Hello there,
At 10:59 06/12/1999 -0800, David LeBlanc wrote:
>So, I expect the processing power of these Java-enabled gizmos to be as
>small as possible, which also tells me that the IP stack isn't going to be
>sophisticated, and experience tells me that means they are probably prone
>to DoS attacks. Next, we're talking about basing the security of these
>devices on some sort of ACL, yet they are supposed to 'discover' one
>another. Discovery implies 2 things - one is that they will be chatty, and
>the other is that they will respond to requests for at least a minimal
See http://www.cl.cam.ac.uk/~fms27/duckling/ This paper addresses some
of your questions.
The Resurrecting Duckling:
Security Issues for Ad-hoc Wireless Networks
Frank Stajano and Ross Anderson
In the near future, many personal electronic devices will be
able to communicate with each other over a short range wireless
channel. We investigate the principal security issues for such
an environment. Our discussion is based on the concrete example of
a thermometer that makes its readings available to other nodes over
the air. Some lessons learned from this example appear to be quite
general to ad-hoc networks, and rather different from what we have
come to expect in more conventional systems: denial of service, the
goals of authentication, and the problems of naming all need re-examination. We present the resurrecting duckling security policy model, which
describes secure transient association of a device with multiple
serialised owners.
Cheers,
Gaus
============
Damir Rajnovic <drajnovi_at_cisco.com> Cisco PSIRT Manager
Team URL: <http://www-tac.cisco.com/Teams/PSIRT/>
Phone: +44 20 8756 9731 Mobile: +44 7715 546 033
4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB
============
There is no insolvable problems. Question remanins: can you
acceppt the solution?
Received on Dec 07 1999
Intro
