|2.||What to secure|
|3.||Types of security|
|4.||Types of attacks|
|8.||Authentication methods: Basic|
|9.||Using security tokens, tickets, or cookies|
|10.||Practical security token issues|
|11.||Token issues (cont.)|
|13.||Public/Private Key Encryption|
|14.||Public/Private Key Encryption Signatures|
|17.||Common Security Problems|
|18.||Security through Obscurity|
|19.||Security in the Wrong Place|
|21.||General Security Issues|
Doc 23, Security, Slide #1
What is security?
From WebsterÝs College Dictionary:
Doc 23, Security, Slide #2
Before we can talk about security related to computers and networks, we need to know what we are trying to secure:
Doc 23, Security, Slide #3
Some different types:Physical security:
Prevent access to physical devices (network, computers, etc.) with:
Doc 23, Security, Slide #4
Some common methods of "attacks":
Network sniffing is the gathering of information on a network not designated for you.
Ethernet is a broadcast network: All machines on a segment can see all traffic on that segment.
Doc 23, Security, Slide #5
Authentication is performed to ensure that a user or program has specific access to a resource or data.
The authentication process normally relies on some sort of shared (between resource provider and resource seeker) secret or irreproducible attribute:
Doc 23, Security, Slide #7
How is authentication over a network different?
Network packets can travel through many "unknown" (read untrusted) routers and computers.
What are the added risks?
Doc 23, Security, Slide #8
Username and password
Protocols we have seen that use this:
The more frequent the authentication information is sent over a network, the higher the chance that it will be sniffed.
However: smart network sniffers analyze network traffic over extended periods of time.
Doc 23, Security, Slide #9
Applications built on top of stateless protocols like HTTP will need to authenticate with every request.
A security token is given to a client by a server. The client can then use this token to uniquely identify itself to the server in the future.
The client only authenticates once and thereafter uses the cookie.
The authentication may involve "expensive" encryption.
Some requirements for security tokens:
Doc 23, Security, Slide #10
How can a server identify a client with a token?
Rely on a piece of information that is hard to change: IP address of the client
The server somehow needs to correlate the token with the address when the client uses it.
How can this be done?
Random string approach:
Doc 23, Security, Slide #11
One-way scrambling approach:
Weakness of this approach?
Why are these problems?
Doc 23, Security, Slide #12
After a client has been authenticated, the traffic on a network can still be sniffed.
A solution is encryption of all traffic.
This can be done at any layer of the protocol stack
Two basic types of encryption:
Shared key encryption:
One key both encrypts and decrypts
Public/Private key encryption:
One key encrypts, another decrypts
Doc 23, Security, Slide #13
A public key is something that is well known, i.e. published.
A client can send authentication information by encrypting the info with the server's public key.
The server will then use its own private key to decrypt the information.
Doc 23, Security, Slide #14
The same encryption method can be used to authenticate a message:
A client encrypts information with its own private key.
The server will lookup the client's public key and decrypt the information.
This is a digital signature
A combination of the previous two methods allows for mutual authentication.
Doc 23, Security, Slide #15
Kerberos is an authentication and session encryption system.
Three levels of security:
The actual algorithms used are complicated.
Look in http://www.ov.com/misc/krb-faq.html for more information about the workings.
Doc 23, Security, Slide #16
Kerberos uses a separate ticket granting server that gives a ticket to a user or application.
This ticket can then be used for any number of resources on the network.
If a client wants to talk to a server, both the client and the server will talk to the authentication server to establish that the client is authorized to use that particular server.
Advantages of kerberos:
Doc 23, Security, Slide #17
These are some of the things that have been tried. (Either knowingly or by accident)
Doc 23, Security, Slide #18
This means that whatever security is in place is only difficult to break because the encryption/authentication methods are not obvious.
What's the problem?
Doc 23, Security, Slide #19
Always think about what you're trying to accomplish with a security system.
A server that has an authentication and authorization should precede actions that require authentication.
Doc 23, Security, Slide #20
Programmers have the tendency to add debug code to their servers to make testing easier.
This debug code may circumvent any security features of the server.
Doc 23, Security, Slide #21
Points to keep in mind when dealing with security:
Some existing tools to look at: