Chapter 9 Network Security 1 Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer systems apply and are more difficult: o User authentication and authorization – determine the identity and privileges of users accessing the system o Access control – limiting what actions are permitted
41
Embed
Chapter 9 Network Security 1 Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Chapter 9 Network Security 1
Overview
Network security involves protecting a host (or a group of hosts) connected to a network
Many of the same problems as with stand-alone computer systems apply and are more difficult:o User authentication and authorization –
determine the identity and privileges of users accessing the system
o Access control – limiting what actions are permitted
Authenticator = Encrypt((Client,Addr,Timestamp),KS-C)o Server is the name of the servero Client is the name of the cliento Addr is the client’s IP addresso Timestamp is the time the ticket was generatedo Lifetime is the amount of time for which the ticket is
valido KSC is the session key to be shared between the
Server and the Cliento KS is the DES key shared between the AS and the
Server
Chapter 9 Network Security 8
Getting the Initial Ticket
User enters username Request for ticket for ticket-
granting service (TGS) sent to authentication server (AS)
Client ASClient, TGS
Chapter 9 Network Security 9
Getting the Initial Ticket (cont)
AS checks that Client is a valid user Generates a session key, KC-TGS, for the Client
and the TGS Generates a ticket, Encrypt((TGS,Client,Addr,
Timestamp, Lifetime,KC-TGS,,),KTGS), for the Client to use for the TGS
Sends session key and ticket back to Client (encrypted with Client’s key, KC)Client AS
Encrypt((session key,ticket),KC)
Chapter 9 Network Security 10
Getting the Initial Ticket (cont)
User enters password Password is converted to a DES
key and used to decrypt the AS’s reply
Client’s machine:o Stores session key and ticketo Erases the user’s password and DES
key from memory
Chapter 9 Network Security 11
Getting a Ticket for a Server
Client contacts TGS and requests a ticket for Server:o Name of Servero Client’s TGS ticket, Encrypt((TGS,Client,Addr,
Timestamp, Lifetime,KC-TGS,,),KTGS)
o Client’s authenticator, Encrypt((Client,Addr,Timestamp), KC-TGS)
Client’s request is encrypted under its session key with the TGS, KC-TGSClient TGS
Encrypt((Server,ticket,AC),KC-TGS)
Chapter 9 Network Security 12
Getting a Ticket for a Server (cont)
TGS:o Checks the ticket and authenticator
o Generates a session key, KC-S, for the Client and the Server
o Generates a ticket, Encrypt((Server,Client,Addr, Timestamp, Lifetime,KC-S,,),KS), for the Client to use for the Server
o Sends session key and ticket back to Client (encrypted with session key the Client and TGS share, KC-TGS)Client TGS
Encrypt((ticket,session key),KC-TGS)
Chapter 9 Network Security 13
Requesting a Service
Client:o Builds an authenticator,
Encrypt((Client,Addr,Timestamp), KC-S)
o Sends authenticator and ticket, Encrypt((Server,Client,Addr, Timestamp, Lifetime,KC-
S,,),KS), to the Server
Client ServerAuthenticator, ticket
Chapter 9 Network Security 14
The Server’s Response
Server:o Decrypts and checks the ticket (learns the session
key)o Decrypts and checks the authenticatoro Optionally: increments the Timestamp by one and
returns it to the Client encrypted with the session key
Client ServerEncrypt(Timestamp+1,KC-S)
Chapter 9 Network Security 15
Overview of Kerberos Messages
1. Request for TGS ticket2. Ticket for TGS3. Request for Server Ticket4. Ticket for Server5. Request for service6. Server authentication
AS
Server
TGS
Client5
2
6
3
41
Chapter 9 Network Security 16
Limitations of Kerberos
Applications must be “Kerberized” Based on:
o Client/server modelo Synchronized clocks
The TGS could be a bottleneck Cross-realm operation doesn’t
scale well
Chapter 9 Network Security 17
Interaction With Other Sites Using Kerberos
Both Site 1 and Site 2 run Kerberos:
Can clients at one site use Kerberos to access servers at the other site securely?
Site 1 Site 2
Chapter 9 Network Security 18
CORBA - Overview
Developed by the Object Management Group (OMG)
Standard that allows distributed applications, running in heterogeneous environments, to interoperateo Objects are entities that provide services to
requestors through well-defined encapsulating interfaces
o A reference model describes how the objects interoperate by requesting services from one another
Chapter 9 Network Security 19
CORBA – Example
Two objects, A and B Assume that Object B has a method named
foo( ) Object A can request service from B by
invoking foo() Problem: A and B might be implemented in
different languages Solution: a translation may be necessary to
allow A to understand B’s requesto A universal Interface Definition Language (IDL)
allows A’s request can be converted from A’s native form into a request understandable to B
Chapter 9 Network Security 20
The Object Request Broker (ORB)
The Object Request Broker (ORB) mediates the interaction between the objects
Chapter 9 Network Security 21
Functions of the ORB
Deliver A’s request to B and B’s reply to A Hide “low-level” details from calling
objects:o Location (local or remote)o Implementation details (language and platform)o Execution state (currently running or needs to
be started)o Communication mechanisms (TCP/IP, shared
memory, local method invocation)
Chapter 9 Network Security 22
CORBA
The Common Object Request Broker Architecture (CORBA) standard:o Defined by OMGo Allows different ORBs to interoperate
The CORBA Security specification:o Optionalo If implemented, the ORB provides basic security
functionality to all objects: Authentication Communications security Access control Auditing
Chapter 9 Network Security 23
Services of a Secure ORB
Chapter 9 Network Security 24
Secure Interoperability
Problem: A client and target object may be distributed so that their interaction is not mediated by a single ORB
Solution: the secure inter-ORB protocol (SECIOP):o A standard interoperability protocol defined by CORBAo Establishes a secure communication channel between
two ORBso Allows authentication and message-protection data to
be exchanged securely and in a format that all compliant ORBs understand
Chapter 9 Network Security 25
Interaction Between Two Secure ORBs
Chapter 9 Network Security 26
User Authentication and Authorization - Summary
Very difficult in a network environment:o Authentication - determining a user’s identityo Authorization – determining what actions a user can
perform Reasons:
o Vulnerability of network communicationso May be controlled by several different administrative
authorities Solutions:
o Kerberoso Secure ORBs
Chapter 9 Network Security 27
Access Control for Networks
Problems:o Enforce an access control policy
Allow trust relationships among machineso Protect local internet from outsiders attempting to: