D4.1 Draft Conceptual and High-Level Engineering Design of Innovative Security and Reliability Enablers available 4

PRISTINE’s deliverable D4.1 is already available from the website’s┬ádeliverables section.

Executive summary

This document, D4.1, is the result of WP4 activities and is a key deliverable of the project. A high-level security functional architecture is defined that identifies the key functional blocks designed to offer secure data delivery across RINA infrastructure. The functional decomposition of the architecture identifies and details the various internal RINA functions embedded in Inter Process Communication (IPC) processes, and Distributed Application Facilities (DAFs)/ Distributed IPC Facilities (DIFs) that support the network in secure delivery of data.

Placement of security functions in the RINA architecture

Placement of security functions in the RINA architecture

This deliverables explains the following principal functions for achieving security in RINA-based networks:

  • Authentication and Authorisation models, which define the principal actors in facilitating secure communication and content delivery within and across multiple domains. These models are mainly based on current practices that are adapted to the RINA concept. An emphasis is also put on how we can achieve Multi-Level Security in RINA
  • The Key Management function that includes the generation, exchange, storage, use, and replacement of keys for different functions including authentication, authorisation and user data protection.
  • The secure channel is studied to investigate how it can be established, used and managed within RINA to protect data from eavesdropping and tampering. Primarily, the aim is to protect the messages exchanged when an IPC is in the process of joining a DIF and to allow keys to be negotiated per connection. SDU protection, which uses cryptographic mechanisms to achieve integrity and confidentiality, is detailed.
  • The identification of threats to the RINA infrastructure and the functions required to combat the threats and vulnerabilities is carried out. There are several types of attacks on network communications: eavesdropping, disrupting or blocking communication, injecting fabricated packets, modifying the storage, tables or packets. Here, we perform a security risk assessment to identify runtime threats to a RINA network and define measures to mitigate them includes monitoring, analysis, and execution of the strategies which should be put in place.
  • A primary objective for RINA is to maintain the network resiliency in the case of failures and attacks, ensuring high-availability of the network for providing the assumed services. In this deliverable methods for improving resiliency are explained, specifically how to deal with IPC and link failures and exploitation of vulnerabilities.

Finally, the work plan is defined to further design, develop and realise these functions for WP6 activities.