chapter 9 networking & distributed security (part b)

Chapter 9

Networking & Distributed Security (Part B)

csci5233 computer security & integrity (Chap. 9)

2

Outline

Overview of NetworkingOverview of Networking

ThreatsThreats

Wiretapping, impersonation, message Wiretapping, impersonation, message interruption/modification, DoSinterruption/modification, DoS

Controls

Encryption, authentication, distributed authentication, traffic control, integrity control

Email privacy: PEM, PGP

Firewalls

Multilevel networks


3

Network Security Controls: Encryptionso Host-level (link) encryption: Fig. 9-16, p.406

Link encryption occurs at layer 1 (physical) or layer 2 (data

link) in the OSI model.

Data is encrypted before the system places it on the

physical communication link.

Data is decrypted when entering the destination host.

+ Encryption is performed by efficient and reliable hardware.

+ Encryption is invisible to the OS and the application.

- Data are “in the clear” at the higher layers (layer 3 and

above).

- Data need to be decrypted by the intermediate hosts.

Q: How many intermediate hosts are there?


4

Network Security Controls: Encryptions Application-level (end-to-end) encryption: Fig. 9-18

Encryption is performed between the sending application

and the receiving application.

The encryption can be done by hardware device (between

the user and the host) or by software.

A message is transmitted in encrypted form throughout the

network. a secure virtual tunnel

+ No cleartext exposure in any host. Is this true?

+ No exposure in intermediate hosts.

- slower than link level encryption

- If symmetric keys are used, totally n * (n-1) / 2 keys are

needed between every n applications.


5

Network Security Controls: Encryptions Comparison of link and end-to-end encryption

Table 9-2: p.409

Link encryption End-to-end

+ invisible to user- all or none

+ efficient (hardware encryption)- only secure at levels 1 or 2

+ Less keys may be needed.

- user level encryption

+ flexibility- less efficient- end-to-end security- More keys are needed.

Any other encryption-based network controls?


6

VPN (Virtual Private Network) There are two common types of VPNs:

– Remote-Access • Also called a Virtual Private Dial-up Network (VPDN)• a user-to-LAN connection used by a company that has

employees who need to connect to the private network from various remote locations

• Typically, a corporation that wishes to set up a large remote-access VPN provides some form of Internet dial-up account to their users using an ISP.

– Site-to-Site • Through the use of dedicated equipment and large-scale

encryption, a company can connect multiple fixed sites over a public network such as the Internet.

Use of VPN to secure wireless LAN


7

VPN Encryptions Most VPNs use one of the following protocols to

provide encryption: IPSec, PPTP/MPPE, and L2TP/IPSec. IPSec - Internet Protocol Security Protocol (IPSec).

• Tunnel mode encrypts the header and the payload of each packet while transport mode only encrypts the payload.

• All devices must use a common key or certificate and must have very similar security policies set up.

• IPSec supports either 56-bit (single DES) or 168-bit (triple-DES) encryption.

PPTP/MPPE – Point-To-Point Tunneling Protocol• PPTP supports multi-protocol VPNs, with 40-bit and 128-

bit encryption using a protocol called Microsoft Point-to-Point Encryption (MPPE).

• PPTP by itself does not provide data encryption.


8

VPN Encryptions L2TP/IPSec - Commonly called L2TP over IPSec

• This provides the security of the IPSec protocol over the tunneling of Layer 2 Tunneling Protocol (L2TP).

• Primarily used for remote-access VPNs with Windows 2000 operating systems, since Windows 2000 provides a native IPSec and L2TP client.

• Internet Service Providers can also provide L2TP connections for dial-in users, and then encrypt that traffic with IPSec between their access-point and the remote office network server.

VPN References: http://www.cisco.com/warp/public/471/how_vpn_works.shtml#intro http://pptpclient.sourceforge.net/


9

Network Security Controls: Authentication / Access Control Two goals of access control in a network:

a. To protect a single system from unauthorized users

b. To prevent unauthorized users to access a computer by passing through another computer (distributed authentication)

Protection of dial-in ports:

a special case of distributed user authentication

1. Automatic call-back

2. Differentiated access rights depending on access methods (local vs remote)

3. Silent modem

Q: Any other methods for dial-in port protection?


10

Network Security Controls: Distributed authentication Two issues:

a. To protect a single system from unauthorized remote users distributed user authentication

b. To protect a network node from unauthorized access coming from other nodes computer-to-computer authentication

Several approaches: Distributed Authentication (by Digital, DEC) Kerberos (by MIT) DCE - Distributed Computing Environment (by OSF) SESAME (a European R&D project) CORBA – Common Object Request Broker Architecture

(by OMG)


11

Digital Distributed Authentication 1989, 1990

Gasser, Morrie, and Ellen McDermot. “An Architecture for Practical Delegation in a Distributed System”. Proceedings of the 1990 IEEE Symposium on Security and Privacy. 5/1990.

Issues to be resolved:

1. Impersonation of a server by a rogue process

2. Interception / modification of data exchanged btwn servers

3. Replay of a previous authentication

Approach:

• Creation of a session key using public keys

• The session key is used to encrypt further communications between the servers.

Implementation issues: public key distribution & certification


12

Kerberos Kerberos (Greek): a 3-headed dog that in Greek

mythology guards the entrance to Hades

[Steiner, J., Neuman, C., and J. Schiller, 1988] "Kerberos: An Authentication Service for Open Network Systems", pp. 191-202 in Usenix Conference Proceedings, 2/1988.

[Kohl, J. and C. Neuman, 1993] The Kerberos Network Authentication Service (V5). RFC1510. 9/1993.

Purpose: authentication in distributed systems

Two types of servers:

A Kerberos server (KS) – establish a session key btwn a user and the TGS

A ticket granting server (TGS) – grant a ticket to a user request access to a resource


13

Kerberos Using Kerberos:

1. The user obtains a session key (SG)and a ticket (TG)from

the KS. The KS also sends the session key and the user’s id to the TGS. (Fig. 9-21, p.413)

Q. What is the session key for?

Q. What information are contained in the ticket?

Q. To whom would the user present the ticket?

Q. Does the user transmit his password to the KS?

2. The user requests access to an object by obtaining from the TGS a ticket (TF) and a session key (SF). (Fig. 9-22)

Q. What is the session key for?

Q. What information are contained in the ticket? SF (p.414)

Q. To whom would the user present the ticket? Fig. 9-23

Q. Can the ticket be read, modified or forged? Why or why not?


14

Kerberos Strength:

+ No passwords are transmitted on the network.

+ Cryptographic protection against spoofing: Every access is checked by the TGS and the respective resource server.

+ Limited period of validity: Every ticket has a time stamp.

+ Time stamps to prevent replay attack: Use of a reliable universal clock is required.

+ Mutual authentication: A secure channel btwn a user and a server can be established, via the use of a ticket and a session key. Both the serve and the user can authenticate each other. How?


15

Kerberos Weakness :

– A continuously available TGS is required. Both reliability and performance may be potential problems.

– Trust between the TGS and every server is required. Trust in a distributed environment is hard to establish.

– Timely transactions are required.

– A subverted workstation can save and later replay user passwords.

– Password guessing works.

– Kerberos does not scale well. Why? Fig. 9-23, p.415.

– To enable the use of Kerberos in a distributed system, it is required that all applications use Kerberos.

Q. Can the Kerberos server and the TGS be combined? Yes (see DCE).

Q. What are the trade-offs?


16

Distributed Computing Environment An OSF project, 1992 (now the Open Group,

http://www.opengroup.org/dce/ ) OSF DCE provides a foundation on which other distributed

services and applications may be built. Fig. 9-24, p.416. DCE is called "middleware" or "enabling technology“.

It is not intended to exist alone, but instead should be bundled into a vendor's operating system offering, or integrated in by a third-party vendor.

DCE is not an application in itself, but is used to build custom applications or to support purchased applications.

The security service in DCE is based on Kerberos, with the KS and the TGS combined into a Security Server.

A cell is an administrative domain, consisting of the set of subjects and objects managed together.

OSF Distributed Computing Environment FAQ DCE RFCs


17

SESAME A European Commission’s R&D project

Similar to DCE

It uses Kerberos extensively.

It preceded both Kerberos and DCE in use of public key technology for secure authentication and distributing privilege attributes and tickets to users.

Note: Both Kerberos and DCE used symmetric keys initially, but have moved to support public keys.


18

CORBA Common Object Request Broker Architecture

An OMG specification, http://www.omg.org/corba/

An ORB is a traffic director that joins clients’ requests to appropriate servers.

Cross-platform interoperability

“Using the standard protocol IIOP (Internet Inter-ORB Protocol), a CORBA-based program from any vendor, on almost any computer, operating system, programming language, and network, can interoperate with a CORBA-based program from the same or another vendor, on almost any other computer, operating system, programming language, and network.“ (http://www.omg.org/gettingstarted/corbafaq.htm#WhatIsIt)


19

CORBA The separation of interface from implementation, enabled by

OMG IDL, is the essence of CORBA.


20

CORBA Security Services [Viega & McGraw] p.54 OMG standards define two levels of CORBA security services.

Level 1 is intended for applications that may need to be secure, but where the code itself need not be aware of security issues.

In such a case, all security operations should be handled by the underlying ORB.

Level 2 supports other advanced security features, and the application is likely to be aware of these.

Most CORBA’s security features are built into the underlying IIOP protocol, which supports secure communication using cryptography.

Mutual authentication is possible between the server and the user.


21

CORBA Strength of CORBA:

Flexibility of security policy: Any security policy may be supported, at the level of the ORB.

Independence of security technology: security technology neutral

Interoperability

Drawback: CORBA specifications describe the means by which security

functionality can be linked to a CORBA object, but there is no requirement to do so.

Implementations of the CORBA specification vary widely in terms of supported functionalities. (Example: tunneling connections through a firewall. See VM, p.56.)


22

Network Security Controls: Traffic control Traffic (flow) analysis

an attack launched by an interceptor who examines the traffic of a network to gather and/or to infer information

The mere existence of messages flowing from one point to another can be sensitive information.

Examples: p.418

Control against traffic analysis:

Spurious messages between points of low traffic


23

Network Security Controls: Data Integrity Control The goal: To ensure that data is correctly stored,

communicated, and modified in the network

Types of controls:1. Cryptographic checksums2. Parity bits

Byte parity bit: 1 if the sum of bits in a byte is even; 0 otherwise

Longitudinal parity bit + byte parity bit: p.421

3. Other error checking codes: hash value, message digest4. Digital signatures: In a network, digital signatures are

used to check authenticity of a message and also to enable auditability/traceability of data change.

5. Notarization: a 3rd party authority (notary) between two users in a network


24

Summary

Next: – Email privacy: PEM, PGP

– Firewalls

chapter 9 networking & distributed security (part b)

Documents