Lecture 12, 20-771: Computer Security, Fall 2002 1 20-771: Computer Security Lecture 12: Windows -...

Lecture 12, 20-771: Computer Security, Fall 2002 1

20-771: Computer SecurityLecture 12: Windows - Login

Robert Thibadeau

School of Computer Science

Carnegie Mellon University

Institute for eCommerce, Fall 2002


Today’s lecture

• Windows 2000 Access II• File Encryption/Decryption

• Go to http://rack4.ulib.org/certsrv and get an email certificate. Send it to two people in the class to establish encrypted and signed email. One exam question:

• What did you have to do to get encrypted email to work with a few of your classmates?


This Week

• Read WS 12,13

More Windows SecurityPassword Week


Windows C-2 Security ModelIt must be possible to control access to a resource by

granting or denying access to individual users or named groups of users.

Memory must be protected so that its contents cannot be read after a process frees it. Similarly, a secure file system, such as NTFS, must protect deleted files from being read.

Users must identify themselves in a unique manner, such as by password, when they log on. All auditable actions must identify the user performing the action.

System administrators must be able to audit security-related events. However, access to the security-related events audit data must be limited to authorized administrators.

The system must be protected from external interference or tampering, such as modification of the running system or of system files stored on disk.


Windows 2000 IPAAA ModelWin 2000 SecurityWin 2000 Security

Files & Files & Other ObjectsOther Objects

Web SiteWeb SiteIIS – IE5IIS – IE5

ServicesServicesSome-other-time..Some-other-time..

YOU!YOU!

usernameusername

passwordpassword

certificatecertificate

kerberoskerberos

Active Directory Active Directory DACLs for DACLs for

AuthorizationAuthorization

Other MachinesOther Machines

Certs for Certs for AuthenticationAuthentication

Active DirectoryActive DirectorySACLs for AuditSACLs for Audit

Secure NetworkSecure NetworkPrivacy SSL & IPSecPrivacy SSL & IPSec

A UserA UserUser/groupsUser/groupsRights-e.g., Rights-e.g., delegationdelegation

Web VisitorWeb Visitor

Internal Privacy : File Internal Privacy : File EncryptionEncryption

Certs for Certs for IntegrityIntegrity


Administrator CERT /Public Key M

One DESX Key, Many Certs

Symmetric/Private/DESX/Encrypt/Decrypt Key A

UserQ CERT /Public Key Q


UserR CERT /Public Key R


Some can be certs in Data Decryption Field or Data Recover Field

FILE OR DIRECTORY


File Encryption / Recovery Certificate

• The symmetric encrypting key is encrypted using the public key derived from your EFS certificate.

• The resulting encrypted data, along with your display name and a hash of the certificate, is stored in a named stream in the file that contains EFS metadata.

• When EFS decrypts a file, it uses your private key to decrypt the symmetric encrypting key. EFS then uses the symmetric key to decrypt the data.


Cipher utility

• Why would you want to encrypt an encrypted file? Try being administrator and user.

• Data Decryption Field (certs), and Data Recovery Field (certs)

• Encrypt a file as a user, and see if you can decrypt it as somebody else (who is the default recovery manager).

• Note: efsrecvr.exe as the Encrypted File System RECoVeR program you can use. You can also do this by right clicking and the security properties, owner.


Cert (X.509) EFS Solution

• Many certs can hide the SAME private/ symmetric/ session FEK (file encryption/decryption key) for a file.

• These certs are SPECIAL FILE ENCRYPTION CERTS (using the user’s private/public key)

• http://support.microsoft.com/support/kb/articles/Q273/8/56.ASP

• The file can have several depending on the CERT which is user – Data Decryption Field

• The file can have several recovery agents can have several depending on the CERT which is the recovery agent user.


Exam: What is a security association?


IPSec Classic Network Attacks

• Snooping

• Spoofing (TCP sequence numbers)

• Password Compromise

• Denial of Service Attacks (DoS)– TCP SYN : open tons of TCP connections

– SMURF : drown with ping

– Teardrop : fragmentation reassembly

– Ping of Death : fake fragmentation parameters

• Man-in-the-middle Attacks

• Application-Level Attacks

• Key Compromise


IPSec is End to EndIPAxx

• Client – to – Client– Transport Mode

– One Authenticates but doesn’t encrypt

– One Authenticates and Encrypts

• Gateway – to – Gateway– Tunnel Mode (client to client is encapsulated)

– Authenticates, Encrypts, and also hides source and destination!


IPSec Detail

• Authentication Header (AH)

• Encapsulating Security Protocol (ESP)

• Orig IP Header + AH + TCP + DATA (transport mode)– Authenticates whole packet

• Orig IP Header + ESP Header + TCP + DATA + ESP Trailer + ESP Authentication (transport mode)

– Authenticates whole ESP but not IP Header

– Encrypts TCP-Trailer

• New IP Header + ESP Header + Orig IP Header + TCP + DATA + ESP Trailer + ESP Authentication

– Authenticates whole ESP but not IP Header

– Encrypts Original IP header to ESP Trailer


Denial of Service Protection

• A counter … (ignore repeats)


Business of Security

• Guarding what’s Yours

• Sustainable Business Models

– Product

– Service

• Technology

• Policy


Online Shopping Is The Key Appeal

Very appealing function of new PC security technology

Fairly appealing function

66%

63%

54%

26%

26%

Securely shop online

Securely store PINs

Share info w/friends

Secure chat groups

Pay-per-use services


Consumers Are Willing To Pay Fair Price For A Trusted PC

Definitely interested in adding security technology to new computer

Probably interested in adding security technology

84%

71%

57%

49%

34%

$25

$50

$75

$100

$200

If it costs:


Windows Authorization


Features of Win 2000

• Multiple methods of authenticating internal and external users

• Protection of files through easy to use encryption• Protection across network through transparent

encryption• Per-property access control for objects (many more

detailed uses than read, write, and execute)• Smart card support for authentication and hiding

private keys• Transitive trust relationships between domains• Public Key Infrastructure (PKI – Certs handled

transparently).• Code itself is routinely authenticated as to its source

using PKI.


Windows Authentication

• One, Two, Three Factor Authentication

1.What you know (Password)

2.What you have (Token)

3.Who you are (Biometric)


“PASSWORD CONTROL WEEK”

Kerberos

• Why Kerberos?• How does Kerberos work

• what interdomain “trust” means


Windows 2000 IPAAA ModelWin 2000 SecurityWin 2000 Security

Files & Files & Other ObjectsOther Objects

Web SiteWeb SiteIIS – IE5IIS – IE5

ServicesServicesSome-other-time..Some-other-time..

YOU!YOU!

usernameusername

passwordpassword

certificatecertificate

kerberoskerberos

Active Directory Active Directory DACLs for DACLs for

AuthorizationAuthorization

Other MachinesOther Machines

Certs for Certs for AuthenticationAuthentication

Active DirectoryActive DirectorySACLs for AuditSACLs for Audit

Secure NetworkSecure NetworkPrivacy SSL & IPSecPrivacy SSL & IPSec

A UserA UserUser/groupsUser/groupsRights-e.g., Rights-e.g., delegationdelegation

Web VisitorWeb Visitor

Internal Privacy : File Internal Privacy : File EncryptionEncryption

Certs for Certs for IntegrityIntegrity


Authentication Methods

• Dialup (see MSDN for detail)– Distributed Password Authentication (DPA)

– Extensible Authentication Protocol (EAP) (RFC 2284, PPP)

– Secure Channel (Schannel) X.509

» SSL, TLS

• Network– Windows NT LAN Manager (NTLM)

» Windows “Challenge Response”

– Just didn’t work LAN/WAN-wise

» Standalone Professional/Server 2000

– Kerberos v5 (MIT, Athena Project)


W2000 Security Services

Domain Logon/Kerberos

Computer

Cert Services Computer

Active Directory

Client Computer

Domain Admin/ServerComputer

Security Management


Weak Link in Authentication

UsernamePassword

AuthenticationAgent

Resource Access

YOU

Obtains

Securely Obtains

Type In

Securely Delivers

Assigns

Password Attacker

Sniffer

KERBEROS


WS 10. Web (HTTP) Access ControlSafe/Dangerous?

UsernamePassword

AuthenticationAgent

Resource Access

YOU

Obtains

Securely Obtains

Type In

Securely Obtains

Securely Delivers

Assigns

Password Attacker

Sniffer

KERBEROS

SSL

SSL


W2000 Security Services

Domain Logon/Kerberos

Computer

Cert Services Computer

Active Directory

Client Computer

Domain Admin/ServerComputer

Security Management

HTTP Computer


Why Kerberos (W2000)

• Standard includes Unix (NTLM is proprietary)– RFC 1510, 1964

• Authentication is by credentials (doesn’t require consulting the resource)

• Authenticates both Kerberos (permission) server and user client

• Basis for Transitive Trust Relationships (via a shared interrealm – interdomain – key)

• Kerberos was not RSA, now it is…to solve password problem with Smart Cards – we’ll deal with the basic Kerberos model – RSA enhancements are pretty obvious


Why Kerberos (Kerberos)

• Rely on each login session to assure identity of user and rely on each resource (ACLs) to grant access.

– Problem: user may gain access to workstation and pretend to be somebody else

– May alter IP address to look like somebody

– May eavesdrop and use replay

• Require user to prove identity for each service invoked and require servers to prove identity to clients. KERBEROS


Kerberos Crypto

• Private (symmetric) Key -> DES

• Authentication– Uses time stamp and shared secret

» Avoids replay attack (nonce also used)

» Man in the middle a problem

– Means if your machine has the wrong time, authentication doesn’t work!

– Get “Atomtime” (MS should have done this!)


Kerberos Authenticator FieldAuthenticator Version 5

Client Realm/Domain Name

Client Name Name

Checksum CKS whole data

CUSEC Msec time

Client Time Client Time

Subkey Alternate Key (Private)

Sequence Number Opt. Number

Auth Data Auth Applications

Name of Field Contents


Kerberos is REALLY complicated!

• Uses DES, symmetric Private Keys : Not Public Key – makes things complicated!

– You have to hide the private keys– Every message needs an often different private key– A LOT of the complication has to do with trying to let you

login once while keeping you secure against replay.– TICKETS

• Requires separate secure distribution of common private keys

– For user: a username/password ARGH!– For services: physical distribution (OK)

• Possibly Best Detailed Treatment is Stallings “Cryptography and Network Security”

or Schneier “Applied Cryptography”


More Kerberos Jargon

• Kerberos Distribution Server (KDC)– Hides all secret keys!

• Principal – anybody/anything– Rht.user

– Rht.root

– Rht.ftp

• Realm (Domain)

• Long-term key, login session key (long term gets login session)


Other Realms/Domains

Server (e.g., ftp, local system)

Client Computer

Authentication Server (AS)

Ticket Granting Server (TGS)

1. User Logs on JUST USERNAME / request service on host

2. AS verifies user access rights /Creates TGT and Session Key, encrypts with user password

3. User password to decrypt /Sends ticket and authenticator

4. TGS decrypts ticket and authenticator /Create ticket for requested server

5. Send ticket and authenticator

6. Server verifies ticket and authenticator match/Server can return an authenticator for itself.

ONCE PER LOGON SESSION

ONCE PER TYPE OF SERVICE

ONCE PER SERVICE SESSION


Other Realms/Domains

Server (e.g., ftp, local system)

Client Computer

Authentication Server (AS)

Ticket Granting Server (TGS)

1. User Logs on JUST USERNAME / request service on host

2. AS verifies user access rights /Creates TGT and Session Key, encrypts with user password

3. User password to decrypt /Sends ticket and authenticator

4. TGS decrypts ticket and authenticator /Create ticket for requested server

5. Send ticket and authenticator

6. Server verifies ticket and authenticator match/Server can return an authenticator for itself.

Shared Secret is Password

Shared Secret in TGT

Shared Secret in Ticket

Shared Secret with Service

Shared Secret with other Realm


Kerberos Private DES Keys

• Username/password -> generates private key– Other Kerberos Principal Keys

• Server Authentication Keys

• Login Session Keys

• Shared Application Service Keys

• Ticket Granting Service Key

• Code has to know what kind of message it is getting to know what private key to use.


Kerberos Across Realm Authentication

• Across Domain

• Authenticates a Principal

• Shared “interrealm” key

• Steps1. User logs into realm 1

2. AS in realm 1 sends TGT to user

3. Requests of realm 1 TGS the session ticket in Realm 2

4. Realm 1 TGT sends client a “referral ticket”

5. User sends referral to TGS in Realm 2

6. Realm 2 TGS sends session ticket for server in Realm 2

7. Done!


What is “Trust”?

• You bring up the security panel on object.

• You allow someone read/write/modify/etc access to object.

• With trust you can allow someone/some-group in another DOMAIN to have access.

the SID is permitted in the object’s ACE/ACL

• End of story.

• At DOMAIN controller I can turn on or off trust relationships (availability to see the domains in the security settings) with other DOMAINS.

• …underneath is KERBEROS AND PKI!


Break!


Core Password Technology

• One way hash into a code (e.g., MD5, SHA, crypt)

– Hashes are good enough that nobody tries to crack them since it is probably not necessary

– Even administrator cannot read the password

– W2000 Permits decryptable passwords as an option!

• Use a match on the code to give access– Dictionary Attacks are the way to go!

– Administrator can get access independently

– Guess of password can get access independently

• Use a match on the code to authenticate you.– Guess of password can look like you


Password Length

• 1 character 4 0.1%

• 2 characters 5 0.2%








Password Guessing ReportType of Password

Size of Dictionary

Duplicates Eliminated

Search Size

# of Matches

Pct. of Total

Cost/Benefit Ratio*

User/account name** 130 - 130 368 2.70% 2.83Character sequences 866 0 866 22 0.20% 0.025Numbers 450 23 427 9 0.10% 0.021Chinese*** 398 6 392 56 0.40% 0.143Place names 665 37 628 82 0.60% 0.131Common names 2268 29 2239 548 4.00% 0.245Female names 4955 675 4280 161 1.20% 0.038Male names 3901 1035 2866 140 1.00% 0.049Uncommon names 5559 604 4955 130 0.90% 0.026Myths & legends 1357 111 1246 66 0.50% 0.053Shakespearean 650 177 473 11 0.10% 0.023Sports terms 247 9 238 32 0.20% 0.134Science fiction 772 81 691 59 0.40% 0.085Movies and actors 118 19 99 12 0.10% 0.121Cartoons 133 41 92 9 0.10% 0.098Famous people 509 219 290 55 0.40% 0.19Phrases and patterns 998 65 933 253 1.80% 0.271Surnames 160 127 33 9 0.10% 0.273Biology 59 1 58 1 0.00% 0.017/usr/dict/words 24474 4791 19683 1027 7.40% 0.052Machine names 12983 3965 9018 132 1.00% 0.015Mnemonics 14 0 14 2 0.00% 0.143King James bible 13062 5537 7525 83 0.60% 0.011Miscellaneous words 8146 4934 3212 54 0.40% 0.017Yiddish words 69 13 56 0 0.00% 0Asteroids 3459 1052 2407 19 0.10% 0.007Total 86280 23553 62727 3340 24.20% 0.053Passwords cracked from a sample set of 13,797 accountsDan Klein, SEI, 1992


Dan Klein Article

• http://www.klein.com/dvk/publications/passwd.pdf

• http://yuan.ecom.cmu.edu/security02/passwordsactual.htm


www.authenticator.com

• Shows Good Passwords

• Random Generation

• Password Changing Regimens

• Problems– Impossible to remember

• Best Login– Amazon : email and password

– Problem : easy to impersonate


Methods to keep track of passwords

• anagrams “the flock of 7 geese flew 3 miles” tfo7Gf3m”

• cycles : if it was, then now it should be …

• download software that does password management – some examples

– http://www.ijen.net/passman.htm

– http://www.execpc.com/~sbd/PassKeep.html

– http://www.keyscreen.com/KeyScreen(s)4/passpls.htm

– http://www.m-tech.ab.ca/index.html


Win 2000

• Remote administration is very strong

• If you an crack it (using older versions of Windows, Unix, Macs on the Network), you may gain access to the strong system

• Result, you can suck the blood out without getting caught (e.g., you can completely encrypt data on the disk that only you can see!).

• Problem: Passwords can be guessed

• Problem: In RAM things are NOT PROTECTED! This is for Windows 2004.


WS 9. Configuring Win NT Web Server

• Know how to set one up (what to expect from IIS)

• Windows 2000 is IIS 5

• Security Scanner http://security1.norton.com


IIS

• Microsoft Internet Information Server– Like Apache and all others Has Own Layer of

Authorization and Authentication– Apache is completely separate (see .htaccess)– IIS is/can be completely integrated into the Domain

» Including trust among domains

• Front Page– Yet another access/authorization layer permitting

authoring but no other access in domain– Careful! FP uses “.htaccess” type files peppered around

the active directory giving FP access (not integrated into the ACLS!)

– DO NOT APPLY GLOBAL ACCESS CHANGES ON FP DIRECTORIES WITHOUT USING FP! (You may need a special FP administration tool to re-set all the access controls).


IIS

• Standard HTTP Server– Can basically behave exactly like one that utilizes all the

features of HTTP and related protocols (e.g., SSL, CGI, virtual hosting).

– Very easy to manage (right click and look).

– Since users/groups in and between domains are the same as in Active Directory, use “security” (not sharing) to set up Web Access.

– Creating the user “WebServer” for the web server (p. 230 Stein) is probably still good. Note this is the creator-owner of the server and has to have local login rights.


Access RightsGroup Admin

ToolsLogs Scripts Documents

Web Masters R R RW RW

Web Developers - - RW RW

Web Authors - - R RW

Guests - - R R

Don’t make yourself a web author and web master – you’ll wind up being a web author!


Web Access Control

• Basic Access– Response to 401– Send Base64 MIME plaintext username and password!– This is in the clear unless SSL protected!

• Digest Authentication– Server sends “nonce”– Client Send MD5 password

» Put digest, url, nonce inside digest to give integrity– Server checks hashed password, not the plaintext

password– Replay attack fails (except for the page in question).

• NT Challenge-Response (same as NTLM)• IE 5.0 and IIS5 incorporate good security

together.


WS 10. Web Access Control

• Apache has a separate user/group system layered on top on Unix.

• IIS uses the user/group access system built into the MS Windows OS.

• Principles of these systems are largely universal. Always do a security check out to “tighten down” access as much as possible

– Lincoln Stein is right : define special, highly limited, groups if you expose parts of your machine to the Internet.


Smart Card• ISO 7816

– Not OK for software/reader/writer interface

• PC/SC Workgroup– www.pcworkgroup.com

– www.microsoft.com/security/tech/smartcards ->

– http://www.microsoft.com/technet/security/smcdtech.asp

• Dumb and Smart– Dumb : Just store info (deprecated)

» Useful in facility security but can be counterfeited easily

– Smart (ICC): have a processor, can hide a private key,

» These can act as full crypto service providers

» Very very hard to counterfeit (if actually possible)


ICC Smart Cards

• Really secure!

• Two Factor Authentication

• Both a password (PIN) and an RSA Key– Three password tries and you are out

– Administrator

» Three password tries and he is out

– Six Tries and you have a dead card

• Even a “smart card reader sniffer” can’t sniff the private key operation

• BUT IT CAN SNIFF THE PASSWORD (PIN)!!!

• Sniff the guy, steal his card. You’re In.

• Phoenix Technologies : Device Responsibility to Guard Keyboard Sniffers


Typical Smart Card Operation

Smart Card

System Gets Public Key From Its StoreOr Smart Card Store

System Generates Nonce/Challenge For Smart Card

Smart Card Demonstrates it Knows Secret Private Key by Encrypting Nonce

System Uses Public Key to Prove Smart Card is Who it Says it is.

Smart Card Waits to Hear it’s PIN to Start Talking

System

Smart Card can Manufacture Certs for System as Requested


Windows Core Security


Encryption and Cert Based Access Control

• Cert is basically

1. Housekeeping: Some plain text about the version of X.509, the cryptosuites being used, and a certificate number

2. Some plain text information about the owner

3. A plain text date to start and and date to expire

4. A plain text public key which is the owners public key

5. Some extra plain text … whatever you want1. Different certificate types define different fields here

6. A signed hash of the above stuff


Cert 101

• The Cert is not encrypted but is encoded (the only thing that is “encrypted” is the hash – This is technically called “signed”)

• The signed hash can be– Self signed – the public key will immediately open the

hash allowing you to verify the text is right.

– CA signed – a CA public key (and possibly your public key in succession) will open it. This verifies that you are you and the CA verifies you are you.


Certificate Formats

• PKCS10 : Format for a requestor : this is what we have shown you.

• PKCS7 : Format for a signed certificate

• PKCS is at www.rsa.com/rsalabs/pkcs


PKCS-7 Signing

1. For each signer, a message digest is computed on the content (H(M1))

2. For each signer, the message digest and associated information are encrypted with the signers private key (E(H(M1)+M2).

3. For each signer, the encrypted message digest and other signer-specific information are turned into a certificate (C(E(H(M1)+M2)+M3).

4. All the certificates are rolled up into a “Signed Data” sequence:1. Info + certificates + certificaterevocations2. A<<B>>B<<C>>C<<D>> 3. Public Key A (from CA) gives you your public key D.


EFS (Encrypted File System)

• A PKCS-7 can have info that can be used to send a message to a user agent to verify that he left the certificate.

• It can hide a symmetric key encrypted with the public key of the user.


Minor Technicalities

• It isn’t all X.509v3 (but, really, it is)

• The use of the certificate defines the content. Any issuing authority can issue different kinds of certificates and these are not always compatible.

• However, the principle is universal– Sign the hash with your private key to prove it’s you.

– Distribute a public key

– You might encrypt the public key or other information as is the case with the successive unfolding of a sequence of certificates.

– X.509v3 allows for recursive signing but it isn’t used.


Using Certs

• I can prove you are you– Smart Cards are really strong!

– They don’t really need a CA!

» Register the smart card with the machine.

» It is absolutely unique and can’t be counterfeited!

• Other CA opportunities– What happened to Notaries???!!!!????

– Wouldn’t it be nice if you could walk down the hall and the exec secretary could be the legally recognized CA?

– Notaries are trained, etc.

• Alternate CA rules– Are there other ways to prove you are who you say you are.

– To prove this software or data is who it says it is

» A master server on the net that can automatically sign anything given to it.

» The date/time/name become the master object itself.


Using Certs 2 : Non-repudiable Agreements

• Certs (typically two) can represent an agreement.

• Here is the text of the agreement

• Here is the date and time of the agreement

• Here is your signed digest of the content.

• Here is my signed digest of the content.

• We both have copies.

• Now, you say you didn’t agree, but I bring out your signed certificate to prove you did.

• Now, I say I didn’t agree, but you bring out my signed certificate to prove that I did.

• The proof is irrefutable. I could not manufacture your certificate.


Using Certs 3 : Anonymizing

• A different use of certs.

• I won’t tell you who I am.

• I just give you a signed authorization to spend $200 or to log into the computer as John Smith.

• The signer guarantees or vouches for me.

• The X.509v3 lets you do this.


Privacy Services

Policy

LOG

Personal

Information

CONTROL

AUDIT PROCESS

CERTIFICATION

ENFORCEMENT

RECOURSE

AGENT INTERACTION

VALIDATION

NEGOTIATION

USAGE

INDIVIDUAL ACCESS


Anonymizing Smart Cards

• A smart card that can sign for an authority and also sign for an individual.

• This could be a recursive sign – This way the authority cannot be held responsible unless

he knows the person who put him at risk.

• Alternatively, a third party anonymizer that provides the anonymous certificate (this is a valuable web site…stopped before Sept 21, 2000 by RSA!).


Anonymous Smart Cards

• Anonymous Certs could provide special mailing information

– “Contact me at [email protected]”

– It could provide anonymous profiling

» “I am 50 years old. White. Worth X dollars”, send mail to me at [email protected], but you can’t find out who I really am.

» Microsoft Smart Cards, Inc., will attest to this.


Agents

• Converse side of CA

• You sign to give your agent rights

• The agent can now bind you


Certs on/from Objects

• EFS: – Prove the owner has the right. User object has to

decrypt the symmetric key that decrypts the object.

• Authenticode:– Prove the code is the code because the cert on it hashes

the code to prove it’s integrity and the hash is signed to prove that it came from who it is said to be from.

– You have to “trust Microsoft Corporation”

» This means that the certificate simply said “Microsoft Corporation, Inc.” but what if it had said “Microsoft Inc.” (of Zimbabwe, Africa)?


PKI works with two mechanisms

• Using the CA public key to unfold [the signing] to your public key (typically, the CA signs your PK cert).

– He vouches for you in a way that cannot be denied

– Key compromise

» Key revocation is a problem

• A file or resource has access granted by the demonstration that the requestor can privately encode that the resource can publicly decode (or that the resource can publicly encode that the requestor can privately decode).

– You can have MORE than one PK on a file or resource

– Example was revocation list

– User (not group) is a owner of a private/public key

– Can let Windows Base Crypto Services or Smart Card.

Date post:	19-Jan-2016
Category:	Documents
Upload:	britton-black
View:	213 times
Download:	1 times