//standards.ieee.org/guides/bylaws/sb-bylaws.pdf>,includingthestatement"IEEEstandardsmayincludetheknownuseofpatent(s),includingpatentapplications,providedtheIEEEreceivesassurancefromthepatentholderorapplicantwithrespecttopatentsessentialforcompliancewithbothmandatoryandoptionalportionsofthestandard."EarlydisclosuretotheWorkingGroupofpatentinformationthatmightberelevanttothestandardisessentialtoreducethepossibilityfordelaysinthedevelopmentprocessandincreasethelikelihoodthatthedraftpublicationwillbeapprovedforpublication.PleasenotifytheChairasearlyaspossible,inwrittenorelectronicform,ifpatentedtechnology(ortechnologyunderpatentapplication)mightbeincorporatedintoadraftstandardbeingdevelopedwithintheIEEE802.22WorkingGroup.Ifyouhavequestions,contacttheIEEEPatentCommitteeAdministratorat.
1.June6th2008–SecurityAd-HocConferenceCallMeetingMinutes
1.Attendance
ApurvaMody–BAESystems
GeraldChouinard-CRC
RangaReddy–USArmy
Prof.TimBrown-UnivofColorado,Boulder
BobWalzer–BAESystems
AmitaSethi-UnivofColorado,Boulder
2.1Agenda
∙Attendance
∙ChairaskedifeveryoneattendingwasfamiliarwiththeIEEEpatentpolicy–NooneseemedtobeunfamiliarwiththeIEEEPatentPolicy
ohttp:
//standards.ieee.org/board/pat/pat-slideset.pdf
∙ScopeandtheWorkplanfortheSecurityAd-HocGroup–https:
//mentor.ieee.org/802.22/file/08/22-08-0159-00-0000-scope-agenda-workplan-and-timeline-for-the-security-ad-hoc-in-802-22.doc
∙PresentationonthePRMandSecurityEnhancementsin802.22–802.22ThreatAnalysis
https:
//mentor.ieee.org/802.22/file/08/22-08-0083-03-0000-security-and-prm-enhancements-in-80222-v3.ppt
∙Newbusiness
MinutesandDiscussions
∙TheScopeoftheSecurityAd-Hocin802.22andtheWorkplanascontainedinDocument159-https:
//mentor.ieee.org/802.22/file/08/22-08-0159-00-0000-scope-agenda-workplan-and-timeline-for-the-security-ad-hoc-in-802-22.docwasdiscussed.TheScopeandtheWorkplanwasagreeduponbytheteleconferenceparticipants
Presentationonthe802.22ThreatAnalysiswasmadewhichincludedsuggestedenhancementstotheProtocolReferenceModelaswellastheSecurityin802.22–Thepresentationislocatedat-https:
//mentor.ieee.org/802.22/file/08/22-08-0083-03-0000-security-and-prm-enhancements-in-80222-v3.ppt
∙Thereweremanydiscussionsonthepresentation.Mostpeopleagreedthatduetothespecializedanduniquenatureof802.22systems(Cognitive+LongRange),enhancedsecurityfeaturesareneeded.
∙ThesesecurityfeaturesfortheData/ControlandtheManagementPlanesincludeDataintegrity,Identification,Authentication,Authorization,Confidentiality/Privacy,Non-repudiation,
∙ThesecurityfeaturesfortheCognitivePlaneincludeAuthenticationandAvailability,Authorization,ConfidentialityandPrivacy.
∙ForRegularaswellasCognitiveFunctionality,thethreatmodelwaspresented.
∙Prof.TimBrownsaidthat802.16e-2005standard,whichislikelytobethebaselinestandardfordata/controlandmanagementplaneSecurityfeaturesin802.22isnotenough.Healongwithhisstudentshavecarriedoutextensiveworkonpotentialvulnerabilitiesin802.16e-2005,especiallyduringthestart-upandinitializationprocess.Hesuggestedthatalongwiththeftofinformation,selectivetargetedjammingisamajorconcern.TheChairspointedtothelastsectionofthepresentation(Doc83,Rev3)whichraisedthisissueaswell.GeraldChouinardandWinstonCaldwellsuggestedthatduetotheuniquenatureof802.22weshouldtrytoaddressboththeftofinformationandselectivejammingineithernormativeorinformativetext.ChrisClantonagreed.
∙Thethreatsforcognitivefunctionalitywerepresented.TheyincludedIncumbentre-playattacks,Incumbentghosting,Geolocationfalsification,Co-existence(CBPPacket)falsification,IncumbentDenialofService(DoS),WRANDoS,Spuriousquietperiodtransmission,Spurioustransmissionasaresultofhardwaredefectsandaging,Spectrummanagermisconfigurationortampering.
∙Thegroupagreedthatthesewereindeedveryvalidthreatsandneededtobeaddressed.GeraldChouinardpointedoutthatlikelihoodofIncumbentghostingwashigherthatwhatwasshowninthepresentation
∙Prof.TimBrownpointedtotheMastersThesisworkcarriedoutbyhisstudentonDoSThreatstoCognitiveRadios.Hesaidthatthereweremorethreatspossiblethanwhatwasshowninthepresentation.
∙Prof.TimBrownsaidthatinnewerversionsoftheCDMAsystems,ifadeviceisoutofspec.thenitisaskedtoshutdownbytheBaseStation.Similarapproachcanbefollowedin802.22.TheChairspointedoutthatthisneedstobecarriedoutforspurioustransmissionsinquietperiodsaswellasspurioustransmissionsduetohardwaredefectsoraging.Thismayalsoneedanoptionaluseofaterrestrialgeolocationsystemtotriangulatethemaliciousdevice.
∙TheChairssuggestedthattheywillbeformulatingtheTableofContentsfortheupcomingconferencecallsandseekforcontributions.
2.June13th2008–SecurityAd-HocConferenceCallMeetingMinutes
1.Attendance
ApurvaMody–BAESystems
ShukriWakid–BAESystems
BobWalzer–BAESystems
ChrisClanton–Shure
RangaReddy–USArmy
TimBrown–Univ.ofColorado
GeraldChouinard–CRC
AmitaSethi-
2.1Agenda
∙Attendance
∙ChairaskedifeveryoneattendingwasfamiliarwiththeIEEEpatentpolicy–NooneseemedtobeunfamiliarwiththeIEEEPatentPolicy
ohttp:
//standards.ieee.org/board/pat/pat-slideset.pdf
∙DiscusssiononTableofContentsforSection7.Thereferencedocumentfortheproposedtextcanbefoundat
https:
//mentor.ieee.org/802.22/file/08/22-08-0165-00-0000-table-of-content-for-the-security-section-in-802-22.doc
∙RefereenceDocument-ScopeandtheWorkplanfortheSecurityAd-HocGroup–https:
//mentor.ieee.org/802.22/file/08/22-08-0159-00-0000-scope-agenda-workplan-and-timeline-for-the-security-ad-hoc-in-802-22.doc
∙ReferenceDocument-PresentationonthePRMandSecurityEnhancementsin802.22–802.22ThreatAnalysis
https:
//mentor.ieee.org/802.22/file/08/22-08-0083-04-0000-security-and-prm-enhancements-in-80222-v3.ppt
∙Newbusiness
MinutesandDiscussions
∙RangaReddyandApurvaModypresentedtheproposedtextfortheTableofContentsinSection7ascontainedintheDocumenthttps:
//mentor.ieee.org/802.22/file/08/22-08-0165-00-0000-table-of-content-for-the-security-section-in-802-22.doc
∙GeraldChouinardhadsomequestionsonthearrangementsoftheTableofContent.Thequestionswereclarified.
∙AfterthatthereweresomefurtherdiscussionsontheThreatModelfor802.22aspresentedinDocument
https:
//mentor.ieee.org/802.22/file/08/22-08-0083-04-0000-security-and-prm-enhancements-in-80222-v3.ppt
∙ChrisClantonaskedifthethreatfromincumbentspoofingandreplayattackswasthesameforDTVaswellasMicrophone–ThegeneralfeelingwasthatifTG1beaconwasusedthentheriskfromthisspecificthreatwouldbeloweredduetothesecurityfeaturescontainedinthebeaconingmechanism.
∙GeraldChouinardaskediftheSecuritySublayer3intheproposedPRMascontainedinDocument83,Rev4hadanyotherfunctionbesidesauthenticatingtheTG1beacon.ApurvaModyansweredthatitsfunctionalityandsecuritymechanismsneedtobedefinedbasedondiscussionswithintheSecurityAd-Hocgroup
∙GeraldChouinardhadsomequestionsonhowCPESpursandDTVreplayattackscouldbehandledusingtheSecuritySublayeraswasshowninthePresentationDocument83.HesuggestedthattheintelligenceondecisionmakingshouldresideintheBaseStationonly.ApurvaModysaidthatifCPEsaresemi-autonomousasweares