1 / 9

MMC Security Issues

MMC Security Issues. James A. Rome Oak Ridge National Laboratory jar@ornl.gov. Elements of security. Confidentiality : Disclosure of information only to authorized entities Integrity : Prevention of unauthorized changes to data

hedwig
Download Presentation

MMC Security Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MMC Security Issues James A. Rome Oak Ridge National Laboratory jar@ornl.gov

  2. Elements of security • Confidentiality: Disclosure of information only to authorized entities • Integrity: Prevention of unauthorized changes to data • Authenticity: Confidence that a message was sent by a certain party and not an imposter • Availability: Guarantee of access to resources

  3. Security is vital on the Web • We are putting valuable and complicated facilities online • The data generated using these facilities may be proprietary • If security “gets in the way” it will not be used • If security is too weak, valuable assets at risk.

  4. What sort of threats are there? • Direct attacks on facilities • Theft of data (often undetected) • Subtle changes to data (often undetected) • Denial of serviceRemove the ability of legitimate users to access the facility • Flooding the network with traffic • Impersonating the user • Changing routers • . . . .

  5. MMC Approach to security • An X.509 certificate binds a user’s public key to his identity and is digitally signed by a (trusted) certificate authority. • Strong authentication via client and server X.509 certificates. • One-time user login to activate user’s private key • Key can be exported and used for S/MIME encrypted E-mail and other applications • We hope to use this security context (the user’s keys) to provide strong authorization

  6. Entrust certificates • Entrust certificates contain two key pairs • signing key • escrowed encrypting key • Entrust will have a plugin for Netscape that replaces Netscape’s certificate protocols with calls to the Entrust certificate server • The Web’s SSL protocol will be used to encrypt all HTML traffic between the user and server. • The same security context can be used for “Entrust aware applications”

  7. Strong authorization • Authority certificates bind a user’s public key to an authority to do something and are digitally signed by the owner of the resource. (LBNL) • Collections of these certificates can be used (in programs) to describe very complicated policies. • To use an online microscope, certificates might be: • training certification • payment proof • reservation • . . .

  8. MMC application • Secure a Web-based prototype • Client and server certificates — authentication • SSL encryption • Host data protection via directory access • Use the Entrust security context to • Encrypt communication channels • Create secure control applications • Create certificate issuing programs • Create a security services engine

  9. Architecture requirements • Applications need to know who the user is at all times • must keep track of the public key • User must be able to access his private key to sign things • Control applications need to call security services before each new control is enabled • Data must be encrypted in transmission, and maybe in storage

More Related