Computer Security science and enggineering
Post on 26-Dec-2014
533 Views
Preview:
DESCRIPTION
Transcript
Security Science And
Engineering Sashank Dara
1 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
This talk is intended for Graduate or Under graduate students as an attempt to motivate them into this exciting field of computer security This talk is by no means complete although constantly evolves to be comprehensive
This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported 2
Science
3 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Engineering
4 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Flaws can be Disastrous
5 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Boundaries to breach
6 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Bumble bee aerodynamically cannot fly, what does this mean ?
Symbols and Interpretation
Engineering application, Product Scientific Theory,
Framework, Mathematical Model
A Flaw either in theory or in application that resulted In disaster
Scope for breaching theoretical or practical boundaries
7 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Foundations • Authentication • Authorization • Confidentiality • Integrity • Non Repudiation • Availability ( Non Denial of service)
Note : Any a security application, appliance or research would be about achieving combination of above properties or their variants
8 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Authentication
Less formally , this involves confirming the identity of a person or software program. “you are who you say you are”
9 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Factors and Identity • Ownership Factors, something the user has, say ID Card,
Security token, Phone etc.
• Knowledge Factors, something the user knows, say password, passphrase, PIN, challenge response
• Inherence Factors, something the user is or does, say finger print, DNA sequence, retinal scan, voice, facial recognition
• Two factor authentication is an approach to authentication which requires the presentation of "two or more" of the three authentication "factors"
10 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Applications • Single sign-on, a user logs in once and gains access to all
systems without being prompted to log in again at each of them
• Open-Id, Users may create accounts with their preferred OpenID identity providers, and then use those accounts as the basis for signing on to any website which accepts OpenID authentication.
• Kerberos, is a computer network authentication protocol which works on the basis of "tickets" to allow nodes prove their identity to one another in a secure manner.
• BrowserID is a decentralized identity system that makes it possible for users to prove ownership of email addresses in a secure manner, without requiring per-site passwords
• Two-Factor authentication
11 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Caveats • Security experts argue that it is impossible to prove the identity of a
computer user with absolute certainty. Any given test can be spoofed one way or another, with varying degrees of difficulty. – Wikipedia
• Strong Passwords are difficult to remember • Finger printing has been successfully spoofed using glue and thumb
impressions • Facial recognition can be beaten using photographs ! • Voice can be easily mimicked ! • ID Cards, Phones, Security Tokens can be subjected to theft !
• U S Government defines strong authentication as layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information.
12 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Authorization
Function of specifying access rights to resources, More formally, "ʺto authorize"ʺ is to define access policy.
13 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Authorization • For example, human resources staff are normally
authorized to access employee records, and this policy is usually formalized as access control rules in a computer system.
• During operation, the system uses the access control rules to decide whether access requests from (authenticated) consumers shall be approved (granted) or disapproved (rejected)
14 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Access Control
Access Control includes Authentication, Authorization, Audit
15 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Two Steps • Policy definition phase where access is authorized
o This step is more of Authorization phase
• Policy enforcement phase where access requests are approved or disapproved
16 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Access Control Lists • In short a list of permissions attached to an object or
a collection of objects • File system ACLs, is a data structure (usually a table)
containing entries that specify individual user or group rights to specific system objects such as programs, processes, or files.
• Network ACLs, is a list of rules specifying the services that can be accessed by inbound and outbound traffic. o Firewalls predominantly are based on ACL’s o Famous five tuple ( Source IP , Destination IP, Source port , Dest Port ,
action)
17 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Security Models • Discretionary based access control
o Users (owners) have the ability to make policy decisions and/or assign security attributes.
o Example is Unix file mode info represented by rwx bits
• Mandatory based access control o Decision making authorities have the ability to make policy decisions and/
or assign security attributes o Users do not have ability to make policy decisions o Example is SELinux framework
• Role based access control o Combination of DAC and MAC, typically used in enterprises
18 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Security Models • Context based access control
o Deep packet and stateful inspection of firewalls
• Capability based Security o a capability is a token, ticket, or key that gives the possessor permission to
access an entity or object in a computer system o In contrast there are no ACLs !
• There are many other models
19 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Mathematical models • Conflicts in access control list can open up security
holes ! o Often misconfiguration of firewalls resulted in disasters !
• Can we mathematically model access control list ? o Boolean logic o Lattice based access control models
• Can we prove they are formally correct and complete ?
20 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
User level Access Control • Identity management, describes the management of
individual identities, their authentication, authorization, roles , and privileges o Password managers, LDAP, Etc.
• OAuth allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically supplying username and password tokens instead o Complimentary to OpenID
• SAML, Secure Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains. o Primarily to solve and standardize single sign on o Quite popular among identity based solutions
21 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Network Access Control • Firewalls, often touted as first layer of defense in any
organization’s security design • First generation firewalls were mere packet filters
based on five tuple • Second generation firewalls are stateful and do
deep packet inspection • Third generation firewalls are more “context-aware”
22 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Confidentiality
23
Confidentiality is the concept of ensuring that data is not made available or disclosed to unauthorized people.
This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Integrity
24
Data Integrity in broadest meaning refers to the trustworthiness of information over its entire life cycle
This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Cryptography • Cryptography simple stated is the art of “Secret
writing” • Traditional Cryptography has been used
successfully for authentication, confidentiality, integrity
• Confidentiality cannot be achieved without cryptography o Exception a technique called chaffing and winnowing was proposed but
that is not practically strong enough
25 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Cryptography • Art of secret writing dates back to thousands of years • cryptography was chiefly concerned with linguistic and
lexicographic patterns until twentieth century • Now extensive use of of mathematics, including aspects of
information theory, computational complexity, statistics, combinatorics, abstract algebra, number theory, and finite mathematics generally
• And lately even quantum theory and chaos theory too !
26 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Cryptanalysis
27
Myth: The Enigma was too complex to be broken
-‐‑ ... as believed by the German Military • Fact: The Enigma was broken almost daily for years during WWII
This particular work by Landon Curt Noll is Licensed under CC Attribution-Share Alike 3.0 Unported License
Cryptographic Engg • Many implementation challenges
o Key management o Pseudo Random Number Generators o Side channel attacks o Tamper proof hardware o Verification techniques o Protocol Analysis
28 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Protocols • Secure Sockets Layer (SSL/TLS) • IP Sec • VPN’s • PGP • Many many to name a few
29 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Caveats • Myth: The larger the key, the stronger the key • Fact: Key size is no guarantee of key strength • An early web browser with 128-bit SSL keys
o Key was generated by the random() pseudo-random number generator o With only 4 billion different srandom() seeds, only 4 billion different SSL keys
could ever be generated o Only 32 bits of real protection
• There are more important issues than size: o - Generating keys that cannot be guessed o - Securely storing keys o - How humans use a key o - How unattended machines use a key o - Lost key recovery o - Key life-cycle management
30 This particular work by Landon Curt Noll is Licensed under CC Attribution-Share Alike 3.0 Unported License
Caveats • Large Key but Weak Key Example, The US “nuclear
football” o Nuclear launch authorization code was long but until 1976, the code was
all 0’s!!! Really !!!
• Larger keys do not necessarily mean better o Key size cannot overcome a predictable method of generating it o A huge compromised key is much worse than a smaller well-managed
key o The cost of discovering the key must be higher than the value of the data
being protected
31 This particular work by Landon Curt Noll is Licensed under CC Attribution-Share Alike 3.0 Unported License
Applications • Entire Web Commerce infrastructure SETS,HTTPS • Virtual Private Networking • IPSEC • Cryptography in wireless applications (mobile
phone, WLANs, analysis of standards, etc.) • Cryptography for pervasive computing (RFID, sensor
networks, smart devices, etc.) • FPGA design security • Hardware IP protection and anti-counterfeiting • Reconfigurable hardware for cryptography
32 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Applications • Smart card processors, systems and applications • Security in commercial consumer applications (pay-
TV, automotive, domotics, etc.) • Secure storage devices (memories, disks, etc. • Technologies and hardware for content protection • Trusted computing platforms
33 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Non Repudiation
34 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Non Repudiation • A service that provides proof of the integrity and
origin of data. • An authentication that with high assurance can be
asserted to be genuine. • Entire Public Key Infrastructure is built for this
35 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Availability ( Non Denial of Service)
36 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Denial of Service • A DoS attack can be perpetrated in a number of
ways. The five basic types of attack are: o Consumption of computational resources, such as
bandwidth, disk space, or processor time. o Disruption of configuration information, such as routing
information. o Disruption of state information, such as unsolicited resetting
of TCP sessions. o Disruption of physical network components.
37 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Denial of Service • A DoS attack may include execution of malware
intended to: o Max out the processor's usage, preventing any work from
occurring. o Trigger errors in the microcode of the machine. o Trigger errors in the sequencing of instructions, so as to
force the computer into an unstable state or lock-up. o Exploit errors in the operating system, causing resource
starvation and/or thrashing, i.e. to use up all available facilities so no real work can be accomplished.
o Crash the operating system itself.
• Few DOS Attacks o Smurf attack , Ping flood , Ping of death, SYN Flood
38 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Intrusion Prevention systems
• Are network security appliances that monitor network and/or system activities for malicious activity
• First generation were Intrusion Detection Systems • Classification
o Network based o Host based o Wireless IPS o Network Behavior Analysis
• IPS checks for malware, worm outbreaks, DDOS attacks • An IPS can also correct Cyclic Redundancy Check (CRC)
errors, un fragment packet streams, prevent TCP sequencing issues, and clean up unwanted transport and network layer options.
39 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Intrusion Prevention systems
• Detection Methods o Signature Methods o Statistical anomaly detection o Stateful protocol Analysis Detection
• Other Recent Trends o IP Reputation o Global Correlation
• Popular IPS (Open Source) o Snort
40 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Security Principles • Security is an afterthought , internet was built to share
physics documents among researchers but not social networking, commerce and everything
• Security by obscurity is disastrous, o Kerckhoff’s principle A cryptosystem should be secure even if everything
about the system, except the key, is public knowledge.
• Security is as strong as its weakest link and often its the people.
• There is no silver bullet • Security is a process rather than a product. • Defense in depth • Risk Assessment , Threat modeling , compliance can
mitigate
41 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Conclusions • Few things not yet covered
o Cloud security o Threat modeling o Popular Attacks o Secure Development Life cycle o Social Engineering o Security Management
o Many Others ..
• This talk is a work in progress, so it would be continually evolving do come back to check for latest revisions of the file
42 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
Contact • I can be reached at
o Krishna.sashank@iiitb.org o http://www.linkedin.com/in/sashankdara
• Note : Parts of the work is taken from Landon Curt Noll as mentioned in the foot notes where ever relevant. o He can be reached at http://isthe.com/chongo/
43 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
This work is made available under Creative Commons Attribution-Share Alike 3.0 Images courtesy : Google Images
44 This work by Sashank Dara is licensed under CC Attribution-ShareAlike 3.0 Unported
top related