Post on 05-Jan-2016
KeyNote Presentation
KeyNoteKeyNote
Vishwas Patil, TIFR. 2/10KeyNote Presentation
KeyNote: “?”KeyNote: “?”
Aim:- A notation for specifying local security policies and security credentials that can be sent over an untrusted network.
Vishwas Patil, TIFR. 3/10KeyNote Presentation
KeyNote: versus PolicyMakerKeyNote: versus PolicyMaker
KeyNote predicate notations are based on C-like expressions and regular expressions.
KeyNote assertions always return a boolean. It has built-in credential signature verification. Human-readable assertion syntax (RFC 822). Trusted actions are described by simple
attribute/value pair.
But it is similar in spirit to that of PolicyMaker!
Vishwas Patil, TIFR. 4/10KeyNote Presentation
KeyNote: ApproachKeyNote: Approach
KeyNote accepts as input a set of local policy assertions, a collection of credential assertions, and a collection of attributes (action environment) that describes a proposed trusted action associated with a set of public-keys.
By applying assertion predicates to the environment it decides consistency of actions with local policy.
Vishwas Patil, TIFR. 5/10KeyNote Presentation
KeyNote: ArchitectureKeyNote: Architecture
KeyNote is monotonic; adding an assertion to a query can never result in a query's having a lower compliance value that it would have had without the assertion.
Removing an assertion never results in increasing the compliance value returned by KeyNote for a given query.
The monotonicity property can simplify the design and analysis of complex network- based security protocols.
Vishwas Patil, TIFR. 6/10KeyNote Presentation
KeyNote: Architecture KeyNote: Architecture ContinuedContinued
KeyNote does not itself provide credential revocation services.
KeyNote compliance checker helps in verifying (signature) the credentials received from untrusted requestor.
Vishwas Patil, TIFR. 7/10KeyNote Presentation
Vishwas Patil, TIFR. 8/10KeyNote Presentation
Keynote: Basic Syntax structureKeynote: Basic Syntax structure A KeyNote assertion contains a sequence of sections, called fields, each of which
specifies one aspect of the assertion's semantics. Fields start with an identifier at the beginning of a line and continue until the next field
is encountered.<Assertion>:: <VersionField>? <AuthField> <LicenseesField>? <LocalConstantsField>? <ConditionsField>? <CommentField>? <SignatureField>? ;
[X]* means zero or more repetitions of character string X.[X]+ means one or more repetitions of X.<X>* means zero or more repetitions of non-terminal <X>.<X>+ means one or more repetitions of X.<X>? means zero or one repetitions of X. Nonterminal grammar symbols are enclosed in angle brackets. Quoted strings in grammar productions represent terminals. All KeyNote assertions are encoded in ASCII.
Vishwas Patil, TIFR. 9/10KeyNote Presentation
KeyNote: SemanticsKeyNote: Semantics
Informally, the semantics of KeyNote evaluation can be thought of as involving the construction of a directed graph of KeyNote assertions rooted at a POLICY assertion that connects with at least one of the principals that requested the action.
Semantics are almost similar to PolicyMaker. RFC 2704 gives detailed description of the
semantics.
Vishwas Patil, TIFR. 10/10KeyNote Presentation
KeyNote: DiscussionKeyNote: Discussion
Advantages / Disadvantages Evaluation: simplicity, expressiveness, generality,
extensibility Open-Source implementations available. OpenBSD uses it in IPSEC implementation. $ man keynote