Date post: | 04-Jan-2016 |
Category: |
Documents |
Upload: | janice-sherman |
View: | 216 times |
Download: | 0 times |
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 11
Security
Yih-Kuen Tsay
Dept. of Information Management
National Taiwan University
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 22
Introduction
• Security Needs– Secrecy, integrity, etc.– Arise from the desire to share resources
• Security Policies– Specify who are authorized to access what resources– Independent of the technology used
• Security Mechanisms– Enforce security policies
• Security Models– Help understand and analyze the above
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 33
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The Evolution of Security Needs
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 44
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Components of a Security Model
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 55
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The Enemy in Network Security
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 66
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Familiar Names in the Security Literature
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 77
Classes of Security Threats
• Leakage– Acquisition of information by unauthorized
parties
• Tampering (Modification)– Unauthorized alteration of information
• Vandalism– Interference with the proper operation without
gain to the perpetrator
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 88
Methods of Attack
• Eavesdropping– Release of message contents and traffic
analysis
• Masquerading• Message Tampering (Modification)
– Man-in-the-middle attack
• Replaying• Denial of Service• Mobile Code
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 99
Designing Secure Systems
• Use best standards available
• Informal analysis and checks
• Formal validation
• Security logs and auditing
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1010
Security Requirements
• Secrecy (Confidentiality)
• Data Integrity
• Authentication
• Non-repudiation
• Availability
• …
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1111
Source: W. Stallings, “Cryptography and Network Security”
The Secret-Key Encryption Model
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1212
Source: W. Stallings, “Cryptography and Network Security”
The Public-Key Encryption Model
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1313
Source: W. Stallings, “Cryptography and Network Security”
The Public-Key Authentication Model
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1414
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Notational Conventions
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1515
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Performance of Cryptographic Algorithms
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1616
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
A Scheme of Cipher Block Chaining
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1717
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
A Stream Cipher
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1818
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Digital Signatures with Secret Keys
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 1919
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Digital Signatures with Public Keys
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2020
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Alice’s Bank Account Certificate
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2121
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
A Public Key Certificate of Bob’s Bank
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2222
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The Needham-Schroeder Authentication Protocol
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2323
Kerberos
• Developed at MIT
• For protecting networked services
• Based on the Needham-Schroeder protocol
• Current version: Kerberos Version 5
• Source code available
• Also used in OSF DCE, Windows 2000, ...
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2424
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Kerberos Architecture
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2525Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The Kerberos Protocol
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2626
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
auth(C) contains C,t.
ticket(C,S) contains C,S,t1,t2,KCS.
The Kerberos Protocol (cont.)
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2727
The Secure Sockets Layer (SSL)
• Originated by Netscape, now a nonproprietary standard (SSLv3)
• Provides secure end-to-end communications
• Operates between TCP/IP (or any other reliable transport protocol) and the application
• Built into most browsers and servers
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2828
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The SSL Protocol Stack
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 2929
How SSL Works
• Sessions between a client and a server are established by the Handshake Protocol
• A session defines a set of security parameters, including peer certificate, cipher spec, and master secret
• Multiple connections can be established within a session, each defining further security parameters such as keys for encryption and authentication
• Security parameters dictate how application data are processed by the SSL Record Protocol into TCP segments
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3030
Security Functions of SSL
• Confidentiality: using one of DES, Triple DES, IDEA, RC2, RC4, …
• Integrity: using MAC with MD5 or SHA-1
• Authentication: using X.509v3 digital certificates
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3131Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The SSL Handshake Protocol
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3232
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
The SSL Record Protocol
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3333
Micropayments
• The price of some goods may be lower than the standard transaction fees
• Micropayments offer a way for selling small-value products and services
• Technology providers: eCharge (via phone bills), Qpass (monthly bills), Millicent (prepay electronic cash), ...
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3434
The Millicent Scrip Scheme
• Scrip is a form of digital cash valid only for a specific vender.
• Format:
• Scrip is generated and distributed by brokers.
IM NTUIM NTU
Distributed Information Systems Distributed Information Systems 20042004 SecuritySecurity -- -- 3535
Source: G. Coulouris et al., Distributed Systems: Concepts and Design, Third Edition.
Millicent Architecture