Security

Many secure IT systems are like a house with a locked front door but with a side window open

-somebody

What do we want to protect?

• Services and data offered by the computer systems.

Types of Threats

• Interception

• Interruption

• Modification

• Fabrication

Security Mechanisms

• Encryption

• Authentication

• Authorization

• Auditing

Security Policy

•To properly use security mechanisms a security policy is needed

• A security policy helps in understanding what exactly needs to be protected and what the assumptions are with respect to security

e.g. Operations between entities in different domains require mutual authentication

Controlling access to resources in multiple administrative domains is subject to local security only

Layering of Security Mechanisms (1)

The layer in which security mechanisms are placed depends on the trust a client has in how secure the services are in a particular layer

Layering of Security Mechanisms (2)

Several sites connected through a wide-area backbone service.

CryptographyCryptography functions

– Secret key (e.g., DES)– Public key (e.g., RSA)– Message digest (e.g., MD5)

Security services– Privacy: preventing unauthorized release of information– Authentication: verifying identity of the remote participant – Integrity: making sure message has not been altered

Security

Cryptographyalgorithms

Publickey

(e.g., RSA)

Secretkey

(e.g., DES)

Messagedigest

(e.g., MD5)

Securityservices

AuthenticationPrivacy Messageintegrity

Secret Key (DES)

Plaintext

Encrypt withsecret key

Ciphertext

Plaintext

Decrypt withsecret key

Public Key (RSA)

Plaintext

Encrypt withpublic key

Ciphertext

Plaintext

Decrypt withprivate key

Message DigestCryptographic checksum

– just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message.

One-way function

– given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum.

Relevance

– if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given.

Intruders and eavesdroppers in communication.

Notation

Notation Description

KA, B Secret key shared by A and B

Public key of A

Private key of A

K A

K A

Authentication

Authentication based on a shared secret key.

Authentication Using a Key Distribution Center (1)

The principle of using a KDC.

Authentication Using a Key Distribution Center (2)

Using a ticket and letting Alice set up a connection to Bob.

Authentication Using Public-Key Cryptography

Mutual authentication in a public-key cryptosystem.

Message Integrity

• Messages are protected against modification

• e.g. email sale

• Non Repudiation

Digital Signatures (1)

Digital signing a message using public-key cryptography.

Digital Signatures (2)

Digitally signing a message using a message digest.

Key Distribution

Certificate – special type of digitally signed document:

“I certify that the public key in this document belongs to the entity named in this document, signed X.”

– the name of the entity being certified– the public key of the entity– the name of the certified authority– a digital signature

Certified Authority (CA)– administrative entity that issues certificates– useful only to someone that already holds the CA’s public key.

Key Distribution (cont)

Chain of Trust – if X certifies that a certain public key belongs to

Y, and Y certifies that another public key belongs to Z, then there exists a chain of certificates from X to Z

– someone that wants to verify Z’s public key has to know X’s public key and follow the chain

Example Systems:SSL Secure Sockets layer

Protection Domains

The hierarchical organization of protection domains as groups of users.

Firewalls

A common implementation of a firewall.