identity and access management basics
TRANSCRIPT
1
11/30/2005 1
Identity and Access Management Basics
Mittwoch, 30. November 2005Dübendorf, Hewlett-Packard (Schweiz) GmbH
Prof. Dr. Peter HeinzmannInstitut für Internet-Technologien und –Anwendungen,HSR Hochschule für Technik Rapperswil (ITA-HSR)
und cnlab Information Technology Research [email protected], www.cnlab.ch
Referenzen, weiterführende Literatur:
• Microsoft Identity and Access Management Series, Part I – The Foundation for Identity and Access ManagementPart II – Identity Life-Cycle ManagementPart III – Access Management and Single Sign On, Published: May 11, 2004; Updated: August 17, 2005http://www.microsoft.com/technet/security/topics/identitymanagement/idmanage/default.mspx
• RSA Security, White Paper, Successful Real-World Implementations of Identity and Access Management, RSA, 2004.
• Sumner Blount, eTrust® Identity and Access Management Solutions, CA, White Paper, November 2005.
• Martine LINARES, Identity and Access Management Solution, GIAC Security Essentials Certification (GSEC), Practical Assignment, Version 1.4c, Option 1 - Research on Topics in Information Security, SANS, February 14, 2005.
2
11/30/2005 2
• 1997 HSR spin-off• 10 Engineers• Engineering & Consulting
• Internet Application Development • Internet Security Reviews
• Examples• Collaboration&Controlling Framework• Internet Performance Benchmarking• Swiss Highway Traffic Monitoring • Telebanking Audits• Non US Pretty Good Privacy (PGP) SW
www.cnlab.ch www.hsr.ch
Institut für Internet-Technologien und –Anwendungen
Fachhochschule Ostschweiz, HSR Hochschule für Technik Rapperswil
• Elektrotechnik• Informatik • Maschinenbau • Gartenbau• Raumplanung• Bauingenieurwesen
ca. 1‘000 Studierende (44% FHO)
ITA-HSR: Institut für Internet-Technologien and -Anwendungen
cnlab information technology researchag
3
11/30/2005 3
Identity and Access Management (IAM) Introduction
IAM is used to align security management strategy with business goals by:
• managing who has access to which resources and services; • logging and reporting what they have done; • and enforcing business, privacy and security policies.
•Today’s organizations must ensure they control and audit the process of issuing a user credential, conducting business transactions inside or outside of an organization, or allowing employees, customers or partners to access Web services, files or databases. To accomplish this, organizations need a single view of all activities, such as user management and policy management, or creating a new user account.•Effective security management starts with identity and access — knowing and controlling who can do what and accounting for what they have done.•Identities are required for all users, including employees, customers and business partners.
Reference: CA eTrust Identity and Access Management solutions, http://www3.ca.com/solutions/SubSolution.aspx?ID=4348
4
11/30/2005 4
IAM Infrastructure
Self administration
Authentication
Authorization
Account andprivileges
propagation
Contentaccess
Identity
Resources
Individual components of an Identity and Access Management (IAM)infrastructure implement following functions:•Directory Services provides a central identity repository and reconciliation of identity details between application specific directories. •Identity Management Services provide tools to manage identity details stored in the directory. •Access Management Services implement authentication of web based users and enforces access control over the web-based transactions. •Provisioning Services cover centralized user administration capabilities and serves mainly for propagation of user account changes and access rights across individual back-end applications. In this manner it is bridging the gap between e-business systems and enterprise applications security. •Presentation Services provide a personalized interface for all user interactions with the system.
Reference: Jiri Ludvik, Enterprise Identity And Access Management Technical White Paper, Security Weblog, April 2002, Note: Working version, http://radio.weblogs.com/0100367/stories/2002/05/11/enterpriseIdentityAndAccessManagement.html#26.
5
11/30/2005 5
IAM for Regulatory Compliance• avoiding unauthorized access to information• auditing of information accessed by any type of identity• assuring personal privacy and confidentiality and
financial validity
– health care records: Health Insurance Portability and Accountability Act (HIPAA)
– financial data: Gramm-Leach-Bliley Act (GLBA) and the EU Data protection Directive (95/46/EC)
– controls on accounting practices: Sarbanes-Oxley Act
The key requirement of virtually all security-related regulations involves the creation of strong internal controls. This means that all users must be uniquely identified, all their access to protected resources must be tightly controlled, access to these resources must be based on a defined security policy, and all access and security events must be easily and fully auditable.
6
11/30/2005 6
IAM Example: First day at work(identity life cycle)
A new user, Joe Newguy, is being added to an organization in a VP of Marketing role and is receiving a number of subset roles. With these subset roles, workflow is generated and processed, and approval requests are sent out. Once approvals are received, updates are made to respective systems where Joe Newguy will be performing his job function. For access to physical systems, such as a phone, credit card, ID badge and work location, workflow is processed and sent to the procurement manager.
7
11/30/2005 7
Gartner IAM Hype Cycle (June 2005)
IAM/NAC Integration: Integration of network access control (NAC) functions with IAM infrastructure for user level access by connection profile.Contact less Proximity Cards: Integrated circuit-based cards for information systems access that transmit and receive data via radio frequency technology. Based on the International Organization for Standardization/International Electrotechnical Commission 14443 standard, with a range of up to 10 centimeters. Building access can be incorporated on the card, which can also hold digital credentials for security processes, such as encryption or digital signing.Role Planning, Audit and Compliance: Designing, delivering and managing access to IT resources by allowing the creationof roles or rules to govern the authorization of that access across multiple systems or applications. Allows a company to manageaccess in a manner that corresponds to the multiple operating views that reflect how day-to-day business is conducted.Biometric Identity Documents: Uses one or more unique physical characteristics (such as a fingerprint, face or irisidentification) or, less frequently, behavioral traits as part of a government-issued identification document (such as a passport or national ID card).Virtual Directories: Software products that create a logical (virtual) view of a Lightweight Directory AccessProtocol directory by combining data from multiple repositories or by combining multiple repositories into a single view.Biometric User Identification: Use of unique physical features (such as fingerprints, face, and iris recognition) or,less often, behavioral traits (such as voice, typing rhythm, and signature dynamics) as a form of user authentication.Although "good enough" solutions are available for small or specialized implementations, barriers to broad-based use remain —poor accuracy, poor scalability, integration issues in large and technologically diverse organizations, and high cost.Public Key Operations: A system for generating and managing digital certificates that identify the holder (person, system or device) of assigned public and private key pairs useful for identification, authentication, encryption and digital signing.The original public-key infrastructure (PKI) vision is changing, moving key management functions away from attempts to centralize them to be close to applications that use the keys and to apply PKI technology to Web services security.Federated Identity Management: Allows sharing of identification credentials among several entities. Trust is transferredfrom one identifying and authenticating entity to another.Liberty Alliance Security Assertion Markup Language-based solutions remain underutilized, yet interest is growing. The technology has some applications in the enterprise, but it has little use in business-to-consumer communication. The telecommunications industry has shown significant interest.Positioned to provide consumer and business identification, and eventually authentication services supporting e-business and other applications.Microsoft AD/Kerberos: Microsoft's Active Directory (AD) supports Kerberos as a means of exchanging authorization credentials with other platforms.The dominant usage of AD Kerberos is Windows-centric; however, companies are beginning to deploy products that use AD Kerberos into non-Windows environments.CCOW Standard: The clinical context object workgroup (CCOW) is a standard certified by the American National Standards Institute for single sign-on and context management that complements Health Level 7's emphasis on data interchange and workflow. It focuses on facilitating application integration at the point of use. Single sign-on allows the user access to multiple systems through a single, secure login. Context management (the synchronization of applications so that they are mutually aware of a set of real-world things, such as patients and encounters) allows users to interact with a number of systems through their native user interfaces as if they were one.Justification for Hype Cycle Position/Adoption Speed: In 2005, healthcare organizations will continue to focus on doing a better job on IAM in light of the Health Insurance Portability and Accountability Act (HIPAA) security deadline. Opportunities for context management will emerge as a result of IAM efforts and clinical context object workgroup (CCOW), and implementations will increase. Increased deployment of clinical workstations and physician portals, as well as the visual integration of disparate clinical systems to form the virtual electronic medical record, will also drive adoption.
Source: Gartner Group
8
11/30/2005 8
Cartoon by Peter Steiner, July 5, 1993 The New Yorker (Vol.69, No. 20)
• Internet provides for „virtual identities“ only– E-Mail-Addresses– News Authors– Web-Server-Addresses– Host-Addresses
„On the Internet, nobody knows you‘re a dog“
The above cartoon by Peter Steiner has been reproduced from page 61 of July 5, 1993 issue of The New Yorker, (Vol.69 (LXIX) no. 20) only for academic discussion, evaluation, research and complies with the copyright law of the United States as defined and stipulated under Title 17 U. S. Code.
9
11/30/2005 9
Need for Identity and Access Management in the Internet
10
11/30/2005 10
Controlled Access is needed to ...
• One Computer (Sign-On/Logon, Client-Server)• Many Computers (Single Sign-On, SSO)• Applications (Telnet, Secure Shell, ftp, library
catalog)– Mailbox (POP3, IMAP)– Web-Editing (FrontPage)– Web-Pages (.htaccess)
• ....• Rooms, areas, ...
11
11/30/2005 11
Authentication, Authorization, Accounting (AAA)
2. Authorisation(Access)
3. Accounting
1. AuthenticationProve, that I am „username“
pheinzmaUsername:********Password:
user
0. IdentificationI am: Username
•Identification establishes who you claim to be: The user claims an identity, usually by supplying a user ID or a user name. •Authentication verifies that you are who you claim to be: The user supplies authentication information, which proves the binding between the user and the identity. •Authorization establishes what you‘re allowed to do e.g. which files and applications you may access: The systems authorizes the (authenticated) user to do what he is allowed to do. •Accounting charges for what you do.
12
11/30/2005 12
Phishing Quiz Example
http://survey.mailfrontier.com/survey/quiztest.html
MailFrontier Phishing IQ Test II , http://survey.mailfrontier.com/survey/quiztest.htmlhttp://www.antiphishing.org/phishing_archive/05-10-05_Paypal/05-10-05_Paypal.html
2004-05-13 Opera Browser Address Bar Spoofing Vulnerability, 2004-08-16 Internet Explorer Address Bar Spoofing VulnerabilityThe vulnerability is caused due to an input validation error, which can be exploited by including the "%01" and "%00" URL encoded representations after the username and right before the "@" character in an URL.Example: http://www.trusted_site.com%01%00@malicious_site.com/
Reference: http://secunia.com/internet_explorer_ address_bar_spoofing_test
13
11/30/2005 13
On June 25, an e-mail that appeared to be from the PayPal Support Center asked members of the online payment service to update their account information to protect themselves from fraud.
14
11/30/2005 14http://en.wikipedia.org/wiki/Phishing#endnote_Richardson
It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately $929 million USD. U.S. businesses lose an estimated $2 billion USD a year as their clients become victims.[6] The United Kingdomalso suffers from the immense increase in phishing. In March 2005, the amount of money lost in the UK was approximately £504 million GBP.
Source: Wikipedia
15
11/30/2005 15
10.00%0.00%220Turkmenistan
0.28%0.10%2910'438Egypt
1.49%0.10%302'021Sri Lanka
…
2.08%0.20%894'298Iran
2.04%0.30%974'777Peru
…
0.56%1.10%40472'076Thailand
0.49%1.50%547112'250India
0.43%1.70%630147'959Hong Kong
2.38%2.90%1'03543'619Romania
1.43%3.20%1'14881'023Taiwan
0.33%9.10%3'284993'517Korea (South)
Probability of phishing site
% of all known phishing sites
Total Phishingsites
Total sitesCountry
Phishing Site Statistics (Nov. 2005)
http://toolbar.netcraft.com/stats/countries
http://toolbar.netcraft.com/stats/countries
16
11/30/2005 16
Server and Client Authentication
Alice Bank
A >123> BClient www.bank.com
Server
Hijack, reroute,Man-in-
the-Middle Mike
•Digital identity — The unique identifier and descriptive attributes of a person, group, device, or service. Examples include user or computer accounts, e-mail accounts, computer names or web server names.•Credential — Typically a piece of information related to or derived from a secret that a digital identity possesses. Examples of credentials include passwords, X.509 certificates, and biometric information.•Identity life-cycle management — The processes and technologies that keep digital identities current and consistent with governing policies. Identity life-cycle management includes identity synchronization, provisioning, deprovisioning, and the ongoing management of user attributes, credentials, and entitlements.•Authentication — A process that checks the credentials of a security principal against values in an identity store. Authentication protocols such as Kerberos, Secure Sockets Layer (SSL), NTLM, and digest authentication protect the authentication process and prevent the interception of credentials.
17
11/30/2005 17
Odysseus• Lokaler Proxy.• Terminiert HTTP und HTTPS• Erlaubt die Modifikation der HTTP
Anfrage und der HTTP Antwort.• Kann auch mit SSL Client
Zertifikaten arbeiten.• Muss im Browser als Proxy
konfiguriert werden.
http://www.wastelands.gen.nz
18
11/30/2005 18
Odysseus FunktionLokaler Computer Web Server
HTTP Request
HTTP Reply
19
11/30/2005 19
Odysseus Activity Log
20
11/30/2005 20
Basic Access Control (Authentication) Schemes
21
11/30/2005 21
Authentication is based on ...• What you know (password, PIN,
secret, certificate, ability to sign)– ask for something only the
authorized user knows or can do
pheinzmaUsername:********Password:
• What you are (biological pattern, e.g. fingerprint)– obtain some non-forgeable
biological or behavioral measurement of the user
01 Z4GH 06 IKDX02 67TS 07 9PL703 UR2A 08 NFLB04 TIQV 09 K91D05 3Z5P 10 HA85
• What you have (token, scratch list, certificate)– test for the presence of
something only the authorized user has
22
11/30/2005 22
Basic Authentication Process: 1. Registration
Registration ProcessAlice
Certification Process
Store Alice‘s certifiedtemplateRegistration /
Certification AuthorityAlice
1g-B@H Alice=A7FF93DKnow:
Alice=Are:
AliceCAAlice
Alice=
Have: Alice=
1g-B@H = Ich gehe mit Bob nach Hause
23
11/30/2005 23
Basic Authentication Process: 2. Match & Control (Authenticate)
Matching, checking
I am Alice
1g-B@HI knowmy password:
Alice=A7FF93D
Alice‘s storedtemplates:
Encrypt,Hash
A7FF93D
I am the person with this fingerprint: Alice=Matching,
checking
AliceSign
82A5F9EE3DB743CC3112980AE8E9…
82A5F9EE3DB743CC3112980AE8E9…
I know how tosign a message: Matching,
checking
I have my key generator:
Matching, checking Alice234836
There are several ways to authenticate a user i.e. to prove the identity of a user:
1. The users presents something what they know, such as a password. This approach is known as a Knowledge factor. Personal identification number (PIN codes) or passwords are the most common method of using confidential knowledge to authenticate users. Passwords are also the least expensive method of user authentication. Unfortunately, user-selected passwords are often short and simple, which makes them easy to guess. The ability to sign a message may also be considered as “what you know or can do”. The user proves that he is the person to be identified by proving what he can do (e.g. sign the same way as shown on a given template).
2. The users presents something (physical) what they have in their possession, such as a key or a card. This approach is known as aPossession factor. To authenticate users digitally people provide them with tokens that contain a digital code. Tokens are available as both hardware and software. They may generate a different code within regular time intervals or upon request (e.g. upon reception of a „challenge“). These tokens may also be smart cards, similar in size to a standard credit card which is inserted into a card reader as part of the authentication process. They may contain a digital certificate and they are usually presented in combination with a password or Personal Identification Number (PIN).
3. The user presents a personal physical attribute, such as a fingerprint or a retinal scan. This approach is known as a Being factor or a “what you are”factor.
24
11/30/2005 24
What you know (Passwords)
25
11/30/2005 25
Authentication: Basic PrincipleSecret
of ID-ASecret
of ID-A
secure channel (registration)
F(S_A) F(S_A)unsecure channel
Credentials of ID-A
Credentials of ID-A
Reference of ID-A
?=
Die Authentizität einer Person (oder einer Maschine) wird mit Hilfe sogenannter „Credentials“ überprüft. Diese basieren in den meisten Fällen auf „gemeinsamen Geheimnissen“ (shared secret), welche eindeutig nur die zu authentisierende Person und die überprüfende Stelle kennen können. Um eine solche Situation zu erreichen, muss zwischen den beiden Stellen mindestens einmal ein direkter oder indirekter sicherer Kommunikationskanal existiert haben.
Credentials (dt. das Beglaubigungsschreiben, das Empfehlungsschreiben, die Zeugnisse):
1. That which entitles one to confidence, credit, or authority. 2. Evidence or testimonials concerning one's right to credit, confidence, or
authority: The new ambassador presented her credentials to the president.
26
11/30/2005 26
Logon Process (logon at the computer)
pheinzmaUsername:********Password:
localDomain:
username PW-Hash
Password-File
PW-Hash
EPW(One-Way Function)
username password
WinXP: \WINDOWS\system32\config\SAMSAM = Security Account Manager(permanent file lock)
Unix: /etc/passwd (User IDs)/etc/shadow (Password Hashes)
Der Zugang zum Computer soll nur derjenigen Person erlaubt werden, welchedas zur Identifikation (zum Username) passende Passwort eingeben kann. Beider Erstellung eines Benutzer-Accounts wird auf dem Computer das Passwortmit einer Einwegfunktion verschlüsselt. Der resultierende “Passwort-Hash”wird in einem File zusammen mit dem Benutzernamen (Username) abgelegt. Bei jedem Login des Benutzers berechnet das System aus dem eingegebenenPasswort mit Hilfe der Einwegfunktion den Passwort-Hash (PW-Hash) und vergleicht diesen mit dem zum eingegebenen Benuternamen passendenPasswort-Hash im Passwort-File.
Wo die jeweiligen Passwortfiles abgelegt sind und welche Einwegfunktionenzum Einsatz kommen, hängt vom Betriebssytem ab, ist aber öffentlichbekannt.
27
11/30/2005 27
password search time with search speed equal to 100’000 passwords per second (http://lastbit.com/psw.asp)
21’076’992 years 45’838 years 1’159 years 45 years 10
219’552 years 881 years 32.6 years 21 months 9
2’287 years 17 years 10.5 months 24 days 8
23 years 4 months 9 days 22 hours 7
3 months 2.2 days 6 hours 50 minutes 6
22 hours 1 hour 10 minutes 0 5
13 minutes 1 minute 0 0 4
96 (all printable)52 (case sensetive)
36 (no case, letters&digits)
26 (no case, letters only)
password length
The password search time with respect to the password length and character set size. The calculation assumes a search speed equal to 100’000 passwords per second (one password comparison per 10 microseconds).
http://lastbit.com/pswcalc.asp contains an online calculator which lets you calculate a time of a password search depending on specific conditions you enter.
28
11/30/2005 28
NT and LANmanager Password Compatibility
LANmanager Password HashesNT Password Hash
second 8 Bytes of LM Hash (Character 8 .. 14)
first 8 Bytes of LM Hash (Character 1 .. 7)
16 Bytes NTLM Hash (md4)
Two times 7 characters with 8 Bit per character, only capital characters
= 0xAAD3B435B51404EE(if password has not more than 7 characters)
14 characters with 14 Bit per character (Unicode characters)
For compatibility reasons on NT and W2K systems all passwords are stored in both formats: as NT password hash as well as LANmanager password hash.
Note: NT distinguishes small and capital letters in the passwords, LANmanager doesn’t i.e. it converts all password characters to capital letters. Hence, if LANmanager compatibility is enabled, using small and capital letters for passwords does not really improve security.
Windows NT, Windows 2000, and Windows Server 2003 can be configured to eliminate both the storage and use of LM hashes.
29
11/30/2005 29
Cain & Abel
Cain & Abel ist eines von vielen öffentlich verfügbaren Sniffer-Werkzeugen, welche auch die Passworte aus verschiedenen Anwendungen herausfiltern und auch umcodieren oder sogar entschlüsseln.
30
11/30/2005 30
Passwords and Moore‘s Law
1969 Unix(56 Bit)
1991LanManager(2 mal 56 Bit)
1997 Windows NT(196 Bit)
The observation made in 1965 by Gordon Moore, co-founder of Intel, that the number of transistors per square inch on integrated circuits had doubled every year since the integrated circuit was invented. Moore predicted that this trend would continue for the foreseeable future. In subsequent years, the pace slowed down a bit, but data density has doubled approximately every 18 months, and this is the current definition of Moore's Law, which Moore himself has blessed. Most experts, including Moore himself, expect Moore's Law to hold for at least until 2015.
The data used to construct this graph have been adapted from theMicroprocessor Report 9(6), May 1995 (as reported to me by Mark Seager). and the ChipList, by Aad Offerman.
"The human population does not double every 18 months but its ability to use computers to keep track of us does."
[Phil Zimmermann, Moore's law 'is biggest threat to privacy‚Infosec security conference in London, April 29 2003.]
31
11/30/2005 31
https://www.cnlab.ch/codecheck/
Die Sensibilisierung der Mitarbeiter für „gute Passworte“ kann durch eine Intranet-Anwendung verbessert werden. Mit einem kleinen Wettbewerb werden die Nutzer und Nutzerinnen auch spielerisch zur Generierung guter Passworte animiert.
32
11/30/2005 32
What you know (sign a message)
(Public Key Systems, Certificate)
33
11/30/2005 33
Private key encryption (symmetric key systems)
E DTEXT TEXT&%C5
Encipher (verschlüsseln)
Decipher(entschlüsslen)
Plaintext(Klartext)
PlaintextCiphertext(verschlüsselterText)
KABKAB
KAB KAB
KAB KAB
Beide Endstellen nutzen bei der symmetrischen Verschlüsselung die selben (geheimen) Schlüssel und Ver- und Entschlüsselungsalgorithmen.
34
11/30/2005 34
Secure Socket Layer (SSL) (https://server.xyz.ch)
WWW-Client WWW-Server
Browser HTTP-Server
SSL supports • Confidentiality, Integrity • Server Authentication• optional Client Authentication
ServerSigner
SSL Server
An SSL session is initiated as follows:• On the client (browser) the user requests a document with a special URL that commences https: instead of http:, either by typing it into the URL input field, or by clicking on a link.• The client code recognizes the SSL request and establishes a connection through TCP port 443 to the SSL code on the server.• The client then initiates the SSL handshake phase, using the SSL Record Protocol as a carrier. At this point, there is no encryption or integrity checking built in to the connection.
The SSL protocol addresses the following security issues:•Privacy After the symmetric key is established in the initial handshake, the messages are encrypted using this key.•Integrity Messages contain a message authentication code (MAC) ensuring the message integrity.•Authentication During the handshake, the client authenticates the server using an asymmetric or public key. It can also be based on certificates.
SSL requires each message to be encrypted and decrypted and therefore has a high performance and resource overhead.
35
11/30/2005 35
Public and secret keys
Bob
Bob
E KB
DKB
TEXT TEXTAf%G
Encipher Decipher
PlaintextBlock
PlaintextBlock
CiphertextBlock
Public KeyPrivate Key(secret key)
Bob
KBK
B
Wer Bob eine verschlüsselte Meldung senden will, besorgt sich Bob‘söffentlichen Schlüssel. Man beachte, dass sich die Verschlüsselungsoperation beim Sender und die Entschlüsselungsoperation beim Empfänger unterscheiden und dass sie durch unterschiedliche Schlüssel gesteuert sind.
36
11/30/2005 36
Digital signature analogon: Alice checks Bob ‘s signature
1. Alice writes a message to Bob on a paper, puts it in a transparent box and locks it with Bob‘s public key
2. Bob opens the box using his private key and reacts on Alices‘s message
3. Bob put the paper back into the box, locks it with his public key and sends it in the transparent box back to Alice
4. Alice checks the reaction on her message to Bob
BobB
ob
Dear Bob,change
5 and 7...
Bob
Dear Bob,change
5 and 7 ...
Dear Bob,change
5 and 7 ...
Analogon zur Erklärung der Signatur-Funktion beim Public Key Ansatz.
37
11/30/2005 37
What you have (Tokens)
38
11/30/2005 38
Token Examples• Physical Devices
– keys– Tags/Cards
(may be contactless)– Special computers– Mobile phones
Various (external) devices can be used to store secrets and to perform „unique reactions on challenges“.
Comparison of Security Tokens: http://ibg.networkcomputing.com/ibg/Chart?guide_id=4064
39
11/30/2005 39
Logon in Networks (NT Domains, ftp, telnet, Web-Server, POP, ...)
usernamePassword
usernameEncoding
Password
Password
PW*
username
PW*
PW-Hash
EPW
Password
PW-Hash
Password
PW*
PW-Hash
username
Password
usernamePW-Hash
username
PW*
Falls die Authentisierung nicht auf dem lokalen Computer, sondern auf einementfernten System stattfindet, müssen die Benutzernamen- und Passwort-Informationen über das Netz übertragen werden. In gewissen Fällen wirdzusammen mit dem Benutzernamen das eingegebene Passwort•im Klartext übertragen (z.B. bei ftp, telnet, POP), •in anderen Fällen erfolgt eine Umcodierung (z.B. bei Web-Access) •und in wieder anderen Fällen wird nur der mit der Einwegfunktion bestimmtePasswort-Hashwert übertragen.
40
11/30/2005 40
HTTP Basic Authentication
RFC 2617 - HTTP Authentication: Basic and Digest Access Authentication, June 1999.
GET /
GET /Authorization: Basic QWxhZGRpbjpv
HTTP/1.1 401 Unauthorized
WWW-authenticate: Basic realm=„MyServer"WWW Client
WWW Server
base64
Show Document
Client
t
Server
t
The "basic" authentication scheme is based on the model that the client must authenticate itself with a user-ID and a password.. The server will service the request only if it can validate the user-ID and password for the protection space of the Request-URI.
HTTP/1.0 includes the specification for the Basic Access Authentication scheme. Upon receipt of an unauthorized request for a URI within the protection space, the origin server MAY respond with a challenge like the following: WWW-Authenticate: Basic realm="WallyWorld„. To receive authorization, the client sends the userid and password, separated by a single colon (":") character, within a base64 encoded string in the credentials.
1. Client > Server: HTTP-Request (get)2. Server > Client: “401 Unauthorized“ Authentication Request3a. Client: Basic Authentication possible?3b. Client > Server: HTTP-Request User-ID/Password (not encrypted, just
BASE64 encoded)4a. Server: Compare ID/Password with .access file4b. Server > Client: Show Document
The Basic Access Authentication scheme is not considered to be a secure method of user authentication, as the user name and password are passed over the network in an unencrypted form.
41
11/30/2005 41
One-Time-Password: Scratch list
• Scratch list– Client uses next password– widely used in Telebanking– Sent to user over
independent channel– Created „randomly“
Scratch list
7563 1329 20091223 1569 09097443 1432 23332673 1667 14147823 3489 ....
Bei der Streichlisten-Authentisierung erhält jeder Benutzer eine Liste mitEinmal-Passwörtern. Nach der ersten Authentisierung streicht derBenutzer das erste Passwort durch. Bei der zweiten Authentisierunggibt er das zweite Passwort auf der Liste an und streicht es nachGebrauch; und so weiter und so fort. Das Gegenstück ist ein System, welches auf eine Datenbank zugreift, die für jeden Benutzer die Listeder Einmal-Passwörter enthält. Sobald der Grossteil der Einmal-Passwörter der Liste gestrichen ist, erhält der Benutzer eine neue Listeum unterbrechungsfrei arbeiten zu können.
Dieses Verfahren ist relativ günstig, aber die ganze Sicherheit hängtvon der sicheren Aufbewahrung der Streichliste ab. Ein weitererNachteil ist, dass der Benutzer automatisch zum Supportfall wird, falls er die Streichliste nicht ordnungsgemäss verwendet und ein Passwortnach Gebrauch nicht streicht. [http://www.it-sec.com]
Beim Einsatz von Grid cards wird als „Challenge“ eine Passwort Nummer geschickt.
42
11/30/2005 42
Dynamic Password Generator
• Number changes every 60 seconds
• Time sync allows typically 3 possible codes (3 min interval)
• Security discussion Dec 2001 due to claimed emulation program
A Secure ID Card looks like a little card-calculator. It is synchronized to an identical card on the firewall. Your Secure ID Card also has a password that only you know. When you connect to the LAN, the firewall spits out a string of 10 letters and numbers as a challenge to you. "Prove you're really who you say you are," it is telling you. Because this challenge is determined by the time of day and other information, it is different from minute to minute. You then take your Secure ID Card, type in your password, and enter the string of letters and numbers that the firewall gave you. Your Secure ID Card displays a new string of letters and numbers as the correct "answer" to the challenge. You then type that exact string of letters and numbers into your computer, which is sent back to the firewall. When the firewall receives this correct answer, it lets you through. Even if the cracker steals your card, he still needs to know your Secure ID Card password in order to use it.
A vulnerability has been identified by the ACROS Penetration Team from Slovenia <[email protected]> and has been verified by RSA Security. In certain circumstances, the vulnerability enables users to bypass SecurID Web access authentication (WebID) and gain direct access to protected directories or files without requiring an RSA SecurID PASSCODE. [Nov 1999, http://www.acros.si/references/rsa_bulletin.doc]
The SecurID hash -- designed in 1985 by John Brainard, still at RSA Labs -- has been used, unchanged, to generate PRN token-codes (aka, "one-time passwords") in all of the more than 8 million SecurID hand-held authentication devices that RSA have been sold over the past 14 years. In December 2001 a sample SecurID Token Emulator with Token Secret Import was published at Bugtraq: “We have performed some cryptoanalysis and let's just say we do have grounds to believe that this algorithm is easily breakable. Once again, security of the cipher should be based entirely on the secrecy of the key, not the algorithm.”[http://online.securityfocus.com/archive/1/152525]
43
11/30/2005 43
Create special Task (challenge) for ID
Username (ID)
Challenge
Response
Client
Challenge-Response Principle
Server
Check Result
UniqueReaction toChallenge
Username (ID)
UniqueReaction toChallenge
To secure authentication credentials across networks challenge and response authentication is used.
44
11/30/2005 44
Challenge Response: Grid Card
• Grid card– Client answers with
password upon password number request
– used in Telebanking– Sent to user over
independent channel– Created „randomly“
Grid card
01 751163 11 132329 21 20560902 122433 12 154669 22 09310903 744293 13 149832 23 11233304 267213 14 166657 24 122414.... .... ....
Beim Einsatz von Grid cards wird als „Challenge“ eine Passwort Positionsnummer geschickt und der Client muss mit dem zugehörigen Passwort antworten. Dieses Verfahren wird beispielsweise bei Postfinance(www.Yellownet.ch) und bei der Banque Cantonal de Vaud (www.bcv.ch) –dort mit Koordinaten-Angaben (z.B. A 7) verwendet.
45
11/30/2005 45
Challenge Response Tools• SW:
– S/Key• HW:
– RSA SecureID– Vasco Digipass Token– CryptoCard RB-1
(calculator style DES challenge-response Replaceable Battery token)
– CryptoCard KT-1 (Key Chain Token)
www.cryptocard.com
The S/KEY system, developed at Bellcore, provides a secure alternative to UNIX passwords. The security of S/KEY lies in the use of one-time passwords. These passwords can only be used for one remote login session, so capturing them does not provide an intruder a means of breaking into the system at a later time. Generation of the one-time password is based on a secret password that is chosen by the user, but this secret password never travels over the network.
A user initializes S/KEY by selecting a secret password and n, a number of passwords to generate. A secure hash function (currently MD4) is applied to the secret password n times. The result is stored on the server. When the user attempts to log in, the server issues a challenge, which is the number n-1. Software on the user's client machine prompts for her secret password, and applies n-1 iterations of the hash function to it, and sends this response to the server. The server applies the hash function to this response. If the result it obtains is the same as the value it stored earlier, the authentication worked. The user is allowed in, and the server replaces the stored value with the response obtained from the client, and decrements the password counter. [Haller, 1994; Rubin, 1995]
CRYPTOCard Corp. is a company which provides 'Secure Password Technology'. This secure password technology is based on the Two-Factor Authentication technology. CRYPTOCard provides an extensive suite of various tokens that interface into their authentication server, as well as many APIs for such technologies as KERBEROS and CISCOSecure. To name a few of the hardware tokens, CRYPTOCardhas developed the RB-Token, which stands for replaceable battery token which looks like a pocket calculator. Also, there is the Key Chain Token. These two tokens support both normal challenge-response method and the QuickLog method. QuickLog automatically detects the next challenge and only provides the response for the user when activated. This is beneficial for the user to make less mistakes by not having to enter an eight digit challenge for every response.
46
11/30/2005 46
HTTP Digest Access Authentication
1. HTTP-Request
2. “401 Unauthorized“Authentication Request
Nonce
3b. HTTP-ResponseHash
4b. Show Document
4a. CompareReceived hash with own hash
3a. Digest Access Authentication possible?
Compute Hash from:User-ID/Password/Nonce
Client Server
tt
RFC 2617 - HTTP Authentication: Basic and Digest Access Authentication, June 1999.
Like Basic Access Authentication, the Digest scheme is based on a simple challenge-response paradigm. The Digest scheme challenges using a nonce value. A valid response contains a checksum (by default, the MD5 checksum) of the username, the password, the given nonce value, the HTTP method, and the requested URI. In this way, the password is never sent in the clear. Just as with the Basic scheme, the username and password must be prearranged in some fashion on the server side.
47
11/30/2005 47
What you are (Biometrics)
48
11/30/2005 48
What you are: Biometrics
FingerprintVoice Print
Face RecognitionIris / Retina ScanningHand Recognition
http://www.tml.hut.fi/Opinnot/Tik-110.501/1998/papers/12biometric/biometric.htm
http://www.ethentica.com/http://www.pitt.edu/~lawrev/59-1/woodward.htm
In 2002 IT authentication with biometrics is almost always realized with fingerprints. There are only a few standards (www.bioapi.com) and as with smart cards, biometrics need to be integrated with a comprehensive security infrastructure.
49
11/30/2005 49
Gummy finger
Ref: CUBS, University at Buffalo, http://www.cubs.buffalo.eduhttp://www.cedar.buffalo.edu/~govind/[email protected]
50
11/30/2005 50
Two Factor Authentication
An Automatic Teller Machine (ATM) is a typical “two factor authentication”system: to get access to the banking account requires the combination of a user Personal Identification Number (PIN) and the possession of the card.
51
11/30/2005 51
Two Factor Authentication: Biometrics as an Alternative to the PIN
RankLTC
Armed Forces of theUnited States
ArmyActive Duty
Parker IV,Christopher J.
Pay GradeO5 Issue Date
1999SEP03
PIN (what you know)
(what you are)
100% or 0% correct
x% correct
Most biometric systems use two factor authentication.
Note the difference between PIN/Password check, which is true or false – and biometrics gives identity verification with a certain probability only.
52
11/30/2005 52
• face image• voice• lip movement
Combined biometrics approaches
http://www.biodata.dehttp://www.bioid.de
BioID is a revolutionary biometric technology that uses face, voice and lip movement to identify a person. BioID solutions represent an advanced, people-oriented solution: With BioID, instead of typing in a password or using a PIN, the user simply looks into a standard video camera and says his or her name to get authenticated. [http://www.bioid.com/]
53
11/30/2005 53
Two Factor Authentication Example: Telebanking „challenge response“
87123456 PIN
Clients must provide their ID (i.e. client number) to get a challenge number („Eingabe“). Clients have a little calculator device and a personalized smart card. The personalized smart card can be put into the calculator and activated with a four digit PIN code. Input of the challenge number allows the smart card to calculate the response („Code“).
Together with IBM, we developed an innovative, easy to use chip-card system that uses state-of-the-art technology - considerably enhancing the overall level of online security. The new system is based on a code saved on each individual UBS e-banking card (which all of our Swiss clients receive).
The card's content is protected and cannot be copied or decoded. Its codes are only valid for a very short time-span - unlike the paper lists of access codes. When using a card, a client does not have to enter a password directly into his or her computer. Instead, it is processed directly by a card reader (which is also sent to clients). The system was gradually introduced during the course of 2002, and we expect that all of our e-banking clients will be using the new system by the middle of 2003.[http://www.ubs.com/e/about/annual_review/2002/innovation_learning/chip_cards.html]
54
11/30/2005 54
https://telebank1.ubs.com/classic/g?login&initiate
Vertragsnummer: 23001234
Code: FV A0 G1 D6
Card+PIN
Vertrag
Challenge: 854256
Für ein erfolgreichers Login benötigen Sie folgende Sicherheitsmerkmale:•UBS e-banking-Vertragsnummer (=Identification)•UBS e-banking-Karte (=what you have)•UBS e-banking-Karten-PIN (Nach dreimaliger Fehleingabe ist die Karteunwiderruflich gesperrt. Ersatzkarte kostet Fr. 20) (=what you know)•UBS e-banking Kartenleser
http://www.ubs.com/g/telebanking/nina_clip_g.swf
55
11/30/2005 55
Summary(But …)
56
11/30/2005 56
Was sind die aktuellen Security Probleme?
• Professionelle / kommerzgetriebene Angriffe– Aufbau und Betrieb einer Botnet-Infrastruktur– Gezielt auf bestimmte Kunden(gruppen)– Phishing
• Entscheide (überforderter) Nutzer– Mail-Attachments– Viren, Würmern, Spyware nur schwer erkennbar– Rechner Updates– Downloads von Webseiten (Programme, ActiveX
Komponenten, …) • Fehler der Entwickler
57
11/30/2005 57
Key Logger
58
11/30/2005 58
Home User PC Protection
Man beachte, dass immer noch zwischen 5% und 40% der privaten Internet-Rechner direkt vom Internet aus angewählt werden können, d.h. weder mit Firewall noch mit einem NAT-Router geschützt sind.
59
11/30/2005 59
Phase 1PC-PC
Voice over IP (VoIP)
ISP
Plain Old Telefone System (POTS)
Gateway
Phase 2bPhone-IP-GW
Cordless Phone
Gateway
Hard Phone
Soft Phone
Phase 2aPC-GW
Gateway
Phase 3PC/Phone-POTS
•IP-Telefonie Phase 1 (PC-PC): Telefonieren von Internet-PC zu Internet-PCist seit etwa 2000 mit einfachen, frei verfügbaren Programmen möglich. Im einfachsten Fall reicht eine kostenlose Software (z.B. MS NetMeeting, Internet Messenger, Skype, Iphone) und ein Kopfhörer mit Mikrofon. Es gibt keinen Übergang zum POTS. •IP-Telefonie Phase 2a (PC-GW): Einsatz von VoIP im internen Netz, um Haustelefonzentralen zu ersetzen. Anstelle der Haustelefonzentrale (Private Automated Branch eXchange, PABX) wird eine VoIP-Zentrale mit Gatewayzum normalen Telefonnetz (POTS) eingesetzt (z.B. Swyx).•IP-Telefonie Phase 2b (Phone-IP-GW): Internet Service Provider (z.B. Cablecom) bieten über ihre Infrastruktur die Möglichkeit, konventionelle Telefone über den Internet-Anschluss (Router, Cablemodem) anzuschliessen. Beim ISP gibt es eine VoIP-Zentrale für den Übergang zum POTS. •IP-Telefonie Phase 3: VoIP wird nicht nur von PC zu PC, sondern auch von PC zum POTS und vom POTS zum PC ermöglicht. Die Kunden erhalten eine konventionelle Telefonnummer und sind auch vom POTS aus erreichbar (vgl. Skype Out, Skype In).
http://www.ndrtv.de/ratgebertechnik/themen/20050116_internet_telephonie.html
60
11/30/2005 60
Hintertür im iTAN-Procedere der Postbank (c't, 28.11.2005, Heft 25/05)
• Bei indizierten TANs (iTAN) fragt die Bank statt nach einer beliebigen TAN auf der Liste nach einer TAN, die an eine bestimmte Transaktion gebunden ist.
• Bei einem Test von Heise Security gelang es jedoch, Überweisungen mit jeder beliebigen TAN einer Liste durchzuführen – obwohl das iTAN-Verfahren aktiviert war.
• Der Trick: Die Postbank bietet als Alternative zum Webzugang das Homebanking Computer Interface (HBCI) mit dem unsicheren PIN/TAN-Verfahren an –auch HBCI+ genannt –, das nach wie vor beliebige TANs akzeptiert.
http://www.heise.de/security/news/meldung/66652
Dass beliebige TANs akzeptiert werden ist deshalb möglich, weil die Postbank nach der Abschaltung des BTX-Zugangs sämtliche Konten für HBCI+ freigeschaltet hat. Den meisten Kunden dürfte allerdings nicht klar sein, dass ihr Konto auch über diese Hintertür angreifbar ist.Durch die Schwachstelle bei der Postbank muss ein Phisher, der PIN und eine TAN ergattert hat, lediglich eine Finanzsoftware installieren und Kontakt mit dem HBCI-Server aufbauen, um damit das Konto leerzuräumen.
FinTS - STANDARD FÜR SICHERES ONLINE-BANKING: FinTS steht für Financial Transaction Services und ist die Weiterentwicklung des 1996 erstmals vom ZKA (Zentraler Kreditausschuss) veröffentlichten Online-Banking Standards: "Homebanking Computer Interface (HBCI)". http://www.hbci-zka.de