Internet Security

Learning Objectives
Clarifyneedforsecurity(whatarewe
tryingtoprotect?)
Identifyfundamentalsecurityobjectives
Reviewbasicnetworkattacks
Classifytypicalattackers
Examinetechnicalsafeguards
Explorefirewalloptions

Internet Security Needs

Whilenontechnicalpublicationsare
obsessedwiththeInternet,technical
publicationsareobsessedwithsecurity
Chapman & Zwick, 1995
Informationview:marveloustechnologicaladvance
ininformationdisseminationwithamajordangerto
polluteanddestroy
Transactionview:majordeterrenttoECommerce
growth

What do we Need to
Protect?
Data
Informationwekeeponcomputers(product
design,financialrecords,personneldata)
Losttime,lostsales,lostconfidence

Resources
Unauthorizeduseofcomputertime&space

Reputation
Misrepresentation,forgery,negativepublicity

Fundamental Security
Objectives
FourfundamentalobjectivesofInfoSecurity
ConfidentialityProtectionfromunauthorized
persons
Integrityconsistencyofdata;nounauthorized
creation,alterationordestruction
Availabilityensuringaccesstolegitimateusers
Legitimateuseensuringappropriateuseby
authorizedusers

Basic Security Attacks

Intrusionunauthorizedaccessanduseof
systems
Denialofserviceanattackaimedatpreventing
useofcompanycomputers
emailbomborflooding/Internetworm
disabled,reroutedorreplacedservices

Informationtheftnetworktaps,databaseaccess,
hackingintositestogiveoutmoreinfoorto
wrongparties

Technical Safeguards
SecurityServices

Authentication(entity,dataorigin)
Accesscontrol(preventunauthorizedaccess)
Confidentiality(disclosure,encryption)
Dataintegrity(valueofdataitem)
Nonrepudiation(falselydenyingatransaction)

UNIX Password Security

Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639

Security Models
NoSecuritynotanoption
SecuritythruObscuritydonttellanyone
whereyoursiteis
HostSecurityenforcedsecurityoneachhost;
progressivelydifficulttomanageasnumberof
hostsincrease
NetworkSecuritycontrolnetworkaccessto
hostsandservices;firewalls,strong
authentication,andencryption

Firewall Solutions
Definitionhardware&/orsoftwarecomponents
thatrestrictaccessbetweenarestrictednetwork&
theInternetorbetweennetworks
Logicallyaseparator,restricter,analyzer
Rarelyasingleobject
Restrictspeopletoenteringatacontrolledpoint
Preventsattackersfromgettingclosetootherdefenses
(hostcontrols)
Restrictspeopletoleavingatacontrolledpoint

Firewall Capabilities
Focussecuritydecisionssinglepointto
leveragecontrol
Enforcesecuritypolicyminimize
exceptions
LogInternetactivityanalysis
Limitexposureseparatesensitiveareasof
onenetworkfromanotheroroutsideworld

Firewall Limitations
Cantprotectagainst
maliciousinsiders
connectionsthatdontgothroughit
newthreats
viruses
scansforsource&destinationaddresses&
portnumbers,notdetailsofdata

Types of Firewalls
Simpletrafficloggingsystems
auditlogfileoffilesaccessed(HTTPD)
siteusage/demandhours/links/browsersused

IPPacketScreeningRouters(packetfiltering
gateway)
notonlylooksatcanitroute,butshouldit
selectivelyroutesorblockspacketsbasedonrules
basedonprotocols,destination(port80),knownsource
IPaddresses

Types of Firewalls (cont.)

HardenedFirewallHost(hardware)
Haltsunauthorizedusers
Concentratessecurity,hidesinternalsystem
names,centralizes&simplifiesnetmanagement

ProxyServer(software)
Dealswithexternalserverrequestsonbehalfof
internalclients
MaylimitcertainHTTPmethods(CGIorJava
applets)

Common Solutions
ScreenedHost
Hostattachedtointernalnetworkusingseparaterouter
Internalhostisonlyinternalsystemthatnethostscanconnectto
Packetfilteringconfigurationdeterminesifinternalhostsmay
connecttootherexternalhosts
Internet
Firewall
Screening Router
Internal Network

Common Solutions (cont.)

FirewallArchitectures
Dualhomedhost(twonetworkinterfaces)
Onecommunicatesexternally,oneinternally
Nodirectcommunicationinternaltoexternalhosts

Internet
Real Server

Dual-homed Host
Proxy
Server

Proxy Client/Internal Host

Common Solutions (cont.)

ScreenedSubNetArchitecture
Extralayerofsecurityoverscreenedhost
Perimeternetworkfurtherisolatestheinternal
networkfromtheInternet
Internet

Internal (Bastion Host)

(email, FTP, DNS)
Perimeter Network

External Router
(access router)

Internal Router/
(choke router)
Internal Network

Other Variations
MultipleBastionHosts
Performance,redundancy,needtoseparatedata&servers
Usenet,SMNP/DNS,FTP/WWW

MergeInterior&ExteriorRouters
Sufficientcapabilitytospecifyinbound&outboundfilters
Usuallyontheperimeternetwork

MergeBastionHost&ExteriorRouter
UseMultipleExteriorRouters
MultipleconnectionstoInternetorInternet+othersites

MultiplePerimeterNets
Redundancy,privacy

Not Recommended
MergingBastionHost&InteriorRouter
Breachofhostleavesaccesstointernalnet

UsingMultipleInteriorRouters
Routingsoftwarecoulddecidefastestwaytoanotherinternal
systemisviatheperimeternet
Difficulttokeepmultipleinteriorroutersconfiguredcorrectly
Mostimportant&complexsetofpacketfilters
Mayneedtousemultiplestoresolveperformancebottlenecks
orseparateinternalnetworks

Futures
ThirdgenerationFirewalls
combinedfeaturesofpacketfiltering&proxysystems

Client&serverapplicationswithnativesupport
forproxiedenvironments
Dynamicpacketfiltering
Packetrulesmodifiedontheflyinresponseto
triggers

UnderlyingInternetprotocolundergoingrevisions
IPv6

Cryptography Basics

Learning Objectives
Identifyrequirementsforsecure
communication
Discusscryptographictechniques
Definecryptosystems&evaluatecurrent
encryptionmethods
Reviewdigitalsignaturestandards
Discusschallengesofkeymanagement
Reviewothersecurityoptions&trust

Secure EC requirements
Foranynetworktransaction:
1.Privacy2.Confidentiality3.Integrity

Forreliable,securecommunication:
1.Authenticationwearewhowesayweare
2.Certificationguaranteeby3rdpartythatwawwswa
3.Confirmationdigitalreceiptoftransaction
4.Nonrepudiationbindingagreement,digitalproofof
transaction
5.Encryptionforalloftheabove,encodedpassageof
informationoveropennetworks

Cryptographic Techniques
Secretwritingorcrypticsymbolization
Techniqueencryptionalgorithmor
cryptosystem
definesapairofdatatransformations

encryptionanddecryption
encryption=plaintexttociphertext
bothusekeysseeminglyrandomstring
keylength(numberofbits)dependentupon
cryptosystem

Encryption Cryptosystems
Symmetricprivatekeysystems(samekey)
DESDataEncryptionStandard/56bitkey
Vulnerabletoexhaustivekeysearch(2 56possibilities)
Newstandardinprocess

Plaintext

Encrypt

Ciphertext

Decrypt

Plaintext

Encryption Systems (cont.)

Asymmetricpublickeysystems(keypair)
1976Stanforddevelopment
encryptionmode:publickeytoprivatekey
authenticationmode:privatekeytopublickey
cryptosystemsoperatingbothwayscalledreversible

1978RSAreversiblecryptosystem
baseduponmultiplicationoftwoprimenumbers
possibletocrackvialargecomputerresource
1994429bitcodecrackedbyscientificcollaboration
after17years
requirescontinualupdatingofmodulustoprotect
JawsTech,Inc.4,096bit(100years)

Digital Signature Standards

Accompaniesadigitallyencodedmessage
verifiesoriginatorofmessage
assuresmessagenotmodified
satisfiesnonrepudiationrequirement

Plaintext

Plaintext

Plaintext
Sign

Verify

Verifies?

Signature
Senders Private key

Senders Public key

Digital Key Management

Lifecyclemanagement(cryptoperiod)

Generation&registration(randomnumbers)
Distribution&Availability
Keybackup/recovery/keyescrow
Replacementorupdate
Protectionagainstdisclosure
Terminationorarchival(confidentiallyarchived
informationmustbeaccessibleafterkeyretirement)

Other Security Methods

AuthenticationProtocolsbuiltintocommunications
protocol

transformedpassword(onewayfunction)
challengeresponse(randomvaluerecd/sent)
timestamp(synchronizedclocks)
onetimepassword(differentvarianteachlogin)
zeroknowledgetechnique(interactiveproof)

AddressbasedAuthentication(networkaddress)
PersonalTokens(hardware&pw/smartcards)
Biometrics(fingerprint,voiceprint,handwriting)

Kerberos
CompleteauthenticationsystemMIT

DESsymmetriccryptography
Onlineauthenticationservers
Hostserver&clientssharesymmetrickeys
Clientrequestsaticket/sendstoserver
Ticketinterpretedonlybycorrectserver
Sessionkeyisgeneratedbyauthenticationserverafter
successfulexchange
Authenticationservice(AS)/Ticketgranting
Service(TGS)/Client/Server(CS)authentication
exchange

Internet Security
Threelevels(Network,application,system)
Networkdatapacketintegrityintransit
(Authentication/confidentiality/accesscontrols)
IPlayer/headers+data=IPdatagram
Notinherentlysecure(IPSpoofingattacksw/false
sourceaddresses)
Authenticationheadersintegritycheckvaluesto
indicatesource&transitintegrityofdatagram
SecurityAssociation/SecurityParameterIndex

Internet Security (Network)

PacketEncryptionEncapsulatingSecurityPayload(ESP)provides
confidentiality+integrity
Algorithm(transforms)
Tunnelmodeencryption(entiredatagramencrypted)
Transportmodeencryption(dataonlyencrypted)

KeyManagementnosinglestandard
Hostorientedalluserssharesameassociation&key
Potentialfordecryptanothersmessages
Userorienteduserhas1ormoreassociation&keys
Lowerrisk/Superiormethod

Firewallsscreeningrouters/proxyservers,perimeternetworks

Internet Security (Network)

VirtualPrivateNetworks(VPN)
SecuregroupsofnetworksitesusingInetbackbone
IPtunneling/firewalls

Messagingspecialsecurityneedsabovenetwork
measures
Email/mailenabledapplications
Writertoreaderprotectionviauseragent
MessageTransferAgents(MTAs)=message
transferbackbone(originating&delivering)

Internet Security
(Messaging)
BasicMessageProtectionServices
Messageoriginauthentication/content
integrity/contentconfidentiality/non
repudiationoforigin

EnhancedMessageProtectionServices
Confirmationservices(proofofdelivery&
submission,nonrepudiationofdelivery&
submission)
OtherI.e.securitylabelingservice

Internet Security
(Messaging)
SecureMessagingProtocols
PEMPrivacyEnhancedMail(basicservices)
Wrapsitselfaroundstandardmailmessage

MIMESecurityMultiparts
MultipurposeInternetExtensionssupportsstructuringof
messagebody
Differentbodypartstext,image,audio,etc
1995specifications:
SecurityMultipartsforMIME
MIMEObjectSecurityServices(MOSS)
Transformsmessagesintostandardrepresentationfortransport

Internet Security
(Messaging)
S/MIMERSAalternativetoMOSSspec
builtuponPublicKeyCryptographyStds(PKCS)
ProtectsMIMEbodyparts,w/newdatastructurethat
becomesMIMEcontent
Signed,envelopedorboth
MailermustbeS/Mcomplianttoread

PGP(PrettyGoodPrivacy)freeappusingdigital
signatures&encryption
Definesownpublickeypairmgmtsystem
Casualemail,notwidescaleecommerce

Internet Security
(Messaging)
X.400Security
1984/1988internationalstdsformailgateways
SecurityfeaturesspecifictoX.400protocols
X.400securedmailcannotbeconveyedover
Inet

MessageSecurityProtocol(MSP)
US/DOSprotocolsimilartoS/MIME,PKCS
Encapsulatesmessageforbasic&some
enhancedservices

Message Protocol
Comparison
S/MIMEstrongestcommercialacceptance
PGPfree;notcompatiblew/publickeyinfrastructure;
scalabilityquestionable
MSPmostcomprehensivefeatureset;notcommercially
widespread
MOSScompatibilityissuesw/publickey;weak
commercialvendoracceptance
PEMnotcompatiblewithMIME/outdated
X.400mostcomprehensivefeatures;notcompatiblewith
Inetmessaging

Web Security
WebRisksservercontent/communications
SolutionsSSL/SHTTP/SET(evolvingstds)
SSL(SecureSocketsLayer)sessionprotection
DevelopedbyNetscapetoaddcommunicationprotection
NewlayerprotocoloperatingaboveTCPprotocol
Protectsanyapplicationprotocolnormallyoperating
overTCP(HTTP,FTP,TELNET)
HTTPsrepresentsSSLcommunicationhandling
Services:serverauthentication/clientauthentication/
integrity(checkvalues)/confidentiality(encryption)

Web Security (SSL cont.)

SSLhastwosubprotocols
SSLRecordProtocoldefinesbasicformat
Compression/MAC/encryption/datalength
Assumespreexistingkeys

SSLHandshakeProtocolcoordination
Negotiatesprotectionalgorithmsbetweenclientandserverfor
authentication,transmissionofkeycertificates,establish
sessionkeysforuseinintegritycheckandencryption

Domestic(128bit)andinternl(40bit)

Web Security - S-HTTP

SecureHTTPsecurityextension
Protectsindividualtransactionrequestor
responsemessages,similartoemail
Services:authentication,integrity,
confidentiality+digitalsignatures(addsnon
repudiation)
Flexibilityinhowmessagesareprotectedand
keymanagement

Web Security Threats

ExecutableProgramsnofoolproofdefense
JavaAppletsexecutionoccursonclientsystem
Trustedexecutionenvironment(sandbox)
Shouldnot:inspectoralterclientfiles,runsystemcommandsor
loadsystems/wlibraries
Should:contactonlyoriginatingserver
Potentialforhostileappletstosendforgedemail,crashbrowsers,
killrunningapplets,consumeresources

ActiveXreusablesoftwarecomponents
SourceAuthenticationProgramsreadsignedcode

Digital Certificates

Learning Objectives

Differentiatedigitalsignatures&certificates
Definecertificateauthority&keymethods
Reviewcertificateapplicationprocess
EvaluateX.500certificateformats
Examinecertificaterevocation&suspension
Reviewcertificateinfrastructures
ExamineSETandDODMISSI

Digital Signatures &

Certificates
Twolevelsofauthentication
signatures

certificates

Eachrequiresaregistrationprocess

Certificate Authority (CA)

Recognized&trustedparty
Confirmsidentityofprivatekeyholder(subscriber)
Digitallysignsthecollectionofinformationknownasa
certificate
Includespublickeyofprivatekeyholder

3rdParty(Open)feebasedkeydistribution
Internaltoorgorgroup(Closed)selfcontained
keydistribution&authentication

Public Key Methods

Publickeyprivatekeydistribution
PublickeyusershavekeytoaCA
Requestscopyofcertificate&extractspublickey
(relyingparty)

Certificateisselfprotecting
CAsdigitalsignatureisinsidethecertificate
CAssignaturewouldnotverifyiftamperedwith

Certificatesdistributedoverunsecuredchannels
DownsideismultipleCAs(certificationpath)

Certificate Issues
ValidityPeriodRestrictedlifetimes
Limitcryptanalysis&vulnerability
Scheduledstart&expiretimes

Legalaspectofclosedvs.openCAs
Openmayprovidebetterevidence
Similarroletothatofnotary
UtahDigitalSignatureLaw
Reliabilityofanydigitalsignaturedependsuponreliabilityof
aCAassociationofthekeyw/aperson

Key Management
Keypairgeneration&transfer
Keypairholdersystem
Generatedinusersystemwhereprivatekeystored
Supportsnonrepudiation/privatekeyneverleaves

Centralsystem
GeneratedinothersystemorCA
Greaterresource&controls,higherquality,backupor
archivefunctions

Mixedmethodsfortypesofkeypairs
DigitalsignatureatkeyholderencryptionatCA

Key Management (cont.)

PrivatekeyProtection/AccessControl

Storageintamperresistantdevice(smartcard)
Storageinencryptedfile
PasswordorPINforpersonalauthentication
Softwarecontrol/digitalwallet

KeypairUpdate/policy
DifferentTypes/DifferentRequirements
RSAcanperformencryption&signatures
Digitalsigkeysshouldbecreated&remainonsystem
(ANSIX9.57);recreatedasneeded;noarchivalrequired
Encryptionkeysbackup&archivalneeded

Key Management (cont.)

Otherdifferingrequirements
Encryptionlimits(56bit)restrictsignature
strength
Twotypesmayhavedifferingcryptoperiods
NotallalgorithmshaveRSAdualproperties
Privateencryptionkeysmayhavetobe
providedtogovernment,digitalsignaturekeys
shouldneverbe

Certificate Application
Process
RegistrationwithCertificateAuthority
Establishrelationship&providesubscriberinfo
Explicitlyapply&acceptcertificate

Authentication
Personalpresence,IDdocuments
Useofintermediariesaslocalregistrationauthorities

Distribution
Accompanyingdigitalsignature
DirectoryService(X.500standards)

Certificate Distribution
Protocols

InternationalTelecomUnion(ITU)&ISO
198488X.509forpublickeydistribution
Slowacceptanceduetocompetitiveissues
Proprietaryalternatives
MSExchange,Notesdirectory,NovellNDS,Banyan
StreetTalk

LDAP(InternetLightweightDirectoryAccess)
accessprotocolratherthandbtechnology

S/MIMEorspecializedWebServers

X.509 Certificate Format

Version
Serial Number
Signature Algorithm ID
Issuer (CA) X.500 Name
Validity Period
Subject X.500 Name
Subject Public Algorithm ID
Key Info Public Key Value

Issuer Unique ID
Subject Unique ID
CA Digital Signature

Version 1, 2, or 3
Unique for this certificate
Used by CA (DSS w/SHA hash *)
Issuing CA name
Start & expiry date
Holder of private key
Value of holders public key &
algorithm (RSA w/MD5 hash *)
Optional unique ID for CA
Optional unique ID for holder
* Object identifier

Certificate Extensions
X.509V.3extensionsclarifyowners&use
Key&policyinformation
Authority&SubjectkeyID,Keyuse,period,policy

Subject&issuerattributes
Alternativenames(email),Company,address,etc

Certificationpathconstraints
LinkstoCAviaroot&directoryinfrastructures

Certificaterevocationlists(CRL)

Revocation & Suspension

Limitedlifetime(validityperiod)
Suspectedcompromiseofprivatekey
Nameorattributechanges
RevokedbyCA,subscriber,employer
CRLcertificaterevocationlist(X.509)
Timestamped,signed,anddistributed
PostedtoWebsiteorviaX.500directory
Realtimerevocationchecking(resources)

CRL Format
Standardformatforcertificaterevocation
CRLNumber
ReasonCode
Keycompromise,CAcompromise,Affiliationchange,
superceded,cessationofoperation

InvalidityDate
DistributionPoints
Filesizecontrolentryremoval,differentCRLbyreason,
CAcontrol

CRLholdlistforsuspension

Validity Periods
EncryptionKeyPairs
Publickeyusedonlywhilecertificateisvalid
Privatekeyfordecryptionpartoflocalpolicy

DigitalSignatureKeyPairs
Historicvalidation(nonrepudiation)
Allcertificates,CRLsorstatusasitexisted

Realtime(validcertificateexistsnow)
Softwarepub,CAsignonapublickey,timestamp

CASignatureKeyPairs
Bothrealtime&historicvalidation/impactsallcertificates
signed

Certificate of Authorization
Properuse(i.e.purchasingauthority)
Commitcorporation,authorizedofficial,guaranteeing
authenticity(i.e.software)

Authorizationinformation
Certificatecanconvey(BasicConstraintsfield)
CAcertifyingidentitymaynotknow/corp.security
Authoritymaychangepriortovalidityperiod

AttributeCertificates(boundtocertificatesubject)
ANSIX9fromfinancialindustry/attributeauthority

PrivilegeAttributeCertificate(passedtoapplicationserver&
attachedtosession)

Certificate Infrastructures
SDSI(SimpleDistributedSecurityInfrastructure)
1996SubsetofX.509functionality/omitscomplexity
Specifieslocallinkednaming(personcompany)
Addssimpletypesofauthorization(groupdefinition,
delegationcertificate)

SPKI(SimplePublicKeyInfrastructure)
UnderdevelopmentinIETF
Assignsauthorizationstoapublickeyw/obindingidentityto
companionprivatekey
Simplerencodingscheme/closedgrouppotential

Public Key Infrastructure

Widespreaduserequirespracticalmethods

Scalability
MultipleApplications
InteroperabilityamongInfrastructures
MultiplePolicies&Paths
SimpleRiskManagement
LimitationofCALiability
Standards/StructuringConventions(TrustModels)

Infrastructure Evolution
GeneralHierarchies
TopdownHierarchies(PrivacyEnhanced
MailPEM)
InternetPolicyRegistrationAuthority(IPRA)
OperatedbyMITunderInternetSociety

PolicyCertificationAuthorities(PCA)
MustregisterwithIPRA/specializedorclosed

LowerLevelCertificateAuthorities
Representorganizationsordepartments

Evolution (cont.)
ForestofHierarchies

Trustissueofasingleauthority
Internationalconsiderations
DODproposingw/defenseorgsofalliednations
Complexityincreasesasitgrows

PGPsWebofTrust(EachuserisownCA)
Usercollectskeysonakeyringanddesignatestowhat
extentthekeyistrusted

Certificate Policies
ProgressiveConstraintTrustModel
AnyCAspecifiesconditionsorlimitationson
subject

CertificatePoliciesExtension
X.509V.3addsfieldforconveyingcertificate
policyreferences
Usersystemsarepreprogrammedtoacceptan
appropriatelevelofpolicyreferences
Criticalornoncriticalflags(musthavev.like)

Certificate Management
Legislation
SpottyinUSandglobal
Utah,California,Denmark,Germany,Italy
UNModelLaw/UNCITRALplannedstudy

Technologyneutralorspecific
Minimalistapproachforflexibility
Validity&enforceabilitytoelectronicmessages

Quality,Standards,&Liability

SET Infrastructure
Visa/MasterCardjointventure
Comprehensiveprotocol&infrastructure
Publickeytechnology

Encryptionofpaymentinstructions
Authenticationofcardholders&merchants
Authenticationofacquirers(processorbanks)
Integrityprotectionoftransactioninfo

Topdownhierarchyinfrastructure
RootCA,BrandCA,CardholderCA,Merchant
CA

DOD MISSI Infrastructure

NSAMultilevelInformationSystems
SecurityInitiative
DODDefenseMessagingSystem(DMS)
Topdownhierarchy

PolicyApprovingAuthority
PolicyCreatingAuthority
AdministrativeCA
OrganizationalRegistrationAuthority