[I2nsf] What kind of mechanisms have NETCONF specified to prevent illegitimate"Clients" or "Agent"?
Linda Dunbar <linda.dunbar@huawei.com> Mon, 08 February 2016 22:23 UTC
Return-Path: <linda.dunbar@huawei.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3F171A88DC; Mon, 8 Feb 2016 14:23:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pkATmEguD62e; Mon, 8 Feb 2016 14:23:14 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 891941B3423; Mon, 8 Feb 2016 14:23:13 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml404-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CIF99592; Mon, 08 Feb 2016 22:23:10 +0000 (GMT)
Received: from DFWEML706-CHM.china.huawei.com (10.193.5.225) by lhreml404-hub.china.huawei.com (10.201.5.218) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 8 Feb 2016 22:23:10 +0000
Received: from DFWEML701-CHM.china.huawei.com ([10.193.5.50]) by dfweml706-chm ([10.193.5.225]) with mapi id 14.03.0235.001; Mon, 8 Feb 2016 14:23:01 -0800
From: Linda Dunbar <linda.dunbar@huawei.com>
To: 'Netconf' <netconf@ietf.org>
Thread-Topic: What kind of mechanisms have NETCONF specified to prevent illegitimate"Clients" or "Agent"?
Thread-Index: AdFiv0TiE9T6VE7/TRiLhiatv3duJw==
Date: Mon, 08 Feb 2016 22:23:00 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F657DE8236@dfweml701-chm>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.190]
Content-Type: multipart/alternative; boundary="_000_4A95BA014132FF49AE685FAB4B9F17F657DE8236dfweml701chm_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0204.56B9154F.00B3, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 03abb5c2a45dd58e9d41697e3b465cb0
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/1PsAa1PrjcORThWkGyd8GIkgitA>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, "mehmet.ersue@nokia.com" <mehmet.ersue@nokia.com>
Subject: [I2nsf] What kind of mechanisms have NETCONF specified to prevent illegitimate"Clients" or "Agent"?
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2016 22:23:21 -0000
NETCONF participants, Your Chair Mehmet suggested sending the following questions to the list. I2NSF has a draft on remote attestation (https://datatracker.ietf.org/doc/draft-pastor-i2nsf-vnsf-attestation/ ) which documented the following security threats between Client and Controller. I think those issues also face I2RS and NETCONF. Has NETCONF specified some mechanisms to address those issues? o An unknown/unauthorized user can try to impersonate another user that can legitimately access virtualized NSF services (or Network Services). This attack may lead to accessing the policies and applications of the attacked user or to generate network traffic outside a the security functions with a falsified identity. o An authorized user may misuse assigned privileges to alter the network traffic processing of other users in the virtualization platform. This can become especially serious when such a user has administration privileges granted by the virtualization provider, the ISP or the local network operator. o A user may try to install malformed elements (policy or application), trying to directly take the control of a NSF or virtualization platform (for example by exploiting a vulnerability on one of the functions or may try to intercept or modify the traffic of other users in the same platform. o A malicious virtualization provider can modify the software running on it (the operating system or a concrete vNSF) to alter the behaviour of the latter. This event has a high impact on all users accessing vNSFs as the virtualization provider has the highest level of privilege on the software in execution. o A user with physical access to the virtualization platform can modify the behavior of hardware components, or the components themselves. Furthermore, it can access a serial console (most devices offer this interface for maintenance reasons) to access the NSF software with the same level of privilege of the virtualization provider Thanks, Linda
- [I2nsf] What kind of mechanisms have NETCONF spec… Linda Dunbar
- Re: [I2nsf] [Netconf] What kind of mechanisms hav… Kent Watsen