Chapter 8: Security
Total Page:16
File Type:pdf, Size:1020Kb
CHAPTER 8: SECURITY
CHAPTER OUTLINE
Basic Concepts Cryptography Authentication Authorization Security Management
Basic Concepts
Security: secrecy (confidentiality, privacy), integrity, availability – intentional intrusion Reliability: system hardening, fault-tolerance – unintentional faults Dependability: Security + Reliability Threat and Defense: Authentication, Authorization, Auditing Models, Policies, Mechanisms Least privilege Trusted Computing Base (TCB)
Cryptography
Private-key (symmetric) systems
P = DK(EK(P)), message confidentiality
Public algorithms, private (secret) key One-to-one injective mapping and one-way function Uniqueness: different messages same key, same message different keys DES: 64-bit block cipher, 56-bit key, 16-stage transpositions and substitutions Cipher block chaining AES Key distribution Hash functions h = H(m), message integrity
One-way digest function Weak and strong collision resistance Message digest algorithm MD5: 512-bit block, 128-bit digest Digital signature
Public-key (asymmetric) systems
P = DKD(EKE(P)), message confidentiality and user authenticity
Public algorithms, private (secret) and public key pair One-to-one, one-way, invertible Can’t infer one key from the other
RSA: P= DKD(EKE(P)) = DKE(EKD(P)): P= DKs(EKp(P)) = DKp(EKs(P)) Relying on computational difficulty of factoring two large prime numbers E: C = MKp mod N, D: M = CKs mod N 100 to 1000 times slower than DES, used for critical information such as keys
Example: Privacy Enhanced Mail (PEM)
DEK: Data Encryption Key, one-shot symmetric secret key for encrypting mail message IK: Interchange Key with a public (IKp) and private (IKs) key pair MIC: Message Integrity Check, finger print of the mail message A sends a PEM to B
EBIKp (DEK) EDEK (M) EAIKs (MIC) RSA DES MD5
Example: Secure RPC (www.cise.ufl.edu/~chow/sl4.pdf) Authentication Users or principles
Authentication based on a shared secret key
Figures 8-12 and 8-13 Reflection attack Complexity in key distribution
Authentication using a key distribution center
Figure 8-15 Needham-Schroeder protocol, Figure 8-17 Replay attack Use of nonce for freshness and challenge
Authentication using public-key cryptography
Figure 8-19 No KDC Need to authenticate public keys
Message authentication
Confidentiality, integrity, plus non-repudiation Use public-key system Use message digest to reduce overhead Use session key to avoid wear and tear
Secret Sharing
Multiple digital signature Information dispersal and threshold schemes Authorization
Discretionary access control Mandatory access control
Discretionary access control
Subject, object, privilege Access control matrix Reference monitor Sparse ACM Organize in lists, by column, per object: ACL Organize in lists, by row, per subject: CL Grouping of subjects with same privileges: groups or roles Grouping of objects with same privileges: categories Propagation (copy or transfer) of privileges: proxy Review of access rights Access revocation
Mandatory access control
System-wide enforcement Flow model – lattice, reflexive/transitive/antisymmetric Multi-level security model – hierarchical security-level, non-hierarchical security category
Complex access control policies
Firewall
Ingress/outgress filtering Packet/application level filtering
Secure mobile code
Protecting mobile agent against malicious hosts – secrecy (code/data/state), integrity (read-only state, append-only logs, selective revealing), availability (routing) Protecting hosts against malicious agents – sandbox (class loader, byte code verification, security manager), playground (code-signing, access local references) Protecting agents against other hostile agents – subsumed by the above
Security Management
Key Management
Trusted KDC Diffie-Hellman exponential key exchange – secure RPC and SSL Key distribution using public-key certificates – chained/hierarchical certification authorities (CA) Key assignment Key escrow
Secure Group Management
Group communication – shared symmetric-key (CKG) and asymmetric-key, adding a new member, Figure 8-33 How about deleting a member? Previous/residual messages ?
Authorization Management
Capabilities vs access control lists Amoeba’s capability Attributed certificates Delegation or Proxy – single-level (Figure 8-37), chained