PMO

1
Adrian Garrity Managing Director

• Introduction
• PMO
• MRS
• Independent ICT Consultancy
• Practical Considerations when deploying
• VoIP and Mobile Data

2
Practical Considerations when deploying VoIP and
Mobile Data

• Presented by
• Tyronne Mexson of

For
3
Introduction - VoIP
4
Introduction - VoIP

• VoIP enables convergence of data, voice, and
  video onto single network.
• Attractive opportunities
• Reducing costs
• Reducing complexities
• Enabling progressive business gains
• Biggest concern with VoIP is security - steps
  being taken to secure internet
• Other concerns include Quality of Service

5
Introduction - VoIP

• Numerous threats
• Device failures
• Malicious attacks
• Need to guarantee calls as well as data over
  networks
• Need to guarantee services
• 999 emergency services
• 101 SNEN

6
Introduction - VoIP

• This presentation will cover the following
• What is VoIP?
• Security Risks
• Security Solutions
• Future of VoIP

7
What is VoIP?
8
What is VoIP?

• Voice over IP
• Making phone calls using a computer network by
  transmitting voice signals over an IP network
• Analog signal converted to digital, compressed,
  broken into packets, sent across network, and
  converted back to analog at destination
• Packet switched network
• Less cost and more scalability
• No dedicated bandwidth
• Uses standard networking components (routers and
  switches)

9
What is VoIP?

• Voice over IP
• IP phones have Ethernet network interface cards
  included for internet access
• Dedicated phone line or telephone set not needed
  any longer
• Need high speed internet connection
• Telephone calls can be made from PC using
  microphone and speakers

10
Network Components

• Four main network components needed
• IP telephony device
• Call processing manager
• Voice mail system
• Voice gateway

11
Network Components

• 1) IP telephony device
• Any device that supports placing calls in an IP
  telephony network
• IP phones
• System applications using microphones and speakers

12
Network Components

• 2) Call Processing Manager
• A.K.A. IP PBX
• Server that provides call control and
  configuration management for IP telephony devices
• Functions include call setup and routing calls

13
Network Components

• 3) Voice Mail System
• IP voice mail storage
• Provides user directory lookup
• Provides call forwarding

14
Network Components

• 4) Voice Gateway
• IP packet routing
• Backup call processing
• Provides access to legacy voice systems for local
  calls, toll bypass, and WAN backup in case of
  failures

15
Benefits of VoIP

• Ability to combine voice, video, data on same
  network
• Use existing internet connection for phone calls
• Call anyone, anywhere, at any length
• Same or lower cost
• Increased employee productivity
• Combination of communication channels (telephone,
  voice mail, fax, e-mail, pagers, mobile phones,
  PDAs)
• Listen to emails Check voice mails from
  internet

16
Capabilities

• By using XML capabilities, new IP phones have
  enhanced user interfaces
• Access to any web-based content
• Access to employee extension numbers
• Administrative and attendance solutions for
  school districts and universities
• Inventory tracking
• Restaurant listings and reservations
• Emergency notification and audio streaming
  systems for government and public safety
  personnel
• Enterprise applications email, unified
  messaging, corporate directories, conference room
  booking, and expense reporting
• Easily accessible for employees anytime, anywhere

17
Reliability

• Traditional PBX highly reliable
• 99.999 reliability (5 minutes of outage per
  year)
• Highly reliable components and built in
  redundancy
• VoIP
• Relies on gateways and phones that can register
  on multiple servers
• Uses IP networks multiple paths

18
VoIP QoS

• Voice signals more demanding than data
  communications
• To ensure quality, attributes must be managed
  properly
• Bandwidth
• Number of packets lost
• Round trip delay
• Jitter / variability in delay
• Establish QOS needed for expected traffic

19
VoIP QoS - Bandwidth

• Bandwidth
• Generally modest (64 kbps or less)
• Depends on codec and use of silence suppression

Codec Rate (kbps)
G.711 64
G.722 48-64
G.729 (A/B) 8

• Packet loss
• Should be less then 5

20
VoIP QoS - Latency

• Voice quality characteristics
• Clarity fidelity, clearness, and intelligibility
  of signal
• Delay effect on interactivity
• Echo distracting and confusing
• Latency
• Components Encoding, Packetisation, Network
  delay, Receiver buffering, Decoding
• ITU-TG.114 recommends 150ms

One-way Delay Effect on perceived Quality
lt100 -150ms Delay not detectable
150 - 200ms Acceptable quality slight delay or hesitation noticeable
Over 200 - 300ms Unacceptable delay normal conversation impossible
21
VoIP QoS - Jitter

• Jitter
• Smoothed by playback buffers
• Receivers adapt the depth of these buffers
• Sudden changes in jitter may cause loss

22
Convergence mediation
23
H.323 and SIP
24
H.323

• Recommendation published by ITU
• Ties together a number of protocols to allow
  multimedia transmission through an unreliable
  packet-based network
• 1996 approved by ITU
• 2003 Version 5

25
H.323 Architecture

• H.323 Terminal
• Gateway
• Gatekeeper
• Multipoint Control Units (MCU)

26
H.323 Protocol Stack for VoIP
27
G.7xx Speech (De)Coding

• H.323 systems must support G.711 PCM, 64kbps
• Other codecs G.729, G.726,

28
RTP

• Realtime Transport Protocol (RFC 3550, July 2003)
• Application layer protocol for transmitting
  realtime data (audio, video, ...)
• Includes payload type identification, sequence
  numbering, timestamping, delivery monitoring
• Mostly over UDP
• Supports multicast unicast

29
Control Protocol - RTCP

• RTP Control Protocol (RFC 3550, July 2003)
• Periodic transmission of control packets to all
  participants in the session
• Main functions
• provide feedback on quality of data distribution
• carries a persistent transport-level identifier
  for an RTP source (CNAME)
• each participant sends control packets to all
  others which independently observe the number of
  participants

30
More Control Protocols in H.323

• H.225 (RAS)
• protocol between terminal and gatekeeper (if
  present)
• allows terminals to join/leave zone,
  request/return bandwidth, provide status updates,
  
• H.245 (Call Control)
• Media Control Protocol
• Allows terminals to negotiate connection
  parameters (codec, bit rate, ..)
• Q.931 (Call Signaling)
• Manages call setup and termination

31
SIP Session Initiation Protocol

• Developed by IETF since 1999
• RFC 2543, March 1999 (obsolete)
• RFC 3261, June 2002
• Target develop simpler and more modular protocol
  for VoIP than the large and complex H.323 by ITU

32
SIP Session Initiation Protocol

• SIP is a text-based protocol similar to HTTP and
  SMTP, for initiating interactive communication
  sessions between users
• SIP is an application-layer control (signaling)
  protocol for creating, modifying and terminating
  sessions with one or more participants
• Sessions include Internet Multimedia conferences,
  Internet Telephone calls and Multimedia
  distribution

33
SIP Session Initiation Protocol

• SIP can be used with different transport
  protocols, it doesn't even require reliable
  transport protocols
• A simple SIP client can be implemented using only
  UDP

34
SIP components
35
SIP components
UAC (user agent client) Caller application that initiates and sends SIP requests.
UAS (user agent server) Receives and responds to SIP requests on behalf of clients accepts, redirects or refuses calls.
SIP Terminal Supports real-time, 2-way communication with another SIP entity. Supports both signalling and media, similar to H.323 terminal. Contains UAC.
Proxy Server Contacts one or more clients or next-hop servers and passes the call requests further. Contains UAC and UAS.
Redirect Server Accepts SIP requests, maps the address into zero or more new addresses and returns those addresses to the client. Does not initiate SIP requests or accept calls.
Location Server Provides information about a callers possible locations to redirect and proxy servers. May be co-located with a SIP server.
36
Comparison of H.323 and SIP
Item H.323 SIP
Designed by ITU IETF
Compatibility with PSTN Yes Largely
Compatibility with Internet No Yes
Architecture Monolithic Modular
Completeness Full Protocol Stack SIP just handles set-up
Parameter negotiation Yes Yes
Call signaling Q.931 over TCP SIP over TCP or UDP
Message format Binary ASCII
Media Transport RTP/RTCP RTP/RTCP
Multiparty calls Yes Yes
Multimedia conferences Yes No
Addressing Host or Tel Number URL
Call termination Explicit or TCP Release Explicit or timeout
Instant messaging No Yes
Encryption Yes Yes
Size of standards 1400 Pages 250 pages
Implementation Large and Complex Moderate
Status Widely deployed Up and coming
37
Disadvantages to VoIP

• Some internet voice services do not work during
  power outages and do not provide backup power
• Some services difficult to connect with 999
  dispatcher
• Some providers do not provide white pages
• SECURITY

38
Security Risks
39
DoS Attack
?
call
40
Toll Fraud
Hacker sells your company calling information
Your company gets the bill
41
Call Manager OS
42
Call Manager OS
?
43
Eavesdropping
call
44
Recording
call
45
Hijacking/Injection Attack
call
46
Call Forwarding/Spoofing
call
47
Call Forwarding/Spoofing
call
48
Call Forwarding/Spoofing
?
call
49
Expose private conversations
!
call
50
Block certain calls
?
555-1212
999-1213
987-6543
51
Log call activity
call
52
VoIP Security Concerns
53
VoIP Security Concerns

• What is the greatest risk to your organisation
  when implementing Voice over IP?

54
VoIP Security Concerns

• What is the greatest risk to your organisation
  when implementing Voice over IP?

Loss of use and resulting loss of business,
whether a result of a DoS attack, power failure,
or poor management/maintenance of the VoIP
systems.
55
VoIP Security Concerns

• What are the security risks you are exposing your
  organisation to when considering Voice over IP
  (VoIP)?

56
VoIP Security Concerns

• What are the security risks you are exposing your
  organisation to when considering Voice over IP
  (VoIP)?

Denial of Service, Toll Fraud, O/S
Vulnerabilities, Hacking, Recording,
Eavesdropping, Hijacking, Spoofing, Call
Forwarding, Call Blocking, Call Logging
57
Security Solutions
58
Network Solutions Security Policy

• Establish a corporate security policy
• Acceptable Use Policy
• Analog/Dial-in/ISDN Line Policy
• Anti-Virus Process
• E-mail Policy
• Automatic Forwarding
• Usage
• Retention
• Ethics Policy
• Password Protection Policy
• Patch Management Process
• Router Security Policy
• Server Security Policy
• Risk Assessment Policy
• VPN Security Policy
• Wireless Security Policy

59
Security Solutions Network
Network Design by Cisco Systems
60
Security Solutions DoS

• Provide redundancy through
• Mesh Corporate WAN design
• Utilising multiple ISPs
• Fallback PSTN Gateway(s)
• Uninterruptible Power Supplies
• Negotiate QoS agreements

61
Security Solutions Hacking

• Segment networks into separate VLANs
• Voice network
• Data network
• Monitoring and control network

62
Security Solutions Hacking

• Maintain VoIP application server updates
• Call manager server(s)
• Voicemail server(s)
• Gateway server(s)
• Install current Operating System patches
• Install current application software patches

63
Security Solutions Spoofing

• Eliminate unknown devices
• DHCP Snooping
• DAI Dynamic Address Resolution Protocol
  Inspection
• IP Source Guard
• Eliminate unknown software
• Digital Signatures

64
Security Solutions Threats

• Manage and prevent threats via
• Stateful Firewalls
• Virus Filters
• Intrusion Detection (NIDS)
• Intrusion Prevention (HIPS)
• Filter unnecessary ports on
• Routers
• Switches
• PCs
• IP Telephones
• Firewalls

65
Security Solutions Complete
66
FUTURE OF VoIP
67
Wireless VoIP

• 802.11b (WiFi), the current standard, supports
  raw data rates up to 11Mbps.
• 802.11a 802.11g standards support 54 Mbps

68
Differences between A G

• Major difference is operating spectrum frequency.
• G standard utilises 2.4GHz ISM band (same as
  B standard)
• A standard utilises 5.2GHz band

69
Advantages

• A standard
• No interference because it utilises the 5.2GHz
  band
• Meets the need for future high-bandwidth
  applications for wireless video and the like.
• G standard
• Extended capability of supporting B devices.
• Older B mobile units can continue to be used
  along with any new G mobile devices.
• Meets the need for future high-bandwidth
  applications for wireless video and the like.

70
Disadvantages

• A standard
• 802.11a wireless voice devices are not readily
  available on the market.
• Few vendors have announced support of A for a
  wireless VoIP application.
• G standard
• ISM band may become too crowded and introduces a
  possibility of interference problems (e.g.,
  Bluetooth, cordless phones, etc.).

71
Conclusion
72
Conclusion

• The challenge of VoIP security is not new.
  History has shown that advances and trends in
  information technology typically outpace the
  corresponding realistic security requirements.
  Such requirements are often tackled only after
  these technologies have been widely adopted and
  deployed Cable Datacom News

73
Major Concern

• With VoIP the Internet becomes the backbone of a
  company's phone network.
• Hackers
• Worms
• Viruses
• DoS attacks

74
Advantages

• Convergence of voice and data into a common
  infrastructure for wiring, routers, network
  connectivity.
• Companies will be able to deploy, manage and
  maintain one network to serve all communication
  needs, saving on infrastructure costs and
  resources.

75
Introduction Mobile Data
76
Introduction Mobile Data

• This presentation will cover the following
• The Need For Remote Access
• Internet IPVPNs
• Key Customer Wireless Issues
• Considerations for Personal Trusted Devices

77
The Need For Remote Access
78
Is there a need for Remote access?

• Save money on office facilities
• Use of smaller workforce effectively and
  strategically
• Reach and service more customers
• Flexibility to work force - flexihours

Space to Workforce lower than 13 in many
offices
MOBILITY is MONEY
79
Needs of Mobile Workforce

• Corporate Email
• Allows mobile workforce to be in touch
• Access to corporate intranets.
• Marketing/sales collaterals, access KM sites,
  download forms, generate quotations.
• Access to resources.
• Source code, documents, lab infrastructure,
  calendaring system, booking meeting rooms.
• Access to enterprise applications
• SAP, Oracle, Lotus notes or other suites for
  purposes like order processing, tracking,
  inventory management etc.
• Video and Tele Conferencing
• 24X7 Availability and Support

80
Challenges for Enterprises

• Authenticating of the user
• Encrypting data that is sent over the public
  network
• Tracking the usage of devices
• Protection from Spoofing and Sniffing
• Support for growing list of devices

81
Technology Choices available today

• Technology
• IPSec VPN
• Allows complete access to enterprise resources
• Heavy weight protocol, but complete control to
  user
• Needs software on clients
• Email access
• Accessible through https (secure HTTP)
• Connectivity options
• Ethernet
• GPRS
• WiFi

82
Technology trends

• Encrypted Disk drives
• Data is stored in encrypted form
• External security keys
• Stored as USB Dongle or Serial port device
• Used as a key to access enterprise data
• Allows authentication and tracking
• SSL VPN
• Allows any web browser to access enterprise data
• Light weight solution, deployment cost is low
• Access restricted to Web based resources only
• Biometric identification
• Eye (iris) or finger print based identification

83
Gaps remaining

• Access of enterprise data at public kiosks
• Caching of information
• Saving of downloaded information
• Theft
• The disks can be read by another device
• Pictures and Messages stored in PDAs/Cell Phones
• Secured Access guarantee by ISPs
• Remote Patch Management
• Enterprise Policy for Remote Work Force

84
Suggestions for Enterprises

• Formulate a Policy for Remote Connectivity
• Centralise the maintenance and control of
  Security Settings
• Standardisation of devices
• Employees should not be allowed to choose devices
• Enforce anti-virus and patch management policy
• Have an approved list of applications to be used
  remotely
• Encryption of data is a must

85
IPVPNs
86
Internet VPN

• An Internet VPN is configured on the customers
  own equipment e.g. a router. A tunnel is created
  between two customer sites normally using IP Sec
  (IP Security) on the customer router and the
  traffic is routed over the Internet.It is a
  very low-cost way of establishing a VPN between
  two locations.However, there is no commitment
  with regard to speed of delivery of the data and
  at times when the Internet is busy it may not be
  possible to establish a connection at all or to
  transmit data with any reasonable speed.Many
  corporate customers will not use this type of VPN
  as it can route over many different service
  providers' networks and is subject to the same
  security risks as the www.

87
Internet VPN

• Sole traders and companies who only need to
  exchange email and perhaps a small amount of data
  are the major users of Internet VPNs.If a
  customer is comparing the price of an Internet
  VPN to that of an internet IPVPN it is important
  not to focus too much on the price of the IPVPN
  as two totally different services are being
  compared.

88
Internet IPVPN (Tunnelling) Technologies

• VPN technology
• GRE
• IP sec
• IP sec standards
• AH
• ESP
• IKE
• DES
• Triple DES
• RC4
• X.509 digital certificates

89
VPN using GRE Tunnel

• GRE (Generic Route Encapsulation) is another
  method of creating a tunnel which can then form a
  VPN between two sites.The most common use of
  GRE tunnels is to transport legacy i.e. protocols
  other than IP across MPLS networks.For example
  a customer with a fully meshed IPVPN over an MPLS
  core network could connect two sites using a GRE
  tunnel and send SNA traffic (i.e. non IP traffic)
  between the two sites without having to convert
  the SNA to IP before it entered the IPVPN.
• It can also be used as an unsecured internet VPN
  for non-sensitive traffic.

90
VPN using IP sec tunnelling

• IP Sec (IP Security) based VPNs use
  authentication mechanisms to ensure that only
  valid clients can connect across the tunnel. In
  addition there are different encryption
  algorithms that can be applied to IP Sec tunnels
  to ensure that the data passing through the VPN
  is not compromised.An IP Sec VPN is a point to
  point tunnel that can also be established between
  two sites that are connected into a multi-site
  IPVPN with MPLS.This would be used for example
  to connect two bank computer sites together where
  security of data transfer between mainframes is
  vital.The two sites would send email over the
  normal MPLS IPVPN fully meshed VPN and just use
  the IP Sec tunnel for special data between the
  two computers.

91
IP sec Key features

92
IP sec VPN

93
Key Customer Wireless Issues
94
Key Customer Wireless Issues
95
Considerations for Personal Trusted Devices
96
The big picture Convergence of Internet and
digital telecom networks
PC

Mobile terminal
TV set
IP Backbone Network
Mobile NW Operator sphere
E-commerce server
CA server
Service provider Server (e.g. GIS)
Community server
97
The big picture Access Network technologies
98
Some measures for the big picture

• Global wireless infrastructure based on GSM
  technology is truly global with its roaming
  capability and coverage.
• At the end of 2002, there were 454 GSM operators
  worldwide in 182 countries, and they served over
  730 million users.
• In 2002, 75 percent of the new mobile customers
  started to use GSM terminals and services
  offered by the GSM networks Nok2003.
• The number of digital telecom handsets has
  exceeded 1 billion (in 2002, ca. 400 million
  handsets were sold) and by 2006 perhaps 2
  billions.

99
Some measures for the big picture

• Of these handsets hundreds of millions are
  Internet-enabled (WWW, WAP- or I-mode -enabled).
• There are over a hundred million of servers at
  the server side (in Internet 1) and many in
  private networks

100
What is a Personal Trusted Device?

• When the wireless terminals in the above big
  picture are capable of supporting seamless
  communication, authentication and authorisation
  of users, various kind of contents - including
  text, voice and video streams, geocoded contents,
  etc. and practically any conceivable
  application or service, one can begin to talk
  about a Personal Trusted Device (PTD)
• A device where M-commerce transactions can be
  launched, credit card information stored, access
  to corporate resources allowed through PTDs now
• A multimedia mobile phone or PDA
• A Laptop with GPRS / WiFi / 3G card

101
Functionality of a PTD
102
Security and privacy problems of PTDs

• The PTDs are able to host larger and larger
  amount of data as memories get bigger
• This data is a security risk, because the device
  could be stolen or lost. So should we minimise
  the amount of critical data kept at the PTD?
• On the other hand, for guarding against privacy
  violations it might be wise to store large
  amounts of data at the PTD
• What is an optimal approach and on what does the
  optimality depend?

103
Security and privacy risks

• Evidently, if there is no risk of losing the
  device and data then it makes sense to keep as
  much as possible data, also critical, at the
  device
• However, on the contrary, if the risk of losing
  the device to a thief, or if losing the data
  because of a device crash or any other technical
  problem is high, it is advisable to minimise the
  amount of critical data kept at the device

104
Assets, risks, threats

• Assets
• Any data stored at the PTD
• Risks 
• PTD data lost
• The data stored at PTD is lost for the data
  owner. There are many threats that result in
  this, as discussed below. 
• PTD data misused
• The data stored at PTD and subsequently extracted
  is misused by malicious persons.

105
Assets, risks, threats

• Threats
• PTD is destroyed
• In this case no one can use the data any more
• PTD is lost for the owner
• In this case the owner does not get the device or
  data back he or she is unsure, whether the data
  will be misused or not
• PTD is stolen from the owner
• The owner knows that the device is stolen and
  certainly all the data is lost, and perhaps some
  or all the data is misused

106
Assets, risks, threats

• Threats (Cont)
• PTD data misused unnoticed
• In this case the data stored at the PTD is
  extracted and/or altered in a way that the owner
  does not notice it
• The PTD and the data remains at the disposal of
  the owner (perhaps, however, altered in some way)
• This case can lead to considerable security
  threats and damages from the owners point of view
  (misuse of cyber-identity, passwords, credit
  card, access to company infrastructure etc.)
• The privacy violation also belongs to this
  category, if the data provided by or stored at
  the terminal is misused

107
Assets, risks, threats

• Threats (Cont)
• PTD data misused but detected
• This case can result from theft, losing the
  device and subsequent theft, or disclosure of a
  misuse attempt from logs or physical traces (cf.
  Bluetooth/Ir-connection).
• In this case the device owner detects the misuse
  either when it is evident from the context
  (theft) or sometimes afterward
• The difference to the previous case is that the
  device owner can take deliberate countermeasures

108
Countermeasures against losing data

• Minimising the amount of critical data stored at
  PTD
• Full (or partial) data replication at a safe
  network component,
• Provision of safe backdoors to the data for
  which the legitimate owner has lost access for
  some reason (encrypted data, lost access to the
  entire device or to decryption keys, etc.)

109
Countermeasures against PTD misuse

• Minimising the amount of critical data stored at
  the device
• As good as possible physical protection of the
  PTD
• Reliable access control to the PTD and the data
  stored at it
• Encryption of the data stored at the device
• Partition of the data and storing it at the
  device and at another safe location (server,
  memory card, etc.)

110
Countermeasures against PTD misuse

• Self-destruction of the data if misuse attempt is
  detected by the device
• Privacy related data and algorithms that monitor
  what combinations of data handed out from the
  device while using various external services
  could lead to privacy violations or threats
• Refraining from accessing networked services
• Rroviding full security for communications over
  the air interface (end-to-end message encryption,
  end to authentication, authorisation)

111
Technical support for the countermeasures at PTD

• Reliable access control and authorisation
• This is a prerequisite for any security and
  privacy scheme if a malicious person gets access
  to the data at the device just by getting hold of
  it physically, nothing much can be done anymore
  Physical security of the PTD is thus a key
  ingredient in the security field
• The second security sphere is a proper
  authentication (PIN, biometric authentication,
  etc.)
• Third sphere is a proper authorisation of data
  access stored at the device
• Fourth sphere is protecting the device against
  malicious programs that are run there

112
Technical support for the countermeasures

• Categorisation of the data
• Assess risk level of particular piece of data and
  tell this to the system software (e.g. high,
  medium, low)
• Minimising the amount of vulnerable data at the
  PTD
• This can be semiautomatic, based on the risk
  level and the above categorisation
• If the risk level exceeds a threshold (e.g. due
  to movement to a high risk area), the vulnerable
  data is moved away from the device or encrypted
  in a suitable way

113
Technical support for the countermeasures

• Data partitioning
• The idea here is to store only a portion of a
  particular data half-granule at the PTD and
  another granule at a network component/other
  device so that both granules are useless alone,
  I.e. cannot be used unless first combined thus
  grabbing the device or the other half-granule at
  the network would not yet grant access to the
  other half-granule
• The problem with the scheme is that if there is
  no network connection, the legal user can neither
  use the data, because the half-granules cannot be
  recombined
• Another problem is the need for wireless capacity

114
Technical support for the countermeasures

• Data replication
• This scheme is solely against losing the data for
  whatever reason (device crash, loss or theft)
• The data granules stored outside the device (at
  other devices, network components, etc.) function
  basically as back-up copies that must be
  refreshed from time to time
• The draw-back of the scheme is that it increases
  risk of misuse of the data, because the same data
  is stored in perhaps many places outside the
  device
• Another drawback is storage and wireless network
  cost

115
Technical support for the countermeasures

• Encryption of data
• Encryption means that even if a malicious person
  has got hold of the device, he or she should be
  able do decrypt the data in order to misuse it
• This can be only be done by passing authorisation
  as a necessary step while accessing the data (PIN
  or authorising the action by other means)

116
Technical support for the countermeasures

• Destruction of the data
• This is an ultimate measure that the device
  should launch automatically, if it detects a
  rather clear misuse attempt
• By destruction the misuse is prohibited, but so
  is the legal use, unless the data is replicated
• How the decision can be done automatically, is by
  no means clear at the moment

117
Conclusions and further research

• Added security and privacy protection tend to
  decrease the usability of the device and increase
  power consumption and network capacity
  requirements
• It is therefore vital that the security and
  privacy protection policies and methods used in
  PTDs are in the right proportion to the threats
• Support from the network side is needed in almost
  all schemes thus, there must be an integrated
  overall security and privacy scheme

118
Conclusions and further research

• Many problems remain open, such as
• The measures for the threat and for the
  similarity of the copies.
• A comprehensive analytical model with the help
  of which one could better assess the impact of
  the chosen policies and methods to the usability,
  security and privacy of the PTDs
• These are for further study

119
Contact Details

• WWW.HiTexConsulting.Co.UK
• WebInfo_at_HiTexConsulting.Co.UK
• Tel. 0845 408 2412
• Fax. 0845 223 5158
• Presenters
• Adrian.Garrity_at_HiTexConsulting.Co.UK
• Tyronne.Mexson_at_HiTexConsulting.Co.UK