1 / 68

Comp 655 - Security

This course covers the fundamental concepts of security, including encryption, major functions of a security system, and understanding common exploits. Students will learn how to design secure systems and analyze security risks.

dannyi
Download Presentation

Comp 655 - Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comp 655 - Security • Commercial for Comp 676 • Security basics • Encryption • Major functions of a security system Distributed Systems - Comp 655

  2. Commercial: Comp 676 • Explain the basic concepts • Develop a beginning threat model for analyzing security risks. • Basic principles of cryptography and how cryptography is used • Understand common exploits • Understand the basic principles for designing secure systems. • Look at every program or piece of code encountered after completing this course with a certain level of suspicion and paranoia. ;-) Distributed Systems - Comp 655

  3. More about 676 Prerequisites • COMP 655 - Operating and Distributed Systems is strongly recommended. • Familiarity with C or C++ is essential (Perl or Java would be helpful) • Students should be comfortable reading small code fragments in many languages • Being slightly paranoid is helpful! Distributed Systems - Comp 655

  4. Ethics and 676 In order to protect both Franklin University and the instructor from potential third party lawsuits, students will be required to sign an agreement that they will not use the knowledge gained within this class to practice unlawful or unethical behavior. This statement must signed and turned into the instructor before the second class, otherwise students will not be admitted into the second and subsequent classes. Distributed Systems - Comp 655

  5. Comp 655 - Security • Commercial for Comp 676 • Security basics • Encryption • Major functions of a security system Distributed Systems - Comp 655

  6. Types of security • Confidentiality • Information disclosed only to authorized parties • Integrity • Information can be created, changed, or deleted only in authorized ways Distributed Systems - Comp 655

  7. Types of threats • Interception (confidentiality) • Interruption (integrity) • Modification (integrity) • Fabrication (integrity) Distributed Systems - Comp 655

  8. Major functions of a security system • Authentication • Authorization • Administration • Journaling • Intrusion detection Distributed Systems - Comp 655

  9. Security basics General advice when dealing with security: • Always stay in touch with the basic question: what is the problem you are trying to solve? • Compare the cost of security to the cost of loss These should be covered in a security policy Distributed Systems - Comp 655

  10. Security policy basics • A security policy defines the security requirements for a system • A security policy identifies • Types of entities in the system For example, “instructor”, “student”, “gradebook application” • Types of actions supported by the system For example, “view grades”, “assign grades” • Which types of entities are allowed to perform which types of actions Distributed Systems - Comp 655

  11. More about security policy Examples of security policy statements: • An instructor is allowed to assign and view grades for all students in sections taught by the instructor • An instructor is not allowed to assign or view grades for any section that he or she did not teach • A student is allowed to view all of his or her grades • A student is not allowed to assign grades Distributed Systems - Comp 655

  12. Yet more security policy • Policy deals with roles, not individuals. For example, some Franklin students are also instructors • Policy must be specific to a system • “users may perform only authorized actions” is NOT useful policy • “instructors and administrators may assign grades” is much more useful • Writing a good policy is usually hard • Can any administrator assign a grade? • Or only department chairs and deans with responsibility for the course? • Can the college president assign a grade? Distributed Systems - Comp 655

  13. Activity: DiNo Security policy • Imagine that DiNo needs to support confidential notebooks • Discuss the security aspects of DiNo • What types of entities and operations are important? • What should the security priorities be? • List at least five policies about who’s allowed to do what • NOTE: “all users must be authenticated” does NOT belong in a security policy – it’s about implementation, not requirements Distributed Systems - Comp 655

  14. Terms • Vulnerability • Attack • Exploit • Cracker • White/gray/black hat • Script kiddie Distributed Systems - Comp 655

  15. Kevin Mitnick’s work today • The simple fact is this: People are, and always have been, the most vulnerable aspect of any organization's security infrastructure … http://www.mitnicksecurity.com/ Interview on 60 Minutes Distributed Systems - Comp 655

  16. Security – human aspects • “Human engineering” is the most effective way to gain unauthorized access to systems • Helpfulness can be abused • Garbage can be sifted • Etc • Basically, it’s a never-ending dialog between builders and crackers If you remember nothing else from tonight … Distributed Systems - Comp 655

  17. Tools for the security provider • Encryption • Explicit, well-considered policy • QA for code • Security education for developers (for example, see http://www.sans.org/top25errors) • Security education for others with access to sensitive information • Firewalls • Audits • Monitoring Distributed Systems - Comp 655

  18. More security tools • Research • Former crackers with changed motives • Good system administration, including keeping up with patches • Virus checkers (pattern, heuristic) Distributed Systems - Comp 655

  19. Resources • CERT: www.cert.org/ • CSRC (NIST): csrc.nist.gov/ • Steve Gibson: grc.com/default.htm • Counterpane: www.counterpane.com/crypto-gram.html • And 400,000,000 others … Distributed Systems - Comp 655

  20. Activity – implementing your policy • For each of the five statements in your security policy exercise, identify one or more techniques that could be used to enforce it. Distributed Systems - Comp 655

  21. Comp 655 - Security • Commercial for Comp 676 • Security basics • Encryption • Major functions of a security system Distributed Systems - Comp 655

  22. Encryption - general Distributed Systems - Comp 655

  23. More terminology • Symmetric cryptosystem • aka secret-key, shared-key • Asymmetric cryptosystem • aka public-key • Computational infeasibility • Hash function • Block cipher • Stream cipher Distributed Systems - Comp 655

  24. Important encryption algorithms • DES • AES • RSA • MD5 • SHA-1 Distributed Systems - Comp 655

  25. DES Distributed Systems - Comp 655

  26. DES key generation Distributed Systems - Comp 655

  27. Attacks on DES • Analytical • DES has held up pretty well • Brute force • Hardware is now fast enough to allow practical guess-and-check attacks on 56-bit DES • Triple DES “appears to be safe for the moment” Distributed Systems - Comp 655

  28. AES • NIST selection process, 1997-2000, whose goal was a symmetric block cipher to replace DES for protection of sensitive unclassified information. AES is • unclassified • publicly disclosed encryption • available royalty-free, worldwide • supports block sizes of at least 128 bits • supports key sizes of 128, 192, and 256 bits. Distributed Systems - Comp 655

  29. AES Selection criteria • Security was the most important factor, including • resistance to cryptanalysis • soundness of mathematical basis • randomness of the algorithm output • relative security as compared to other candidates. • Cost was a second important area • licensing requirements • speed on various platforms • memory requirements Distributed Systems - Comp 655

  30. AES Selection Criteria continued • Algorithm characteristics • Adaptability to larger key sizes • Adaptability to other applications, including stream cipher, hash • Adaptability to various implementation environments including software, firmware, hardware • Overall simplicity Distributed Systems - Comp 655

  31. AES continued • Winner was Rijndael (“Rhine-doll”) • NIST evaluation tested C and Java implementations of the candidates • Implementations have also appeared in Lisp, Pascal, JavaScript, C++, hardware, etc • See the NIST crypto toolkit web site: http://csrc.nist.gov/CryptoToolkit/ Distributed Systems - Comp 655

  32. RSA • Widely used for public-key cryptosystems • Relies on computational infeasibility of factoring a product of large primes • A key set includes • d (decryption key) • e (encryption key) • n (product of large primes) Distributed Systems - Comp 655

  33. RSA continued • Publish n and one key, keep the other key private • Which key gets published depends on the problem you’re trying to solve • Publish encryption key for data protection • Publish decryption key for authentication • Expensive! (2-3 orders of magnitude slower than DES) Distributed Systems - Comp 655

  34. Cryptographic hash functions • With encryption, they guard against modification • (kind of like a checksum or check digit) • A hash computes a fixed-length summary (or digest) of a string (message) that is hard to reproduce • Given a message m, it’s computationally infeasible to find another message m’ such that H(m’) = H(m). • And it’s even harder to find such an m’ that says what you want … Distributed Systems - Comp 655

  35. Using a cryptographic hash:digital signature Distributed Systems - Comp 655

  36. MD5 ‘<<<‘ is a “circular shift”: 10110001 <<< 3 = 10001101 Distributed Systems - Comp 655

  37. SHA-1 (from Adam Back’s web site) • SHA1 (Secure Hash Algorithm 1) is a cryptographic message digest algorithm. • It is considered to be more secure than MD5 • it has longer hash size • Hans Dobbertin discovered a partial weakness in the MD5 collision function. • There was a SHA0 but it had some security problems which were fixed in SHA1. http://www.cypherspace.org/adam/rsa/sha.html Distributed Systems - Comp 655

  38. Comp 655 - Security • Commercial for Comp 676 • Security basics • Encryption • Major functions of a security system Distributed Systems - Comp 655

  39. Major functions of a security system • Authentication • Authorization • Administration • Journaling • Intrusion detection Distributed Systems - Comp 655

  40. Authentication is … Checking that you are who you say you are Distributed Systems - Comp 655

  41. Implementation – authentication in Kerberos Kerberos • is a network authentication protocol • provides strong authentication for client/server applications by using secret-key cryptography • implementations are available commercially and free from MIT • assumes black-hats are sniffing and spoofing everywhere Distributed Systems - Comp 655

  42. Session key TG Ticket Secret key Service ticket How Kerberos authentication works Distributed Systems - Comp 655

  43. Setting up a secure channel with Kerberos How does Bob know KB,TGS? It’s the session key he got at his login Distributed Systems - Comp 655

  44. Activity - authentication • When you talk to someone on the phone, how do you know who it is? • List at least three ways • For each way, how can it be spoofed? • If you suspect you’re being spoofed, how can you verify the other person’s identity? • Same two questions for instant messaging Distributed Systems - Comp 655

  45. Major functions of a security system • Authentication • Authorization • Administration • Journaling • Intrusion detection Distributed Systems - Comp 655

  46. Authorization is … Granting access to resources so that the ability to create, read, update, or delete things is available only to those who are authorized. Distributed Systems - Comp 655

  47. How will it decide? What data will it use? How will it enforce its decision? Authorization - General Distributed Systems - Comp 655

  48. ACLs vs Capabilities Distributed Systems - Comp 655

  49. Java Security • Top-priority problem: protect hosts from damage or eavesdropping by mobile Java code. • For applets, security is built on a co-ordinated authorization system called a “sandbox”. Distributed Systems - Comp 655

  50. Java Sandbox overview Distributed Systems - Comp 655

More Related