, some security aspects remain unaddressed– Security not addressed “end-to-end”– Security provided for M2M SP, not for M2M Application provider

• No disociation between “routing” and “trust” based roles at service layer level

44

ETSI TC M2M Framework

© ETSI 2011. All rights reserved

5Security has not been addressed

M2M Device/Gateway

M2MNetwork

ETSI M2M Security• ETSI M2M provides standardized security

mechanisms for the reference point mId• Devices/gateways hold secret keys protecting the

connection in a “secured environment” • The device/gateway is provisioned with the key M2M

Root Key. • The high level procedure are to

– Perform mutual mId end point authentication– Perform M2M Service Connection Key agreement– Optionally, establish a secure session over mId.– Perform RESTful operations over mId

66

M2M Service Layer Procedures

7

M 2 M Communication via D / GSCL and NSCL

M 2 M Service Connection

between D / GSCL and NSCL

SCL Registration of D / GSCL with

NSCL .

Application Registration

of NA on NSCL

Application Registration of D / GA on D /

GSCL

M 2 M Communication via D / GSCL and NSCL

SCL Registration of D / GSCL with

NSCL .

Application Registration of D / GA on D /

GSCL

D / GA interaction with NSCL via local D / GSCL

D / GA interaction with local D / GSCL

D / GSCL interaction with NSCL

AND

NA interaction with local NSCL

Application Registration

of NA on NSCL

M 2 M Service Connection

M 2 M Service Bootstrap

Network Bootstrap

Network Registration

mId Security ( Optional )

secure communication

over mId

Provisions : names , service levels , security keys , etc…

Can be based on 3 GPP , 3 GPP 2 , ETSI TISPAN , etc .

Provisions M 2 M SP assigned ID and Kmr

Mutual authentication of mId end points , generation of Kmc

Optional establishment of secure communication over mId based on Kmc and sub-keys of Kmc

Establishes context of D / GSCL in NSCL and vice versa

Establishes context of D / GA in D / GSCL .

Optionally requires : Generation of Kma / provisioning to application .

Establishes context of NA in NSCL .

Can be independent or related

Service Bootstrap Procedures• Access network (AN) dependent vs. access-agnostic bootstrap

– May derive M2M service credentials from existing AN credentials (e.g. UICC based)– Or provide independent service layer credentials

• Bootstrapping of M2M Service Layer Credentials on the field:– Establishment of shared secret Kmr in Device and Network over mId – Pre-provisioning (e.g. Smartcard based) or Automated (infrastructure assisted) methods

• Automated bootstrap procedures– GBA: NAF serves as MSBF (M2M Service Bootstrap Function)

• Uses Access Network credentials in UICC (e.g. USIM, CSIM or ISIM application)• Uses same HTTP procedure as TLS/TCP for bootstrap parameters delivery

– EAP/PANA: Dedicated MSBF + MAS (M2M Authentication Server)• Uses any type of credentials (SIM, AKA, PSK, certificates, IBE, OTP, etc.)• Access Network based: e.g. UICC with EAP-AKA / Kmr based on EMSK• Or Access-agnostic: EAP-IBAKE, or EAP-TLS with certificates

– TLS/TCP (Access agnostic)• Uses X.509 certificates pre-provisioned on the device/gateway• 256 bits encr. key, TLS 1.2 RSA AES 128 CCM or TLS 1.1 RSA AES 128 CBC SHA• AES 256 Key Wrap

8

Generic Bootstrap Procedure

M2M Device/Gateway Node


MSBF (M2M Service

Bootstrap Function)

MSBF (M2M Service

Bootstrap Function)

MAS (M2M Auth’n Server)


M2M Network

Node

M2M Network

Node

Input:-Pre-provisioned device/gateway ID-Pre-provisioned secret key

Output:-M2M Device/Gateway Node ID-M2M Root Key (Kmr)-Lifetime-Optionally:

- D/GSCL-ID- NSCL-ID

9

(1a)Bootstrap

(1b)Bootstrap

(2)MAS provisioning

(Out-of scope)

HSSHSS

GBA Bootstrapping

10



MSBF (M2M Service

Bootstrap Function)

MSBF (M2M Service

Bootstrap Function)



Input:-xSIM credentials

Output:-M2M Device/Gateway Node ID-M2M Root Key (== NAF-specific key)-Lifetime-Optionally:


(1)GBA Bootstrapping

(2a)HTTP digest auth

(3)MAS provisioning(Out-of scope)

BSF (Bootstrap

Server Function)

BSF (Bootstrap

Server Function) (2b)Retrieval

of NAF key(Out-of scope)

EAP/PANA bootstrapping



MSBF (M2M Service

Bootstrap Function)

MSBF (M2M Service

Bootstrap Function)



M2M Network

Node

M2M Network

Node

Input:-Any kind of credentials (SIM, AKA, PSK, certs, IBE, OTP, etc.)

Output:-M2M Device/Gateway Node ID-M2M Root Key (derived from EAP EMSK)-Lifetime-Optionally:


11

(1a)EAP method over PANA

(1b)EAP method over AAA

(2)MAS provisioning

(Out-of scope)

EAP methods:EAP-TLSEAP-IBAKEEAP-SIM, EAP-AKAAny key-generating EAP method…

AAA protocols:RADIUSDiameterEtc.

TLS/TCP Bootstrapping



MSBF (M2M Service

Bootstrap Function)

MSBF (M2M Service

Bootstrap Function)



M2M Network

Node

M2M Network

Node

Input:-Pre-provisioned X.509 client certificate and private key-Pre-provisioned root CA certificate

Output:-M2M Device/Gateway Node ID-M2M Root Key (delivered from MSBF to devicevia HTTP)-Lifetime-Optionally:



12

(1a)TLS

(3)MAS provisioning(Out-of scope)

(2)HTTP

OCSP Responder

OCSP Responder

(1b)OCSP[optional]

Service Connection Procedures• Optional derivation of M2M Service Connection (session) Key Kmc

– Not needed (i.e., no Kmc) when relying on existing access network security

• Access Network dependent vs. access-agnostic– Direct derivation from existing AN credentials (e.g. in UICC based AN

subscription) possible for GBA and EAP (no Kmr)

• Connection procedures– GBA (access dependent Kmc)

• Uses Access Network credentials in UICC (e.g. USIM, CSIM or ISIM application)

– EAP/PANA• Uses xSIM/UICC with EAP-SIM/EAP-AKA (access-dependent Kmc), or• Uses Kmr as PSK with EAP-GPSK (access-agnostic), or

– TLS/TCP (access agnostic, uses Kmr as PSK)• TLS 1.1 or 1.2 with ECDHE PSK AES 128 CBC SHA (256)

13

Generic Connection Procedure





M2M Network

Node

M2M Network

Node

Input:-M2M Device/Gateway Node ID-M2M Root Key

Output:-M2M Connection ID-M2M Service Connection Key (Kmc)-Lifetime-mId security method/parameters-Optionally:

- D/GSCL-ID

14

(1a)Connection

(Out-of scope)

(1b)Connection

HSSHSS

GBA Service Connection

15



Input:-xSIM credentials

(1)GBA

(2a)TLS-PSK

BSF (Bootstrap

Server Function)

BSF (Bootstrap

Server Function)

M2M Network

Node

M2M Network

Node

(2b)Retrieval of NAF key

(Out-of scope)

Output:-M2M Connection ID-M2M Connection Key (== NAF specific key)-Lifetime

EAP/PANA Service connection





M2M Network

Node

M2M Network

Node

Input:-M2M Device/Gateway Node ID-M2M Root Key-Alternatively: xSIM credentials

Output:-M2M Connection ID-M2M Connection Key (derived from EAP MSK)-Lifetime-mId security method/parameters-Optionally:

- D/GSCL-ID

16

(1a)EAP method over PANA

(1b)EAP method over AAA

(Out-of scope)

EAP methods:EAP-GPSK (access-agnostic)EAP-SIM, EAP-AKA (access-dependent)

AAA protocols:RADIUSDiameterEtc.

TLS/TCP Service Connection





M2M Network

Node

M2M Network

Node

17

(1)TLS-PSK

Input:-M2M Device/Gateway Node ID-M2M Root Key

Output:-M2M Connection ID-M2M Connection Key (delivered from MAS to device via HTTP)-Lifetime-mId security method/parameters-Optionally:

- D/GSCL-ID

(2)HTTP

Secure connection (mId Interface)• One or more of the following methods used

1. Relying on a trusted access network (i.e., lower-layer) for security• This is the case where no Kmc is derived

2. Using channel security (PSK AES 128)• HTTP: TLS/TCP, TLS 1.2 CBC SHA or TLS 1.1 CCM• CoAP: DTLS/UDP , DTLS 1.2 CCM(_8)

3. Using object security (lacks interoperable flexibility in current releases) • XML-DSIG and XML-ENC (v 1.1), using Kmc

18

Security Scenarios - Baseline

19

GBAGBA TLS/TCPTLS/TCP EAP/PANAEAP/PANA

TLS/TCPTLS/TCP EAP/PANAEAP/PANAGBAGBA

TLS/DTLS (Channel Security)


XML-DSIG/ENC (Object Security)XML-DSIG/ENC

(Object Security)

SIM/AKA credentialSIM/AKA credential CertificatesCertificates

Pre-provisioneddevice/gateway credential types

M2M Bootstrap Procedures

M2M ServiceConnection Procedures

mId security methods

Any type of credentials

Relying onAccess NetworkSecurity

Scenario 1: Direct GBA

20






(Object Security)








These are just example scenarios. Other scenarios are possible….

Scenario 2: TLS/TCP

21






(Object Security)








Scenario 3: EAP/PANA

22






(Object Security)








ETSI Support of Integrity Validation• Integrity Validation (IVal)

– optional feature enabling e.g. to detect tampering of device– enables fine grained access control for both M2M Device/Gateways and

M2M Service Providers.

• Rel-1 supports IVal prior to Bootstrap and during Service Registration procedures– Code Integrity checks performed/stored in Secured Environment– IVal result (4 bytes):

• Mapping device software image to standard M2M services • Sent to M2M Service Provider during service registration.• Signed with IVal key to ensure integrity and authenticity of reported results.

– The M2M Service Provider can grant or deny service access based on the reported IVal results and provider policy

23

Integrity Validation Call Flow

24

M2M Device/Gateway M2M Service Provider MAS/MSBF

Perform IVal for

Bootstrap / Connection

Perform IVal for

Bootstrap / Connection

Device IVal Bootstrap/Connection Security Policy gates whether bootstrap continues or halts

Device IVal Bootstrap/Connection Security Policy gates whether bootstrap continues or halts

Bootstrap Procedure

Service Connection Procedure

Perform IVal for Service

Registration

Perform IVal for Service

Registration

Device IVal Service Registration Security Policy gates whether registration

continues or halts

Device IVal Service Registration Security Policy gates whether registration

continues or halts

Service Registration Request(includes signed IVal results)

IVal results: 32-bit signed mapping of standard service

capabilities

IVal results: 32-bit signed mapping of standard service

capabilities

Access Control based on IVal

results and policies

Access Control based on IVal

results and policies

Access granted or denied based on service provider

policy

Access granted or denied based on service provider

policy

Service Registration Result

Initiate M2M Services

Contact Details:[email protected]


25

Thank you!

mailto:[email protected]

presentation of etsi tc m2m security features group name: wg4 securtity source: francois ennesser,...

Documents

etsi m2m security etsi

m2m service credentials

m2m sp

m2m service layer credentials

tree etsi m2m

m2m service layer procedures

m2m application provider

key m2m root key