1、 TSB-4940 February 2013 Smart Device Communications; Security Aspects NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, a
2、nd assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to such Stan
3、dards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent pol
4、icy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It
5、is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. TIA-PN-4940, formulated under the cognizance of the TIA TR-50 M2M-Smart Device Communications). Publi
6、shed by TELECOMMUNICATIONS INDUSTRY ASSOCIATION Standards and Technology Department 1320 N. Courthouse Road Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION STANDARDS AND ENGINEERING PUBLICATIONS or call IHS, USA and Canada (1-877-413-5
7、187) International (303-397-2896) or search online at http:/www.tiaonline.org/standards/catalog/ All rights reserved Printed in U.S.A. NOTICE OF COPYRIGHT This document is copyrighted by the TIA. Reproduction of these documents either in hard copy or soft copy (including posting on the web) is prohi
8、bited without copyright permission. For copyright permission to reproduce portions of this document, please contact the TIA Standards Department or go to the TIA website (www.tiaonline.org) for details on how to request permission. Details are located at: http:/www.tiaonline.org/standards/catalog/in
9、fo.cfm#copyright or Telecommunications Industry Association Technology (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any edi
10、ting process. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pen
11、ding patent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TI
12、A will neither be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practic
13、es suggested or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whethe
14、r designated as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4 thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any othe
15、r SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in
16、the records or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investiga
17、te products, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR
18、 USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR
19、REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HE
20、REIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHER
21、WISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. TSB-4940: Smart Device Communications; Security Aspects; Contents |i 1 Co
22、ntents 2 ! 3 “! #$%!?5.7?5.7F5G97.5!-!“/! 10 B-/! 7K7975;!-!/B! 32 3-“-I! +:OOD87G7K7975;!-!/B! 33 3-“-Q! *59X:?M!7K7975;!-!/I! 34 TSB-4940: Smart Device Communications; Security Aspects;! ii |3-/! (7K7975;!-!/3! 3 ! #0,P!-!/! 4 -“! #7;M!T.5?978H!0895H?79J!+N5GM78H!C?:G5=D?5;!-!4! 12 A-“-B! ;78H!9N5
23、!=5.7G5;!E?7.7K5H5=!G:=5!9N?:DHN!1,!DH;!-!4A! 13 A-“-I! )“;! ?(+/.),.,4A.7),.1)B6/C.)%37D.7+“E! ?“H! =.(!8=!b:?M;N559!-!I! 29 30 31 TSB-4940: Smart Device Communications; Security Aspects; Foreword | iii Foreword 1 This document was formulated under the cognizance of the TIA Committee 2 TR-50, M2M-S
24、mart Device Communications. 3 Suggestions for improvement of this document are welcome, and should be 4 sent to: 5 Telecommunications Industry Association, 6 Standards and Technology, 7 2500 Wilson Boulevard, Suite 300 8 Arlington, VA 22201-3834 9 10 Revision History 11 Designation Date Comments TSB
25、-4940 2012-12-18 initial release c! =J!):?ODKK7G5!K95?-! 12 13 14 TSB-4940: Smart Device Communications; Security Aspects;! iv |Revision History SCOPE 1 The guidance provided in this Telecommunications Systems Bulletin (TSB) is 2 intended to address only the management of cyber security related risk
26、 derived 3 from or associated with the operation and use of information technology and 4 systems and/or the environments in which they operate. The guidance is not 5 intended to replace or subsume other risk-related activities, programs, 6 processes, or approaches that organizations have implemented
27、 or intend to 7 implement addressing areas of risk management covered by other legislation, 8 regulation, policies, programmatic initiatives, or mission and business 9 requirements. Additionally, this guidance is not part of any regulatory 10 framework. Rather, the cyber security risk mitigation gui
28、dance described 11 herein is complementary to and should be used as part of a more 12 comprehensive enterprise risk management program. 13 ! 14 TSB-4940: Smart Device Communications; Security Aspects; Revision History | v 1 RELATED REFERENCES 1 This TSB addresses the reference architecture contained
29、 in: 2 TIA-4940.005, Smart Device Communications; Reference 3 Architecture 4 This TSB is based on the general concepts, principles and practices presented 5 in: 6 National Institute of Standards and Technology (NIST) Special 7 Publication (SP) 800-27, Engineering Principles for IT Security, 8 NIST S
30、P 800-14, Generally Accepted Principles and Practices for 9 Securing Information Technology Systems, 10 US Department of Energy Idaho National Laboratory September 2011 11 Vulnerability Analysis of Energy Delivery Control Systems, 12 US Department of Energy September, 2011, Electricity Sector Cyber
31、13 Security Risk Management Process Guideline, 14 20 Critical Security Controls for Effective Cyber Defense, Consensus 15 audit Guidelines volume 3, August 15, 2011 16 Digital Signatures Using Reversible Public Key Cryptography for the 17 Financial Services Industry (rDSA), ANSI X9.31-1988, Septembe
32、r 18 1998. 19 ! 20 TSB-4940: Smart Device Communications; Security Aspects; |7 2 INTRODUCTION 1 Machine to Machine (M2M) devices are typically resource constrained 2 devices that often have little added capacity for security. This document 3 considers the overall security of the M2M architecture, in
33、cluding Data in 4 Transit, and Data at Rest. To understand where the security gaps exist, a 5 thorough understanding of the TIA M2M architecture (TIA 4940.005) is 6 required. Protecting the M2M devices against specific threats is considered as 7 a balancing act between the implementation of security
34、 versus the impact of a 8 security breach, e.g. businesss reputation, as well as the confidence in a 9 system. To understand the impact of including security within the devices, one 10 should consider the increase of development time and device complexity, the 11 decrease of the devices optimal perf
35、ormance, and the increased time involved 12 in verifying the security. 13 This document is not meant to be an exhaustive detailed list of all the attacks 14 that can and may be initiated, nor defenses to counter them. This document 15 defines an “attack surface” with the emphasis on the possible thr
36、eats against 16 the TIA M2M architecture. It also defines a risk model, and a method to 17 calculate a risk value by applying an annualized loss expectancy value to 18 illustrate the financial impact that risk decisions create. Section 6, Threats 19 against the Architecture, details a handful of pos
37、sible attacks that illustrate 20 how secure coding, understanding network vulnerabilities, and trusted secure 21 environments contribute to securing the attack surface. 22 Section 6 includes a history, purpose, and scope of threat analysis. Section 7 23 provides a background and explanation on the t
38、erms commonly used in the 24 study of cryptography and security management. Section 8 describes data 25 security, including introduction of and definition of the security levels applied 26 to device capability, as well as the multilayer protocol guidance with example 27 use cases. Section 9 describe
39、s the attack surface that is vulnerable for 28 compromise. Section 10 discusses and describes the process that was used to 29 quantify the risk assessment. Section 11 presents a summary of vulnerable 30 assets, and the resources to protect each one. Finally, section 12 summarizes 31 general security
40、 recommendations for developers and administrators to help 32 mitigate the risk posed by common vulnerabilities found in guidance 33 document. 34 35 TSB-4940: Smart Device Communications; Security Aspects;! 8 |3 Definitions and Abbreviations 1 This section contains definitions and abbreviations that
41、 are used in this 2 document. 3 3.1 Definitions 4 For the purposes of the present document, the following terms and definitions 5 apply: 6 Asymmetric Cryptography: Public key cryptography is an asymmetric scheme 7 that uses a pair of keys for encryption. 8 Attack Surface: All A set of vulnerabilitie
42、s that, when unprotected, may 9 compromise a system. 10 Authentication: The process of verifying the identity of entity. 11 Certificate: A document that binds a signature to an entity. 12 Cipher: An algorithm for performing encryption (reverse is decryption). 13 Ciphertext: Encrypting plaintext resu
43、lts in unreadable text. 14 Cleartext: Data that can be read and understood without any special measures. 15 This term is used interchangeable with “plaintext” in this document. 16 Confidentiality: The assurance to an entity that no one can read a particular 17 piece of data except the receiver(s) ex
44、plicitly intended. 18 Cryptanalysis: The science of analyzing and breaking secure communication. 19 Cryptographic algorithm/cipher: A mathematical function used in the 20 encryption and decryption process. 21 Cryptography: The science of using mathematics to secure data via 22 encrypting and decrypt
45、ing data. 23 Cryptology: Study of both cryptography and cryptanalysis. 24 Data-at-rest: Data that is stored within entities in a M2M system. 25 Data-in-transit: Data moving between entities in a M2M system. 26 Decryption: The process of reverting ciphertext to its original plaintext. 27 Diffie-Helma
46、n: is an anonymous (non-authenticated) key-agreement protocol, 28 it provides the basis for a variety of authenticated protocols, and is used to 29 provide perfect forward secrecy in Transport Layer Securitys ephemeral 30 modes. 31 Digital Signature: Enables the recipient of information to verify the 32 authenticity of the informations origin, and also verify that the information is 33 intact. 34 Encryption: The method of disguising plaintext in such a way as to hide the 35 actual content of the text. 36
