[Discuss-gnuradio] address@hidden: [NEXTEL1] Report on Issues and Activity in the Area of Security for Software Defined Radio]

[Dave Emery]

----- Forwarded message from Marcelrf-iDEN Mobile <address@hidden> -----

To: "address@hidden" <address@hidden>,
   WFHSG <address@hidden>
From: Marcelrf-iDEN Mobile <address@hidden>
Date: Wed, 11 Sep 2002 22:15:46 -0400
Subject: [NEXTEL1] Report on Issues and Activity in the Area of Security for 
Software 
 Defined Radio

Report on Issues and Activity in the Area of Security for Software
Defined Radio

SDRF-02-A-0003-V0.00

Executive Summary

This report is the result of the Software Defined Radio Forum’s long
history of
interaction with the United States Federal Communication Commission
(FCC) on
regulatory issues related to Software Defined Radio (SDR). In the FCC
Report and
Order on SDR dated September 13, 2001, the Commission declined “to set
specific
security or authentication requirements at this time because they could
hinder the
development of the technology used to provide such security and could
have the potential
to be unduly burdensome on manufacturers.” However the Commission stated
that “it is
possible that we may have to specify more detailed security requirements
at a later date
as software defined radio technology develops.” The Commission noted
"the SDR
Forum has indicated that it is continuing to develop methods for the
security and
authentication of radio software and that it will report its findings to
the Commission." As
anticipated by the FCC, the SDR Forum has prepared this report on
industry measures to
address these security concerns.

Although this report is relevant to the questions being asked by the
United States Federal
Communications Commission, the SDR Forum believes that the document may
be of
interest to other regulatory agencies around the world.

In the review of security issues and activities of a wide variety of
external organizations,
the SDR Forum has developed the following views:

 There is broad interest in wireless communications and the security
aspects of
wireless systems by many industry players, some of which are relatively
new to
wireless systems. This broad industry involvement stems from the
continuing
merger of communications, computing systems, and content providers. This
broad
activity in wireless communications systems and security involves not
only the
traditional wireless players, but also many new players who bring
additional expertise
in security issues to the wireless community.

Many of the general security core technologies, including security
techniques used for
information content (e.g., credit card) and general wireless security
techniques,
appear to be applicable to the more specific case of security of
SDR-based systems.

 There are ample market drivers to provide adequate incentives for the
wireless
communication industry to deploy security technologies including core
technologies
that were not initially developed for SDR but which are applicable to
SDR..
 The necessary work on security specifically for SDR-capable devices is
being done
by industry today. Solutions for SDR security are forthcoming from
industry and will
likely be based on security mechanisms, protocols, and algorithms
previously
developed for other security applications.

 The SDR Forum will continue to stimulate this industry activity by
being a focal
point for software download for RF reconfiguration including the
security aspects of
software download.

This report supports the above views by providing an overview of the
security challenge
that is followed by a more detailed description of security threats.
This is followed by a
description of the ongoing activities in industry to mitigate these
threats. In both the
discussion of the threats and in the discussion of the mitigating
activities, the flow of the
information is from the more general to the more specific; i.e., first
there is a discussion
of general communications security, followed by a discussion of wireless
communication
security, and then specific SDR security.

One section of the report is dedicated to the topic of market incentives
for deployment of
security measures for SDR. The SDR Forum is confident that the
technology is present
to solve the SDR security issues and that there is a strong market
incentive to do so.
Finally, the report concludes with a synopsis of future work planned by
the SDR Forum,
including plans to work with the wireless industry and standards
organizations on
measures needed to mitigate security threats to SDR-based systems.

 http://www.sdrforum.org/public/approved/02_a_0003_v0_00_fcc_rpt_08_31_02.pdf



------------------------ Yahoo! Groups Sponsor ---------------------~-->
Looking for a more powerful website? Try GeoCities for $8.95 per month.
Register your domain name (http://your-name.com). More storage! No ads!
http://geocities.yahoo.com/ps/info
http://us.click.yahoo.com/aHOo4D/KJoEAA/MVfIAA/61FxlB/TM
---------------------------------------------------------------------~->

  
       NEXTEL1 IT'S NOT JUST NEXTEL
The Most Valuable Resource Is Information
        1500+ Members and Growing
http://www.groups.yahoo.com/subscribe/NEXTEL1


 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 


----- End forwarded message -----

-- 
        Dave Emery N1PRE,  address@hidden  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18