Post on 21-Dec-2015
transcript
Discovery and Traversal Discovery and Traversal of Security Gatewaysof Security Gateways
Alwyn E. GoodloeAlwyn E. GoodloeUniversity of PennsylvaniaUniversity of Pennsylvania
Contessa NS Contessa NS
Protocol eXchangeProtocol eXchangeJune 10, 2005June 10, 2005
History of Routing ProtocolsHistory of Routing Protocols
In early days of ARPANetIn early days of ARPANet Few nodesFew nodes Routing tables manually configured at each Routing tables manually configured at each
node by local system adminnode by local system admin
Centralized Management an AlternativeCentralized Management an Alternative Network manager knows topology and Network manager knows topology and
handles everythinghandles everything Tools can help, but still difficultTools can help, but still difficult
DrawbacksDrawbacks
Managers must know topologyManagers must know topology
Managers control who gets to playManagers control who gets to play Can not just go and add or delete a nodeCan not just go and add or delete a node
Hard to see how the Internet would have Hard to see how the Internet would have grown to present size had either of these grown to present size had either of these schemes been adopted.schemes been adopted.
Dynamic Routing ProtocolsDynamic Routing Protocols
Routing tables are updated as part of Routing tables are updated as part of protocolprotocol
Adapts to changing topology and growthAdapts to changing topology and growth
TheoryTheory Convergence in the face of changesConvergence in the face of changes CorrectnessCorrectness Efficiency of underlying protocolsEfficiency of underlying protocols
Security GatewaysSecurity Gateways
Located at cutpoints in the networkLocated at cutpoints in the network
Possess an inside and an outsidePossess an inside and an outside
Nodes on the inside constitute its domainNodes on the inside constitute its domain
Gateways control what traffic can enter Gateways control what traffic can enter and leave a domainand leave a domain
Traversing GatewaysTraversing Gateways
High-level policies at the gateways High-level policies at the gateways determine which users can communicate determine which users can communicate with members of its domainwith members of its domain
To enforce policies, gateways authenticate To enforce policies, gateways authenticate packets using cryptographic tunnels packets using cryptographic tunnels Security Associations (IPsec)Security Associations (IPsec)
Packet filters determine which packets go Packet filters determine which packets go in which associationin which association
Industrial PracticeIndustrial Practice
Gateways are usually configured using Gateways are usually configured using command line interfacescommand line interfaces
Moving to centralized managementMoving to centralized management Tool support: Solsoft Policy serverTool support: Solsoft Policy server
Drawbacks same as for routersDrawbacks same as for routers Inflexible in the face of changing topologyInflexible in the face of changing topology
Want protocols to dynamically find Want protocols to dynamically find gateways and set up associationsgateways and set up associations
Set Up Protocol RequirementsSet Up Protocol Requirements
DiscoverDiscover gateways along path gateways along path Send out distinguished control packetsSend out distinguished control packets
Negotiate trust relationship based on high-level Negotiate trust relationship based on high-level policypolicySet up associations using some key-exchange Set up associations using some key-exchange protocol (IKE, JFK)protocol (IKE, JFK)Install packet filters (low-level policies) on the Install packet filters (low-level policies) on the gateways that are derived from/compatible with gateways that are derived from/compatible with high-level policieshigh-level policiesDiscovery protocols are a special class of Discovery protocols are a special class of signaling protocolsignaling protocol
Do People Really Want ThisDo People Really Want This
Cisco’s Tunnel Endpoint Discovery (TED) Cisco’s Tunnel Endpoint Discovery (TED) Protocol performs discovery Protocol performs discovery Limited. Assumes two gateways.Limited. Assumes two gateways. Built into high-end security gatewaysBuilt into high-end security gateways Indicates industrial demandIndicates industrial demand
IETF’s IP Security Policy (IPSP) groupIETF’s IP Security Policy (IPSP) group Charter says they will develop a discovery Charter says they will develop a discovery
protocolprotocol
Need For TheoryNeed For Theory
We have designed several protocols for We have designed several protocols for setting up collections of IPsec tunnelssetting up collections of IPsec tunnels Sectrace, L3A (WITS 05)Sectrace, L3A (WITS 05)
Each had subtle flaws that were Each had subtle flaws that were uncovered by formal analysisuncovered by formal analysisWant a formalism and theory for Want a formalism and theory for developing such signaling protocolsdeveloping such signaling protocols Like SPI-Calculus and MSR for crypto Like SPI-Calculus and MSR for crypto
protocols protocols
Tunnel CalculusTunnel Calculus
Key-Exchange as abstract building-blockKey-Exchange as abstract building-block Not concerned with the cryptography Not concerned with the cryptography Terminates with associations and policies Terminates with associations and policies
properly set upproperly set up
Captures essential details of the networkCaptures essential details of the network Contrasts with process algebras that abstract Contrasts with process algebras that abstract
away from networkaway from network
Built in layersBuilt in layers
ExampleExample
a bg
Discovery
Discovery
Negotiate Establishment
EstablishmentAuthenticate
Authenticate
EstablishmentEncryption
Negotiation
Establishment LayerEstablishment Layer
BA
Req(spi-a, request)
Rep(spi-a, spi-b, request)
SADB ABSPDB
SADB BASPDB
SADB ABSPDBSADB BASPDB
Trust Negotiation Trust Negotiation
When discovery packet destined for node When discovery packet destined for node B arrives at a gateway G, how does B arrives at a gateway G, how does G know if it should allow the set upG know if it should allow the set up The initiator know that B is inside of G’s The initiator know that B is inside of G’s
domaindomain
These questions need to be settled by These questions need to be settled by high-level policy high-level policy This must be known This must be known beforebefore establishment establishment beginsbegins
Trust ManagementTrust Management
Need to discover, access, process high level Need to discover, access, process high level policypolicyWork in progressWork in progressRelated works Related works Security Policy Protocol (SSP) IETF IPSPSecurity Policy Protocol (SSP) IETF IPSP SPKI/SDSISPKI/SDSI PolicyMaker/KeyNotePolicyMaker/KeyNote QCM/SD3QCM/SD3 ……..
Borrow ideas and abstract away detailsBorrow ideas and abstract away details
Security Processing LayerSecurity Processing Layer
Abstraction of IPsecAbstraction of IPsec
Security Associations (SA) – Define Security Associations (SA) – Define cryptographic transformscryptographic transforms Abstract away the cryptographyAbstract away the cryptography Tunnel modeTunnel mode
Packet P(a,b,y) in association cPacket P(a,b,y) in association cd:Id:I
P(c,d,S(I,P(a,b,y))P(c,d,S(I,P(a,b,y))
Association Database (SADB) Association Database (SADB)
Security Processing Layer ContdSecurity Processing Layer Contd
Packet filters called security policies direct Packet filters called security policies direct traffic into SAstraffic into SAsSecurity Policy Database (SPDB)Security Policy Database (SPDB) SPDB-IN and SPDB-OutSPDB-IN and SPDB-Out
Must model the processing of packets!Must model the processing of packets! Headers added and removed in accordance with Headers added and removed in accordance with
policy policy
Each packet that enters the system must Each packet that enters the system must undergo processingundergo processingOutgoing packets processed before sent down Outgoing packets processed before sent down to routing layerto routing layer
IPsec exampleIPsec example
GA B
AB:[(AB)(AG)] AB:[(AG)]
P(A,G,S(i1,P(A,B,S(i3,P(A,B,y)))))
AB:[(GB)] AB:[(AB)(GB)]
P(G,B,S(i2,P(A,B,S(i3,P(A,B,y))
P(A,B,S(i3,P(A,B,y)))
P(A,B,y)
P(A,B,y)
i1 i2
i3
Routing LayerRouting Layer
Network topology induced by forwarding Network topology induced by forwarding tablestablesRouters only routeRouters only route Packet p arrives @ r.Packet p arrives @ r. Lookup next hop in table.Lookup next hop in table. Send packet to next hopSend packet to next hop
Secure nodes do IPsec processingSecure nodes do IPsec processing All packets that arrive are sent up to be All packets that arrive are sent up to be
processed by security layerprocessed by security layer
Formalism Formalism Based on multiset rewriting and equational Based on multiset rewriting and equational logic logic
Very basic logicVery basic logic Control flow must be explicit Control flow must be explicit Each rule may execute concurrently unless Each rule may execute concurrently unless
constrainedconstrained
State must be explicitly passed among rulesState must be explicitly passed among rules MSR’s L-PredicatesMSR’s L-Predicates Our resumption terms <…..>Our resumption terms <…..>
Safety/Liveness PropertiesSafety/Liveness Properties
Safety:If a tunnel if formed, then a proper Safety:If a tunnel if formed, then a proper set of credentials existset of credentials exist
Liveness: Given some global policy, the Liveness: Given some global policy, the two parties should be able to communicate two parties should be able to communicate assuming everything is in the right placeassuming everything is in the right place
Still working on formalizing theseStill working on formalizing these
Future WorkFuture Work
Dissertation will flush out the details of Dissertation will flush out the details of each layereach layer Executable models in MaudeExecutable models in Maude Proofs of properties Proofs of properties Work on the theoremsWork on the theorems Trust negotiation layerTrust negotiation layer
Contessa NS PeopleContessa NS People
Carl A. GunterCarl A. Gunter
Mark-Oliver StehrMark-Oliver Stehr
Alwyn GoodloeAlwyn Goodloe
Matthew JacobsMatthew Jacobs
Gaurav ShahGaurav Shah
Michael McDougallMichael McDougall
Gual AghaGual Agha
Michael GreenwaldMichael Greenwald
Sanjeev KhannaSanjeev Khanna
Jose MeseguerJose Meseguer
Koushik SenKoushik Sen
Prasanna ThatiPrasanna Thati