I think we can accept a “reasonable level of maturity” from the users of the 
tools in any case.

 

As a vendor, if one were to tamper with the results and then try to sell a 
product as being compliant they would have a hard time defending that position 
against customer expectations.  Let’s make it as hard as possible to tamper 
with the outcome, but not be too worried about involved and difficult 
workarounds to mislead the system.

Misleading both my customers and the OPNFV community would be a difficult thing 
to explain away…

 

/ Chris

 

From: <opnfv-tech-discuss-boun...@lists.opnfv.org> on behalf of Lincoln Lavoie 
<lylav...@iol.unh.edu>
Date: Friday, 13 January 2017 at 14:25
To: Leo Wang <grakiss...@hotmail.com>
Cc: TECH-DISCUSS OPNFV <opnfv-tech-discuss@lists.opnfv.org>
Subject: Re: [opnfv-tech-discuss] [dovetail]Dovetail encryption for report

 

Hi Leo,

 

Because doing that would require changing the test "script", which would change 
the hash, that is calculated at run time and included in the signed report.

 

Cheers,
Lincoln

 

On Fri, Jan 13, 2017 at 3:38 AM, Leo Wang <grakiss...@hotmail.com> wrote:

Hi Lincoln 

 

I agree with you , your proposal can keep the integrity of the dovetail 
tool(scripts/codes),

 

but i not sure that the content of results is right.

 

to sign the result can only proof its integrity that result is not tampered 
with during the transfer or uploading

 

If user modify the result right after the result being generated then sign the 
result

 

how to tell whether the result is the original one or not ?

 

 

BR

 

Leo Wang

 

 

 

 

On Jan 13, 2017, at 06:08, Lincoln Lavoie <lylav...@iol.unh.edu> wrote:

 

Hi Leo, 

 

It may be worth separating the encryption from the signature piece.  I believe 
the primary purpose of the security requirements were to ensure the integrity 
of the testing (i.e. the dovetail tests were not modified by the tester, to 
"solve" a failure).  In this process, I don't believe that is accomplished, 
because the scripts are generating their own key each time.  I think this will 
also lead to a nightmare number of keys that have to be kept, maintained, and 
tracked to look at results run in the past.

 

Attached is a different approach.  This approach would only sign the results, 
which protects their integrity compared against the scripts that were used to 
generate the results.  If a user wanted to "protect" their results, I would 
leave it to them to encrypt them and share keeps with the expected "consumer."  
In this approach, OPNFV Staff would be responsible for maintaining the public / 
private key (which should likely be updated with each release.  That key is 
used, along with a hash (MD5 sum or similar) of the Dovetail "scripts" to sign 
the results.  That signature can then be validated against the public key, to 
ensure the scripts or results were not tampered with prior to review.  This 
approach assumes the trust is placed with the OPNFV staff, in building 
(compiling) the integrity tool w/ the private key, and providing only the 
compiled version with each release (private key would have be protected within 
that tool).

 

The "gotcha" is making sure that compiled tool can run on all platforms and 
ensuring the private key is well protected.  And, if the OPNFV staff are able 
to maintain the set of keys, etc.  

 

 

 

Thoughts?

 

Cheers,
Lincoln

 

 

 

On Thu, Jan 12, 2017 at 4:46 AM, Leo Wang <grakiss...@hotmail.com> wrote:

Hi, Luke and Lincoln,  

 

 

Dovetail team plans to add this feature to dovetail tool , and need your 
professional  advices  from security group and 3rd party lab, 

 

so would you guys take a time to review this idea?

 

Thank you both in advance !

 

I’ve update the diagram with digital signature, and both encryption and digital 
signature can be optional to fit in user’s demand

 

for details, please check this link:

https://wiki.opnfv.org/display/dovetail/Dovetail+Security+of+Report

<encryption and digital signature (2).png>

 

 

 

On Dec 27, 2016, at 18:00, Lijun (Matthew) <matthew.li...@huawei.com> wrote:

 

digital signature should be added to do integrity checks, etc. +1.

/MatthewLi

发件人:Leo Wang

收件人:Yujun Zhang

抄送:Motamary, Shabrinath via opnfv-tech-discuss

时间:2016-12-27 16:32:46

主题:Re: [opnfv-tech-discuss] [dovetail]Dovetail encryption for report

 

Encryption or signature or certificate do have different role in this big 
picture, 

 

It can be done step by step.

 

 

 

 

On Dec 27, 2016, at 16:01, Yujun Zhang <zhangyujun+...@gmail.com> wrote:

 

On Tue, Dec 27, 2016 at 3:54 PM Leo Wang <grakiss...@hotmail.com> wrote:

As i mentioned , someone did show their concern on the security of test report, 
so dovetail will provide this optional parameter for them

 

digital signature is used to identify the source and its integrity, and surely 
it can raise the security level, or even better to get a digital certificate to 
make it more secure?

 

Sure.

 

You may refer the international standard  ISO/IEC 17065 on how to certify a 
product. The standard is not about technical solution but quality processes and 
organizations.

 

Encryption or signature are all technical methods to enhance the authority of a 
certification program.

 

 



 

-- 

*******************************************************************************

Lincoln Lavoie

Senior Engineer, Broadband Technologies

 

www.iol.unh.edu

21 Madbury Rd., Ste. 100, Durham, NH 03824

Mobile: +1-603-674-2755

lylav...@iol.unh.edu

    

 

Ars sine scientia nihil est! -- Art without science is nothing.

Scientia sine ars est vacua! -- Science without art is empty.

*******************************************************************************

<OPNFV_Dovetail_Signed_Results.png>

 



 

-- 

*******************************************************************************

Lincoln Lavoie

Senior Engineer, Broadband Technologies

 

www.iol.unh.edu

21 Madbury Rd., Ste. 100, Durham, NH 03824

Mobile: +1-603-674-2755

lylav...@iol.unh.edu

    

 

Ars sine scientia nihil est! -- Art without science is nothing.

Scientia sine ars est vacua! -- Science without art is empty.

*******************************************************************************

_______________________________________________ opnfv-tech-discuss mailing list 
opnfv-tech-discuss@lists.opnfv.org 
https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss 

_______________________________________________
opnfv-tech-discuss mailing list
opnfv-tech-discuss@lists.opnfv.org
https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss

Reply via email to