Date post: | 07-Apr-2018 |
Category: |
Documents |
Upload: | carlo-cafiero |
View: | 223 times |
Download: | 0 times |
of 37
8/4/2019 EDG Tutorial Security Torino
1/37
Security Mechanisms
The European DataGrid Project Team
http://www.eu-datagrid.org
8/4/2019 EDG Tutorial Security Torino
2/37
Security Tutorial - n 2Torino, 5-6/12/02
Contents
Concepts of Cryptography Digital Certificates
Security problems (and solution) of the Grid
EDG user authentication (practical guide)
EDG authorization (overview)
8/4/2019 EDG Tutorial Security Torino
3/37
Security Tutorial - n 3Torino, 5-6/12/02
Security Needs
Authentication establish the identity of an entity (user, process, host, service, ...)
Confidentiality
a third party cannot understand the communication
Integrity data is not modified during communication
Non-repudiation
the sender cannot claim he didnt send the data
Authorization establish the rights of the entity
8/4/2019 EDG Tutorial Security Torino
4/37
Security Tutorial - n 4Torino, 5-6/12/02
Cryptography
Mathematical tool that provides some important building blocks for the
implementation of a security infrastructure Terminology
Plaintext: M
Cyphertext: C
Encryption with key K1 : E K1(M)=C
Decryption with key K2 : D K2(C)=M
Algorithms
Symmetric: K1 = K2
Public Key (asymmetric): K1 K2
K2K1
Encryption DecryptionM C M
8/4/2019 EDG Tutorial Security Torino
5/37
Security Tutorial - n 5Torino, 5-6/12/02
Symmetric Algoritms
The same key is used forencryption and decryption
fast
how to distribute the keys?
the number of keys is O(n2)
Examples:
DES
3DES
Rijndael (AES)
Blowfish
A B
ciao 3$r ciao
A B
ciao 3$r ciao3$r
3$r
8/4/2019 EDG Tutorial Security Torino
6/37
Security Tutorial - n 6Torino, 5-6/12/02
Public Key Algorithms
Every user has two keys: oneprivate and one public: it is practically impossible to
derive the private key fromthe public one;
a message encrypted by onekey can be decripted only bythe other one.
No exchange of secrets isnecessary
the sender cyphers using thepublic key of the receiver;
the receiver decripts using hisprivate key;
the number of keys is O(n).
Examples: Diffie-Helmann (1977)
RSA (1978)
Bs keys
public private
As keys
public private
A B
ciao 3$r ciao
A B
ciao cy7 ciao
3$r
cy7
8/4/2019 EDG Tutorial Security Torino
7/37
Security Tutorial - n 7Torino, 5-6/12/02
One-Way Hash Functions
Functions (H) that given as input a variable-length message(M) produce as output a string of fixed length (h)
the length of hmust be at least 128 bits (to avoid birthdayattacks)
1. given M, it must be easy to calculate H(M) = h
2. given h, it must be difficult to calculateM = H-1(h)
3. given M, it must be difficult to find Msuch that H(M) = H(M)
Examples:
SNEFRU: hash of 128 or 256 bits;
MD4/MD5: hash of 128 bits;
SHA (Standard FIPS): hash of 160 bits.
8/4/2019 EDG Tutorial Security Torino
8/37
Security Tutorial - n 8Torino, 5-6/12/02
Digital Signature
A calculates the hash of themessage and he encrypts it usinghis private key: the encryptedhash is the digital signature.
A sends the signed message toB.
B calculates the hash of themessage and verifies it with theone received by A anddecyphered with As pubblic key.
If the thwo hashes are equal,the message wasnt modified andA cannot repudiate it.
As keys
public private
B
hash (B)
hash (A)
= ?
ciao
A
ciao ciaohash (A)
8/4/2019 EDG Tutorial Security Torino
9/37
Security Tutorial - n 9Torino, 5-6/12/02
Digital Certificates
As digital signature is safe if:1. As private key is not compromised
2. B knows As public key
How can B be sure that As public key is really As public keyand not someone elses?
A third party guarantees the correspondence between public keyand owners identity, by signing a document which contains theowners identity and his public key (Digital Certificate)
Both A and B must trust this third party
Two models:
X.509: hierarchical organization;
PGP: web of trust.
8/4/2019 EDG Tutorial Security Torino
10/37
Security Tutorial - n 10Torino, 5-6/12/02
PGP web of trust
A
B
C
D
E
F
F knows D and E, who knows A and C, who knows A and B.
F is reasonably sure that the key from A is really from A.
8/4/2019 EDG Tutorial Security Torino
11/37
Security Tutorial - n 11Torino, 5-6/12/02
X.509 Certificates
The third party is called Certification Authority (CA). An X.509 Certificate contains:
identity of the owner;
time of validity;
owners public key; info on the Certification Authority;
digital signature of the Certification Authority.
Certificates are published in a directory (e.g. LDAP or WWW)managed by the CA
CAs periodically publish a list of compromised certificates
Certificate Revocation Lists (CRL)
Online Certificate Status Protocol (OCSP).
8/4/2019 EDG Tutorial Security Torino
12/37
Security Tutorial - n 12Torino, 5-6/12/02
Certificate Chains
Per: INFN CA
Firma: INFN CA
Per: Verisign
Firma: Verisign
Per: AltraCA
Firma: Verisign
Per:Leo
Firma:AltraCA
Per:Silvia
Firma:AltraCA
Per:Carlo
Firma:INFNCA
CAs have their owncertificates, too.
ACA can guarantee forother CAs by signing theircertificates
At the top there is a self-signed certificate (rootcertificate).
CA certificate are widelypublicized and so difficult to
forge.
8/4/2019 EDG Tutorial Security Torino
13/37
8/4/2019 EDG Tutorial Security Torino
14/37
Security Tutorial - n 14Torino, 5-6/12/02
Grid Security Infrastructure (GSI)
Based on an X.509 PKI: every user/host/service has an X.509 certificate;
certificates are signed by trusted (by the local sites) CAs;
every Grid transaction is mutually authenticated:1. user sends his certificate;
2. other end sends user a challenge string;3. user encodes the challenge string with his private key;
4. the public key is used to decode the challenge.
Private keys must be stored only in protected places, and only inencrypted form.
8/4/2019 EDG Tutorial Security Torino
15/37
Security Tutorial - n 15Torino, 5-6/12/02
X.509 Proxy Certificate
A Proxy is a special type of X.509 certificate, signed by thenormal end entity cert (or by another proxy).
It allows process to act on behalf of user, supporting singlesign-on and delegation
if there is a need to have agents requesting services on behalf of
the user, avoids the need to re-enter the user's pass phrase the Subject of the proxy contains the Subject of the signing cert
It reduces exposure of users private key
It is created by the grid-proxy-init command
The private key of the Proxy is not encrypted: stored in local file protected by file system security: must be
readable only by the owner;
proxy lifetime is short (typically 12 h) to minimize security risks.
8/4/2019 EDG Tutorial Security Torino
16/37
Security Tutorial - n 16Torino, 5-6/12/02
Delegation
Proxy creation can be recursive each time a new private key and new X.509 proxy certificate, signed by the
original key
Allows remote process to act on behalf of the user
Avoids sending passwords or private keys across the network
The proxy may be a Restricted Proxy: a proxy with a reduced set ofprivileges (e.g. cannot submit jobs).
8/4/2019 EDG Tutorial Security Torino
17/37
Security Tutorial - n 17Torino, 5-6/12/02
Site A(Kerberos)
Site B(Unix)
GSI interface GSI interface
Remote processcreation requests*
* with mutual authentication
Site C(Kerberos)
User
Single sign-on
& generation of proxy cred. User ProxyProxy
credential
Storagesystem
Communication*
GSI-enabledFTP server
AuthorizeMap to local idAccess file
Remote file
access request*
Process
Kerberosticket
Restrictedproxy
Process
Restricted
proxy
Local id
Local id
Authorize
Map to local idCreate processGenerate credentials
Authorize
Map to local idCreate process
Generate credentials
Job Executionfrom The Globus Toolkit:
Security Services,http://www.globus.org/
Or: retrieval of proxy cred.from online repository
8/4/2019 EDG Tutorial Security Torino
18/37
8/4/2019 EDG Tutorial Security Torino
19/37
Security Tutorial - n 19Torino, 5-6/12/02
EDG AA Overview
User requests a certificate from his CA [yearly] User registers himself in the EDG LDAP-VO [once]
User generates a proxy certificate (short lifetime) [daily]
Host/service requests a certificate [yearly]
Local site retrieves the trusted CAs certificates [periodically]and their CRLs [daily]
Local site generates a gridmap-file from the LDAP databasefor authorization and mapping [daily]
User contacts a service: they exchange their certificates toauthenticate each other; the service bases its authorizationdecision on the gridmap-file
8/4/2019 EDG Tutorial Security Torino
20/37
Security Tutorial - n 20Torino, 5-6/12/02
Requesting a certificate (batch)
grid-cert-requestA certificate request and private key is being created.[...]Using configuration from /usr/local/grid/globus/etc/globus-
user-ssleay.confGenerating a 1024 bit RSA private key
[...]
A private key and a certificate request has been generated
with the subject:/O=Grid/O=CERN/OU=cern.ch/CN=Akos Frohner[...]
Your private key is stored in .../.globus/userkey.pemYour request is stored in .../.globus/usercert_request.pemPlease e-mail the certificate request to the CERN CA
cat .../.gl
obus
/usercert_request.pem | mail [email protected]
Your certificate will be mailed to you within two working days.
8/4/2019 EDG Tutorial Security Torino
21/37
Security Tutorial - n 21Torino, 5-6/12/02
Requesting a certificate (online)
Online procedure: donwload your CA certificate;
fill the online request form;
wait for the identity check by the CA;
download the certificate.
Protect the certificate.
Export the certificate and make a backup copy.
8/4/2019 EDG Tutorial Security Torino
22/37
Security Tutorial - n 22Torino, 5-6/12/02
Download the INFN CA cert 1/2
http://security.fi.infn.it/CA/
Click on CertificatoINFN CA
ignore warning messages
about connecting to anunknow site...
Click on ScaricaCertificato
8/4/2019 EDG Tutorial Security Torino
23/37
Security Tutorial - n 23Torino, 5-6/12/02
Download the INFN CA cert 2/2
Netscape: select all the three
options
Explorer:
save with extension .der
double-click on the filename and click onInstalla certificato
choose the defaultanswer in all the followingquestions
Verify that thecertificate is among theroot certificates
8/4/2019 EDG Tutorial Security Torino
24/37
Security Tutorial - n 24Torino, 5-6/12/02
Fill the online request form
http://security.fi.infn.it/CA/
Click on Richiesta certificati
Fill the details of the owner:
Nome sezione;
Nome e Cognome;
E-mail, it must be the officialone,[email protected].
Click on Sottometti Richiesta.
After the identity checks, youllreceive an e-mail with theinstructions for the download.
8/4/2019 EDG Tutorial Security Torino
25/37
Security Tutorial - n 25Torino, 5-6/12/02
Download the certificate
Open the URL in themail from INFN-CAwith the same browserused to submit therequest
Verify that thecertificate appears inthe browser DB
8/4/2019 EDG Tutorial Security Torino
26/37
Security Tutorial - n 26Torino, 5-6/12/02
Protect the certificate
Your certificate must bepassword protected to
avoid unauthorized use
8/4/2019 EDG Tutorial Security Torino
27/37
8/4/2019 EDG Tutorial Security Torino
28/37
Security Tutorial - n 28Torino, 5-6/12/02
Registration
Users must accept the EDG usageguidelines and be registered in anEDG VO
If you dont have your certificatein a browser:
convert the certificate
openssl pkcs12 export \in ~/.globus/usercert.pem \inkey ~/.globus/userkey.pem \out user.p12 name M. Rossi
import your certificate in your browser
Sign the usage guidelines
open the following URLand click on Accept:https://marianne.in2p3.fr/cgi-bin/datagrid/register/account.pl
Ask an account from your VOadministrator.
8/4/2019 EDG Tutorial Security Torino
29/37
Security Tutorial - n 29Torino, 5-6/12/02
Starting a grid session
login:grid-proxy-initYour identity:/C=IT/O=INFN/CN=M.Rossi/[email protected] GRID pass phrase for this identity: *********Creating proxy ........................................DoneYour proxy is valid until Fri Nov 29 02:44:51 2002
the proxy is stored in /tmp/x509up_uxxx
You can now use use the grid services.
logout:grid-proxy-destroy
8/4/2019 EDG Tutorial Security Torino
30/37
Security Tutorial - n 30Torino, 5-6/12/02
Proxy certificate structure
openssl
x509-te
xt -n
oout -in
/tmp
/x509up_u
504Data:Version: 3 (0x2)Serial Number: 981 (0x3d5)Signature Algorithm: md5WithRSAEncryptionIssuer: C=IT,O=INFN,CN=M.Rossi/[email protected]
Validity
Not Before: Nov 28 14:14:57 2002 GMTNot After : Nov 29 02:19:57 2002 GMTSubject: C=IT,O=INFN,CN=M.Rossi/[email protected],CN=proxySubject Public Key Info:Public Key Algorithm: rsaEncryptionRSA Public Key: (512 bit)
Modulus (512 bit):......................................
Exponent: 65537 (0x10001)Signature Algorithm: md5WithRSAEncryption
......................................
8/4/2019 EDG Tutorial Security Torino
31/37
Security Tutorial - n 31Torino, 5-6/12/02
Authorization: the present Based on VO LDAP servers
Each VO manages an LDAP Directory
Only groups provided, no roles
Secure web interface for EDG AUP signing
Mapping X509 credentials user at local site
Each site periodically generates (mkgridmap) a grid-mapfile(mapping DN username).
Dynamic mapping available (gridmapdir).
Mapping customizable by the local site managers.
8/4/2019 EDG Tutorial Security Torino
32/37
Security Tutorial - n 32Torino, 5-6/12/02
grid-mapfile generationo=testbed,dc=eu-datagrid,dc=org
CN=
Franz Elmer
ou=People
CN=John Smith
mkgridmap grid-mapfile
VOVO
DirectoryDirectoryAuthorizationAuthorization
DirectoryDirectory
CN=Mario Rossi
o=xyz,dc=eu-datagrid,
dc=org
CN=Franz ElmerCN=John Smith
AuthenticationCertificate
AuthenticationCertificate
AuthenticationCertificate
ou=People ou=Testbed1 ou=???
localusers ban list
8/4/2019 EDG Tutorial Security Torino
33/37
Security Tutorial - n 33Torino, 5-6/12/02
Authorization: the future
Virtual OrganizationM
embership Service (VOMS)
Grants authorization data to users at VO level
Each VO has its own VOMS
Local Centre Authorization Service (LCAS)
Handles authorization requests to local fabric
Local Credential Mapping Service (LCMAPS)
Provides local credentials needed for jobs in fabric
Grid ACL (GACL) library
Provides DN based ACLs
8/4/2019 EDG Tutorial Security Torino
34/37
Security Tutorial - n 34Torino, 5-6/12/02
VOMS Operations
Authentication
Request
AuthDB
C=IT/O=INFN/L=CNAF
/CN=Pinco Palla
/CN=proxy
Users
attribute
s
Users
attributes
1. Mutual authentication Client-Server
2. Client sends request to Server
3. Server checks correctness ofrequest
4. Server sends back the requiredinfo, signed by itself
5. Client repeats process forother VOMSs
6. Client creates a proxycertificate containing all theinfo received into a (noncritical) extension
8/4/2019 EDG Tutorial Security Torino
35/37
8/4/2019 EDG Tutorial Security Torino
36/37
Security Tutorial - n 36Torino, 5-6/12/02
EDG gatekeeper
TLS auth
LCAS (so)
assist_gridmap
Jobmanager-*
Gatekeeper
TLS auth
LCAS client
apply creds*
Jobmanager-*
GatekeeperLCAS
ACL
timeslot
gridmap
config
LCMAPS clntLCMAPS
role2uid
role2afs
config
* Andstorein jobrepository
IdYes/no
Id
credlist
NOW EDG1.4,EDG2.x
By Martijn Steenbakkers (EDG WP4)
8/4/2019 EDG Tutorial Security Torino
37/37
Security Tutorial - n 37Torino, 5-6/12/02
Further Information
Grid EDG CAs: http://marianne.in2p3.fr/datagrid/ca
EDG Security Requirements: http://edms.cern.ch/document/340234
GGF Security Area: http://www.gridforum.org/security/
Grid Security Infrastructure (GSI): http://www.globus.org/security/Background
Bruce Schneier,Applied Cryptography: Protocols, Algorithms andSource Code in C, John Wiley & Sons.
Generic Security Services Application Programming Interface(GSSAPI): http://www.faqs.org/faqs/kerberos-faq/general/section-84.html
S. Tuecke et al., Internet X.509 Public Key Infrastructure ProxyCertificate Profile, draft-ietf-pkix-proxy-03.