Security Requirements for the Unidirectional Lightweight Encapsulation (ULE) Protocol
RFC 5458
Network Working Group H. Cruickshank
Request for Comments: 5458 University of Surrey
Category: Informational P. Pillai
University of Bradford
M. Noisternig
University of Salzburg
S. Iyengar
Logica
March 2009
Security Requirements for
the Unidirectional Lightweight Encapsulation (ULE) Protocol
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abstract
The MPEG-2 standard defined by ISO 13818-1 supports a range of
transmission methods for a variety of services. This document
provides a threat analysis and derives the security requirements when
using the Transport Stream, TS, to support an Internet network-layer
using Unidirectional Lightweight Encapsulation (ULE) defined in RFC
4326. The document also provides the motivation for link-layer
security for a ULE Stream. A ULE Stream may be used to send IPv4
packets, IPv6 packets, and other Protocol Data Units (PDUs) to an
arbitrarily large number of Receivers supporting unicast and/or
multicast transmission.
The analysis also describes applicability to the Generic Stream
Encapsulation (GSE) defined by the Digital Video Broadcasting (DVB)
Project.
Cruickshank, et al. Informational [Page 1]
RFC 5458 Security Requirements for ULE March 2009
Table of Contents
1. Introduction ....................................................3
2. Requirements Notation ...........................................4
3. Threat Analysis .................................................7
3.1. System Components ..........................................7
3.2. Threats ....................................................9
3.3. Threat Cases ..............................................10
4. Security Requirements for IP over MPEG-2 TS ....................11
5. Design Recommendations for ULE Security Extension Header .......14
6. Compatibility with Generic Stream Encapsulation ................15
7. Summary ........................................................15
8. Security Considerations ........................................15
9. Acknowledgments ................................................16
10. References ....................................................16
10.1. Normative References .....................................16
10.2. Informative References ...................................17
Appendix A. ULE Security Framework ................................19
A.1. Building Block ............................................19
A.2. Interface Definition ......................................22
Appendix B. Motivation for ULE Link-Layer Security ................23
B.1. Security at the IP Layer (Using IPsec) ....................23
B.2. Link Security below the Encapsulation Layer ...............24
B.3. Link Security as a Part of the Encapsulation Layer ........25
Cruickshank, et al. Informational [Page 2]
RFC 5458 Security Requirements for ULE March 2009
1. Introduction
The MPEG-2 Transport Stream (TS) has been widely accepted not only
for providing digital TV services, but also as a subnetwork
technology for building IP networks. RFC 4326 [RFC4326] describes
the Unidirectional Lightweight Encapsulation (ULE) mechanism for the
transport of IPv4 and IPv6 Datagrams and other network protocol
packets directly over the ISO MPEG-2 Transport Stream as TS Private
Data. ULE specifies a base encapsulation format and supports an
Extension Header format that allows it to carry additional header
information to assist in network/Receiver processing. The
encapsulation satisfies the design and architectural requirement for
a lightweight encapsulation defined in RFC 4259 [RFC4259].
Section 3.1 of RFC 4259 presents several topological scenarios for
Show full document text