Security on the NBN: Perspectives
What do we mean when we say “security” on the NBN?
Security means different things to different people. In general we consider network security as the ability of a network to remain available and to perform well even with exposure to would-be attackers. This also includes the ability to keep sensitive information travelling across the network safe from unauthorised access or modification. In implementation there are many aspects of modern networks that link together to preserve that security. By the time the first paying customer uses the NBN, there will have been literally hundreds of security processes, features and settings applied to keep customers, and the network itself, safe.
The National Broadband Network, or NBN, is going to dramatically change the way Australians connect and
obtain network services such as Internet, telephony and television. It promises greater speeds, reliability
and reach than any other consumer network before it – very exciting! But will this new network have
more security? Will it meet the security needs of Australia’s next generation of consumers, enterprises and
carriers? Who will ensure the security of the NBN and our trust in it? This article will pose some of these
questions and offer some potential answers.
Will the NBN be
fundamentally secure?
Yes. 90% of Australian homes will be connected by Fibre To The Premises, or FTTP. Fibre optic cable is a generally more secure way to transmit information across public ground compared to the copper twisted-pair cabling used for most telephone/DSL connections today, as well as most cable-modem based Internet services (pre-DOCSIS v3). This is primarily due to the higher levels of difficulty associated with cutting into the fibre and/or passively listening in. On top of this, GPON uses encryption over the optical link to the user’s premises. That means that the data travelling to the customer over fibre can only be decoded by the intended optical modem (ONT).
Similarly, security processes exist for wireless and satellite which will be used for the 10% of the population not served by fibre. The details of how this is accomplished vary from product to product, so the NBN will need to make security assessments an important part of its selection processes for equipment.
But will connecting 100% of the population come with
additional security issues?
Yes. While the NBN holds great promise for Australians and the future of networking in our country, the existence of such a pervasive networking resource does mean that attackers will attempt to exploit it. So how will we know the NBN is safe, and who will keep it (and us) safe?
Ultimately, security will be achieved in different ways by the people and organisations involved. Each have different security concerns and different compensating controls to address them. Taken as a whole, and with proper maintenance, the measures put in place to secure the NBN at all layers will combine to create a strong, resilient asset for all Australians.
Figure 1: NBN Co., the NSP, and the Customer all have a role to play in security.
Let’s look at how security of the NBN is achieved by the user, by the Network Service Provider (NSP), and by NBN Co., as part of an overall layered approach. In the following sections, the home, enterprise, and government users are all operating as customers of the NBN with the same general issues and types of protection applied – just at a different scale. Specifically, in the commercial and government sectors, the threats faced are much more potent, but these are offset by correspondingly greater resources to counter the threats.
Staying safe at home
It’s important to understand that the NBN does not, by itself, expose residential customers to greater security risks. The NBN is just an access network, and a secure one in that it is itself resistant to attack.
With more computers on-line, and increasingly being used for home banking, shopping, and other commercial activities, security threats (both to the PC itself and to other new network components of an NBN-enabled household) need to be considered. The increased numbers of systems online due to the NBN will create a larger population of potential victims for online attackers. Of course, the accessibility of the NBN will also improve security, in that it will allow things like virus protection and computer security updates to be much more readily accessible than ever before – and the best protection for your PC and home network is to keep your defences up to date.
In order to minimise online vulnerability, computer users should follow the four basic rules of home computing:
1. Use a firewall that controls both outbound traffic as well as inbound (default firewalls may not provide this);
2. Use anti-virus software with updates applied regularly (e.g., daily); 3. Keep up-to-date with system updates; and
4. Do not click links received in emails or instant messages, or email attachments unless you trust where you got them from.
Following these simple steps will give your computer a high degree of protection against most security threats.
Also, in a NBN world just as today, it will remain imperative that we all pay close attention to keeping our personal information private in our dealings with others, both online and off.
Other/future security
concerns in the home
Personal computers will not be the only part of a home installation of interest to attackers. As Australians come to enjoy a fuller “on net” experience associated with better connectivity, consumer products will become available which leverage this connectivity. This could be called the real value of the NBN – the enhancement to everyday life afforded by being connected. For example, the NBN could likely be used to deliver telephony, security alarm monitoring, IP TV, and access to “smart meters” for utilities.However, it is important to remember that the appliances for these new services and applications will normally be network-enabled, computer-based, and therefore open to attack. This also creates an opportunity for attacks to and from home computers and other intelligent devices in the same household.
The NBN will need to support related security functionality to keep these services safe, both for the carrier to offer and operate, and the customer to use, including keeping them safe from each other. For example:
• A PC must not be able to disable telephone services, or television set-top boxes – and vice-versa.
• Remote access to consumer products must be provided securely, including the use of encryption and strong authentication techniques.
• Equipment to be located on the customer network that plays a part in billing must be secured to prevent fraud.
• Utilities (power meters, etc) must be secured to prevent unauthorised control by criminals planning to compromise a building’s security, for example by turning off power to an alarm panel. However, these smart meters incorporate security features of their own which can effectively mitigate this risk.
• New services and products offered via the NBN will become targets for phishing and spoofing attacks – these try to trick people into unwittingly helping the attacker gain personal information. As such, up-front, consumer training should be provided to help people differentiate between legitimate business interactions and attackers trying to get personal information such as passwords.
Needs of the small-to-medium
business / enterprise customer
In addition to the basic security issues faced by residential customers, businesses of all sizes are subject to some additional threats when they go online:• Commercial attackers seeking to eavesdrop confidential information • Denial-of-Service attacks to block access or cripple servers
• Targeted penetration of defences to steal and/or destroy information. Again, the NBN does not by default have an active role in securing customers’ systems and information; it is merely the network access enabler. The security measures implemented by the NBN will be focused on ensuring the availability and performance of the underlying infrastructure rather than securing customers. But the NSP, leveraging bandwidth that the NBN delivers, is now free to develop and deploy value-added services that will improve security, especially for business customers.
For example, the widespread introduction of high-bandwidth services will create a much more attractive market for network-based data backup and restore services. These services are critical for recovering from an attack, or failure of an important system.
In another case, a full suite of managed security services could be offered by the NSP to deliver a “secure network” as part of the package. This could bring best-of-breed enterprise security capabilities within reach of small businesses that would otherwise find procurement and maintenance of such systems unaffordable.
Whatever the security service offerings that develop, the NBN itself will leverage network segregation technologies such as Ethernet Virtual LAN (VLAN) and Multiprotocol Label Switching (MPLS) with Quality of Service (QoS). Ethernet VLAN and MPLS will enable the NBN to partition and segregate traffic between networks and QoS to restrict traffic flows to agreed limits.
An additional level of segregation and security is provided by encrypted VPNs. As is currently the case today, enterprise users of the network often request encryption for their inter-office networks, and in some cases (e.g., processing credit card transactions) it is mandatory. NBN will probably spark a rise in the deployment of VPNs as more and more customers do business on the NBN – and security-savvy NSPs will be there to assist with, and/or provide these VPNs.
Government and
law enforcement
Government departments resemble enterprises in their operation – multiple sites, interactions with business and consumers – and budget constraints for IT spend. Yet they face all the same risks, as well as holding special security-based responsibilities: • Managing information sensitive to national security • Managing personal information on nearly every resident in Australia • Supporting Law Enforcement agencies and Emergency Services.
The implication for government departments is that a very high level of security is expected of them in order to protect the interests of individuals and the nation in general. Possible exposure via the NBN is just one facet of this, which can be tackled using similar processes and technologies to those found in ordinary enterprises, especially MPLS, QoS, and encrypted VPNs.
NBN will also have an opportunity to provide universal standard lawful interception capabilities on behalf on NSPs (who would otherwise be obliged to each develop and deploy a solution). This will lower the barriers of entry for NSPs, and in turn, this should result in lower costs to the consumer. This might be some way off but with NBN it becomes a real possibility and
Expectations on the NBN and
responsible organisations
It goes without saying that all organisations responsible for providing services as part of NBN will be expected to maintain good general security practices (a critical example of this would be having a defined, published and audited security policy), ensure confidentiality and integrity of customer data, ensure the security of their own facilities against attack, and documented procedures to manage risk. In addition to this, there are more specific expectations at each part of the delivery chain and associated organisations.
NBN Co. and the network itself
Assuming a wholesale bitstream model, NBN Co. will be responsible for the delivery of data across the access network to customers’ premises. They must ensure the security of the NBN components, systems, network operations centres, offsite data backups, billing systems, etc. They will need to ensure that each customer only has access to their own information and network, and that traffic from one provider does not compromise the service provided to and by others. Given the larger number of providers expected to take advantage of the NBN, security systems and processes will need to be highly scalable, and able to function with complete security in an efficient manner.Another Australian concern for an NBN to reach 100% of the population, and 90% via fibre, is the physical reach of it – traversing thousands of kilometres including connectivity to some quite remote areas. As the NBN Co. builds out this “web” of interconnecting access networks feeding into the NBN, there will be some physical security considerations associated with reaching out this far with the infrastructure. For example, special security alarm systems and monitoring will need to be a part of remote sites. Also, encryption will be required to protect sensitive management traffic to the remote distribution points and network equipment within them.
A technique that is gaining in popularity is the introduction of anomaly detection systems into the network. These systems simply observe traffic and usage patterns and then raise an alarm if something odd occurs in the usage patterns of the network. For example, an attempt to guess passwords on an NBN Co. system would be visible in this way; also a virus outbreak within an NSP could be detected – which could be
a value-added service the NBN Co. could sell to NSPs, and that the NSPs may be able to re-sell to its customers.
Also, the way the NBN is designed will need to include security from the ground up. For example, if the network were to be designed around physical fibre connections being “leased” to NSPs, it would be almost impossible to achieve proper security in a measurable way because there would be no end- to-end visibility or ownership of the security of the network, and there would be increased risk of undetectable tampering with the fibres themselves before they became active or leased. By contrast, keeping the NBN Co. accountable for the underlying security elements of the entire end to end network, and having a single “lit” network reduces the opportunity for tampering with the fibres, adding illicit links, and so on.
As a national resource, Australians will want to see independent security audits and reviews being carried out regularly on the NBN’s security, and reported on such that the burgeoning NBN “eBusiness” environment remains an attractive investment for Australia and the myriad service providers utilising the NBN.
These expectations – and others besides – will evolve over time as the plans for NBN are developed. Industry, consumer, and government consultation and involvement will be required.
Service Provider
The service provider, as the initial “customer” of the NBN, will start with a trusted network environment provided by the NBN Co. This will then support standard internet access, customer VPNs, all their monitoring needs, and so on. In addition there will be security filters and policies deployed to the provider’s “edge” and extensive QoS and other traffic management measures in place to keep the provider’s services safe, and also to ensure service availability for consumers, small business and enterprise customers alike.
It will be the responsibility of the service provider to ensure their internal operations and customers’ networks and services are not at risk from attack by hackers, including users connected to other providers’ networks. A “defence in depth” model will need to be deployed in which security measures are layered to prevent attacks from breaking through defences, with no single point of failure resulting in a breakdown of security. Complementing these preventive measures, the providers will be expected to monitor for any untoward occurrences and then to respond to incidents when they occur.
Customers will expect the service providers to also engage the services of security auditors to validate the measures they have in place to protect customers’ networks and data in transit across the provider’s network. Hopefully a strong security practice, documented and audited, will become a key expectation and differentiating selling point between service providers.
The role of government in
securing the NBN
Cyber-terrorism is a very real threat and the Government will need to ensure the NBN will be built from the ground up to resist large-scale attacks that might be used to harm Australia’s new network infrastructure or its users en masse. To the extent critical infrastructure (including public transport, utilities, law enforcement, etc.) and related services might connect to the NBN, focused security testing and audits will be required to ensure the utmost levels of security are maintained in
all aspects of these networks. Cooperation with international efforts and contribution to standards relating to securing critical infrastructure should be part of what the government brings to NBN for security.
Additionally, as a regulator, the Government will need to ensure appropriate security features and settings are maintained across each service provider connecting to NBN. This could be done via the establishment of security policies and requirements that form part of the entry criteria for a service provider to be setup on the NBN; and the regulator should require yearly audits of the security of the provider’s network and systems, to identify developed issues and allow for remediation processes to be initiated.
At key connection points where the NBN feeds into the wider Internet, there should also be standards to ensure the NBN is not an easy target to the myriad of skilled attackers present on the wider ‘Net.
As a provider of potentially very many services to all Australians, the Government will perhaps be one of the NBN’s biggest users, with a strong vested interest in ensuring that the security capabilities of the network remain effective over the lifetime of the network. This vigilance will benefit all Australians as neighbours on the same network.
A good way to establish the security of a service or network or system is to make use of established international standards as the foundation for assessing security, then repeating this assessment at intervals to measure improvement or stagnation in the security posture of the subject. A comprehensive security standard such as ITU-T Recommendation X.805 provides an architecture for providing end-to-end security. It is also useful in calling out security requirements and characteristics for assessment. Its systematic consideration of security across the user plane, control plane and management plane, covering eight so-called dimensions of security provides a robust matrix of security assessment, especially when applied against the NBN at the three layers called out: per element (infrastructure), per network (referred to as a ‘service’) and per NSP (called an ‘application’).
Figure 2: An ITU-T X.805 diagram, depicting the various ways to evaluate end-to-end security.
DOCSIS – Data Over Cable Service Interface Specification FTTP – Fibre to the Premises
GPON – Gigabit Passive Optical Network IPTV – Internet Protocol Television ONT – Optical Network Termination MPLS – Multiprotocol Label Switching NBN – National Broadband Network NSP – Network Service Provider QoS – Quality of Service VLAN – Virtual LAN
VPN – Virtual Private Network
Glossary
Conclusions
The provision of a NBN to all Australians will undoubtedly bring with it enormous benefits to our society. Consumers frustrated by slow network access speeds today will find themselves able to participate fully in the network-centric Internet, thanks to the NBN. Rural communities will be able to access this digital economy for the first time. Businesses and government will find new ways to work with each other and with their customers in an always-on world. Improved education, research, and collaboration capabilities will become available to all Australian homes in a much richer way thanks to improved bandwidth and coverage.Crucially, in addition to connecting Australia, the NBN must take active and comprehensive steps to ensure the ongoing security and confidence of users of the network at all levels – from the consumer at home to the government itself.
We view strong security for the NBN as non-optional, and we hope this introduction to some of the issues and accountabilities has helped show why.
Alcatel-Lucent Australia contact details:
Ric Clark, Chief Technology Officer ph: +61 3 9664 3407
Lisa Poninghaus, External Communications Manager ph: +61 2 8306 5645
