Content : Access and Authentication Technology Authentication methods: PPP, PAP, CHAP, EAP AAA,...

Content :Content :

• Access and Authentication Technology

• Authentication methods: PPP, PAP, CHAP, EAP

• AAA, RADIUS, TACACS, TACACS, Kerberos

• Authentication Header (AH)

UNIT 4UNIT 4

• Virtual Private Networks (VPN): VPN Architectures

• Encapsulating Security Payload (ESP)

• Authentication On Wireless LANs

Access Control Processes

Access control is the heart of security Definitions:

The ability to allow only authorized users, programs or processes system or resource access

The granting or denying, according to a particular security model, of certain permissions to access a resource

An entire set of procedures performed by hardware, software and administrators, to monitor access, identify users requesting access, record access attempts, and grant or deny access based on preestablished rules.

Access Control (AC)

Access Control

Access Control

Access control is the policy-driven limitation of access to systems, data, and dialogs

Prevent attackers from gaining access, stopping them if they do

Access Control

What Access Permissions (Authorizations) Should They Have?

Access permissions (authorizations) define whether a role or individual should have any access at all

If so, exactly what the role or individual should be allowed to do to the resource.

Usually given as a list of permissions for users to be able to do things (read, change, execute program, etc.) for each resource

Access Control How Should Access Control Be Implemented?

For each resource, need an access protection plan for how to implement protection in keeping with the selected control policy

For a file on a server, for instance, limit authorizations to a small group, harden the server against attack, use a firewall to thwart external attackers, etc.

…

Access Control

Policy-Based Access Control and Protection

Have a specific access control policy and an access protection policy for each resource

Focuses attention on each resource

Guides the selection and configuration of firewalls and other protections

Guides the periodic auditing and testing of protection plans

Access control lists (ACL)

A file used by the access control system to determine who may access what programs and files, in what method and at what time

Different operating systems have different ACL terms

Types of access (locks): Read/Write/Create/Execute/Modify/Delete/Rename

AC is implemented for all IS components including:

Hardware Software

Application Protocol (Kerberos, IPSec)

Physical Logical (policies)

AC protect all IS components including:

Data: Unauthorized viewing, modification or copying

System: Unauthorized use, modification or denial of service

It should be noted that nearly every network operating system (NT, Unix,

Vines, NetWare) is based on a secure physical infrastructure

Access Control

First Steps

Enumeration of Resources

Sensitivity of Each Resource

Next, who Should Have Access?

Can be made individual by individual

More efficient to define by roles (logged-in users, system administrators, project team members, etc.)

Access Control

What Access Permissions (Authorizations) Should They Have (Keys)?

Access permissions (authorizations) define whether a role or individual should have any access at all

If so, exactly what the role or individual should be allowed to do to the resource.

Usually given as a list of permissions for users to be able to do things (read, change, execute program, etc.) for each resource

Access Control How Should Access Control Be Implemented?

For each resource, need an access protection plan for how to implement protection in keeping with the selected control policy

For a file on a server, for instance, limit authorizations to a small group, harden the server against attack, use a firewall to thwart external attackers, etc.

…

Access Control

Policy-Based Access Control and Protection

Have a specific access control policy and an access protection policy for each resource

Focuses attention on each resource

Guides the selection and configuration of firewalls and other protections

Guides the periodic auditing and testing of protection plans

Is the ability to limit and control the access to the systems and application.

Access ControlAccess Control

Tools:Physical access control

Finger Prints. Eyes Recognition. Voice Identification. Smart Card.

Password. Firewalls.

Logical access control:


Smart Cards


Password

Personnel Identification and Authentication tools

http://images.google.com/imgres?imgurl=www.thinkgeek.com/images/products/zoom/fingerprint-mouse.jpg&imgrefurl=http://www.thinkgeek.com/gadgets/security/5f11/zoom/&h=228&w=400&sz=8&tbnid=vXp2LqdOKTwJ:&tbnh=68&tbnw=119&start=1&prev=/images%3Fq%3Dfingerprint%2Bmouse%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26safe%3Doff%26sa%3DN


Finger Prints.

Token Ring

Password Hashing (or Encryption)

Client PCUser Ali

Server

1.User = Aly

Password = My4Bad

2.Hash

My4Bad=

11110000

3.Hashes Match

Hashed Password FileAhmed 11001100Ali 11110000Mohmd 00110011Samir 11100010

4. Hashes Match,

So User isAuthenticated

One way Hash One way Hash Function Function

Password

Host

Hash value

Passwords File……….………..………..

A’s Password………..………..

Compare

Hash Function

No

User A

Insert Password

AuthenticationAuthentication

Steps1. The user sends a request to the

server seeking for permission to enter the secured website

2. The server asks for his username and password to check if that person is who he is declared to be

3. The user then signs in and sends the request back to the server

4. Server will verify his identity and check if he is an authorized user .

After confirming his identity, the server would send back an approval or a denial of access to the website..

1. What a client knows2. What a client has3. Who a client is4. What a client produces

Authentication FormsAuthentication Forms

1. What a client knows: This form of authentication deals with what the client knows. For example: passwords and user IDs.

2. What a client has: The second form of authentication deals with something that the client possesses. Such things include tokens and

smart cards. Smart cards are cards that contain a computer chip to verify the user's identity. Tokens, on the other hand, are cards

equipped with a computer chip and a liquid crystal display showing a computer-generated number sequence for remote login

authentication 3. What a client is: The third form of authentication is related to the

characteristics of the supplicant. Such characteristics are fingerprint, iris pattern, hand geometry and retinal print. Because these characteristics are unique to every individual supplicant, it

can be used by systems to authenticate its users 4. What a client produces: The final form of authentication that we are covering addresses what the client produces. Such examples are

technologies on signature or voice recognition, e.g. credit card payment system.

AUTHENTICATION METHODS

Biometric Authentication


Biometric Authentication Authentication based on body

measurements and motions Because you always bring your body with

you

Biometric Systems Enrollment Later access attempts

Acceptance or rejection

Biometric Authentication System

1. Initial Enrollment

2. Subsequent Access

User LeeScanning

ApplicantScanning

Template DatabaseBrown 10010010Lee 01101001Chun 00111011Hirota 1101110… …

3. Match IndexDecision Criterion(Close Enough?)

Processing(Key Feature Extraction)

A=01, B=101, C=001

User LeeTemplate

(01101001)

UserAccess Data(01111001)

Processing(Key Feature Extraction)

A=01, B=111, C=001


Verification Versus Identification

Verification: Are applicants who they claim to be? (compare with single template)

Identification: Who is the applicant? (compare with all templates)

More difficult than verification because must compare to many templates

Watch list: is this person a member of a specific group (e.g., known terrorists)

Intermediate in difficulty


Verification Versus Identification

Verification is good for replacing passwords in logins

Identification is good for door access and other situations where entering a name would be difficult


Precision False acceptance rates (FARs):

Percentage of unauthorized people allowed in

Person falsely accepted as member of a group

Person allowed through a door who should be allowed through it

Very bad for security


Precision False rejection rates (FRRs): Percentage of

authorized people not recognized as being members of the group

Valid person denied door access or server login because not recognized

Can be reduced by allowing multiple access attempts

High FRRs will harm user acceptance because users are angered by being falsely forbidden


Precision Vendor claims for FARs and FRRs tend to be

exaggerated because they often perform tests under ideal circumstances

For instance, having only small numbers of users in the database

For instance, by using perfect lighting, extremely clean readers, and other conditions rarely seen in the real world


User Acceptance is Crucial Strong user resistance can kill a system Fingerprint recognition may have a criminal

connotation Some methods are difficult to use, such as iris

recognition, which requires the eye to be lined up carefully.

These require a disciplined group


Biometric Methods Fingerprint recognition

Dominates the biometric market today Based on a finger’s distinctive pattern of

whorls, arches, and loops Simple, inexpensive, well-proven Weak security: can be defeated fairly easily

with copies Useful in modest-security areas


Biometric Methods Iris recognition

Pattern in colored part of eye

Very low FARs

High FRR if eye is not lined up correctly can harm acceptance

Reader is a camera—does not send light into the eye!


Biometric Methods Face recognition

Can be put in public places for surreptitious identification (identification without citizen or employee knowledge). More later.

Hand geometry: shape of hand Voice recognition

High error rates Easy to fool with recordings


Biometric Methods Keystroke recognition

Rhythm of typing Normally restricted to passwords Ongoing during session could allow

continuous authentication

Signature recognition Pattern and writing dynamics


Biometric Standards Almost no standardization Worst for user data (fingerprint feature

databases) Get locked into single vendors


Can Biometrics be Fooled? Airport face recognition

Identification of people passing in front of a camera

False rejection rate: rate of not identifying person as being in the database

Fail to recognize a criminal, terrorist, etc.

FRRs are bad



4-week trial of face recognition at Palm Beach International Airport

Only 250 volunteers in the user database (unrealistically small)

Volunteers were scanned 958 times during the trial

Only recognized 455 times! (47%)

53% FRR



Recognition rate fell if wore glasses (especially tinted), looked away

Would be worse with larger database

Would be worse if photographs were not good


Can Biometrics be Fooled? DOD Tests indicate poor acceptance

rates when subjects were not attempting to evade

270-person test

Face recognition recognized person only 51 percent of time

Even iris recognition only recognized the person 94 percent of the time!

Biometrics Authentication

Can Biometrics be Fooled? Other research has shown that evasion

is often successful for some methods

German c’t magazine fooled most face and fingerprint recognition systems

Prof. Matsumoto fooled fingerprint scanners 80 percent of the time with a gelatin finger created from a latent (invisible to the naked eye) print on a drinking glass

Password-Based Access Control

Server Password Cracking:

Reusable Passwords A password you use repeatedly to get

access to a resource on multiple occasions

Bad because attacker will have time to learn it; then can use it

Difficulty of Cracking Passwords by Guessing Remotely Usually cut off after a few attempts However, if can steal the password file,

can crack passwords at leisure

Server Password Cracking

Hacking Root Super accounts (can take any action in any

directory) Hacking root in UNIX Super accounts in Windows (administrator) and

NetWare (supervisor) Hacking root is rare; usually can only hack an

ordinary user account May be able to elevate the privileges of the user

account to take root action


Physical Access Password Cracking l0phtcrack

Lower-case L, zero, phtcrack

Password cracking program

Run on a server (need physical access)

Or copy password file and run l0phtcrack on another machine.


Physical Access Password Cracking Brute-force password guessing

Try all possible character combinations Longer passwords take longer to crack Using more characters also takes longer

Alphabetic, no case (26 possibilities) Alphabetic, case (52) Alphanumeric (letters and numbers) (62) All keyboard characters (~80)

Password Length

PasswordLength In

Characters

1

2 (N2)

4 (N4)

6

8

10

Alphanumeric:Letters &

Digits (N=62)

62

3,844

14,776,336

56,800,235,584

2.1834E+14

8.39299E+17

All KeyboardCharacters

(N=~80)

80

6,400

40,960,000

2.62144E+11

1.67772E+15

1.07374E+19

Alphabetic,Case

(N=52)

52

2,704

7,311,616

19,770,609,664

5.34597E+13

1.44555E+17

Alphabetic,No

Case (N=26)

26

676

456,976

308,915,776

2.08827E+11

1.41167E+14


Physical Access Password Cracking Brute Force Attacks

Try all possible character combinations Slow with long passwords length

Dictionary attacks Try common words (“password”, “ouch,”

etc.) There are only a few thousand of these Cracked very rapidly

Hybrid attacks Common word with single digit at end, etc.


Password Policies Good passwords

At least 6 characters long

Change of case not at beginning

Digit (0 through 9) not at end

Other keyboard character not at end

Example: triV6#ial


Password Policies

Testing and enforcing password policies Run password cracking program against own

servers

Caution: requires approval! SysAdmins have been fired for doing this without permission—and should be

Password duration policies: How often passwords must be changed


Password Policies Password sharing policies: Generally,

forbid shared passwords Removes ability to learn who took actions;

loses accountability

Usually is not changed often or at all because of need to inform all sharers


Password Policies Disabling passwords that are no longer

valid

As soon as an employee leaves the firm, etc.

As soon as contractors, consultants leave

In many firms, a large percentage of all accounts are for people no longer with the firm


Password Policies Lost passwords

Password resets: Help desk gives new password for the account

Opportunities for social engineering attacks

Leave changed password on answering machine

Biometrics: voice print identification for requestor (but considerable false rejection rate)


Password Policies Lost passwords

Automated password resets

Employee goes to website

Must answer a question, such as “In what city were you born?”

Problem of easily-guessed questions that can be answered with research


Password Policies Encrypted (hashed) password files

Passwords not stored in readable form

Encrypted with DES or hashed with MD5

In UNIX, etc/passwd puts x in place of password

Encrypted or hashed passwords are stored in a different (shadow) file to which only high-level accounts have access


Password Policies Windows passwords

Obsolete LAN manager passwords (7 characters maximum) should not be used

Windows NTLM passwords are better

Option (not default) to enforce strong passwords


Shoulder Surfing Watch someone as they type their password

Keystroke Capture Software Professional versions of windows protect

RAM during password typing Consumer versions do not Trojan horse throws up a login screen later,

reports its finding to attackers


Windows Client PC Software Consumer version login screen is not for

security Windows professional and server versions provide

good security with the login password BIOS passwords allow boot-up security

Can be disabled by removing the PC’s battery But during a battery removal, the attacker will be very

visible Screen savers with passwords allow away-from-

desk security after boot-up

Content :Content :





UNIT 4UNIT 4




1. Authentication and authorization technologies (e.g., userID and password with PAP [Password Authentication

Protocol] and CHAP [Challenge Handshake Authentication Protocol], Kerberos, etc.)

2. Token cards3. PPP Extensible Authentication Protocol (EAP)

4. Microsoft Point-to-Point Encryption (MPPE)5. Key-management protocols, e.g., Internet Security

Association and Key Management Protocol (ISAKMP), Internet Key Exchange (IKE), etc.

6. Digital certificates7. Digital signatures

8. Message authentication codes (MACs)9. Wireless Encryption Technologies (e.g., WEP, 802.11i)


1.A number of other userID and password authentication technologies with improved security

have also been designed, primarily to be employed during a user log-in process.

2.A good example is Password Challenge Handshake Authentication Protocol (CHAP). In a network environment, because the log-in process first authenticates the user and then establishes a

session (a logical connection) for the user if the user is indeed authorized


PPP Authentication

No AuthenticationIs an Option

ClientServer

To establish communications over a point-to-point link, each end of the PPP link must first send link configuration packets to configure the data link during the Link

Establishment Phase. After the link has been established, PPP provides for an optional Authentication

Phase before proceeding to the Network-Layer Protocol Phase.The authentication protocols are intended for use by hosts and routers that connect to

a PPP network server via switched circuits, dial-up lines, or dedicated links.

PAP is a simple proprietary userID and password authentication protocol.

With PAP, the password is sent across the network to be compared against an encrypted password file on the

access server. If the password matches the associated userID, the connection is established.

Because the password can potentially be intercepted by a hacker, PAP is not considered to be secure.

PAP [Password Authentication Protocol]

PPP Authentication

PAP Authentication

Authentication-Request Messages(Send Until Response)

Authentication-Response MessageClientServer

Poor Security: Usernames and PasswordsAre Sent in the Clear

CHAP addresses the PAP deficiencies by having a server send a randomly generated “challenge” to the client along with the hostname.

The hostname is used by the client to look up the appropriate password, which is then combined with the challenge and encrypted using a one-way hashing

function to produce a result that is then sent to the server along with the client userID.

The server performs the same computation using the password and compares the result with the result that has been sent back by the client.

If there is a match, the connection will be established. Because the challenge is different in every session, a hacker cannot replay the sequence.

The specific method to be used can be negotiated by a client when connecting to an RAS.

CHAP allows different types of encryption algorithms to be used. Most commercial RASs support Data Encryption Standard (DES) and Message Digest

5 (MD5).

Password Challenge Handshake Authentication Protocol (CHAP)

MS-CHAP Challenge-Response Authentication Protocol

2.Verifier sends Challenge Message

Challenge

Applicant(Client)

Verifier(Server)

1.Verifier creates

Challenge Message

Note: Both the client and the serverknow the client’s password.


3.

Applicant (Supplicant)creates a Response Message:

(a) Adds password toChallenge Message

(b) Hashes the resultant bitstring (does not encrypt)

(c) The hash is theResponse Message

ChallengePassword

Response

Hashing(Not Encryption)


4.Applicant sends Response Message without encryption

Transmitted Response


ChallengePassword

Expected Response

Hashing

5.

Verifier adds password to theChallenge Message it sent.

Hashes the combination.This is the expectedResponse Message.


Expected ResponseTransmitted Response =?

6.If the two Response Messages are equal, the

applicant knows the password and is authenticated.Sever logs Client in.

7.Note that only hashing is involved.

There is no encryption.

PPP Authentication

CHAP Authentication

Challenge Message

Response MessageHash (Challenge Message + Secret) ClientServer

Server computes hash of challenge message plus secretIf equals the response message, authentication is successful

PPP Authentication

MS-CHAP Authentication

Challenge Message

Response MessageHash (Challenge Message + Password) ClientServer

CHAP, but with password as the secret.Widely used because allows password authentication

Standard on Microsoft Windows clientOnly as secure as password strength

EAP is a general protocol for PPP authentication that supports multiple authentication mechanisms. EAP does not select a specific authentication mechanism at Link

Control Phase, but rather postpones this until the Authentication Phase. This allows the authenticator to request more information before determining the specific authentication mechanism. This also permits the use of a back-end server that

actually implements the various mechanisms, whereas the PPP authenticator merely passes through the authentication exchange.

The following are the basic steps involved in the EAP authentication process:1) After the Link Establishment phase is complete, the authenticator sends one or more

Requests to authenticate the peer. The Request has a type field to indicate what is being requested. Examples of Request types include Identity, MD5-challenge, One-

Time Pass words, Generic Token Card, etc. The MD5-challenge type corresponds closely to the CHAP authentication protocol. Typically, the authenticator will send

an initial Identity Request followed by one or more Requests for authentication information. An initial Identity Request is not required, and may be bypassed in

cases where the identity is presumed (leased lines, dedicated dial-ups, etc.).2) The peer sends a Response packet in reply to each Request. As with the Request packet, the Response packet contains a type field that corresponds to the type field

of the Request.3) The authenticator ends the authentication phase with a Success or Failure packet.

PPP Extensible Authentication Protocol (EAP)

PPP Authentication

EAP Authentication

Authenticate

Defer authentication;Will provide more information ClientServer

EAP defers authentication to a later processSuch as RADIUS authentication

PPP Encryption

New PPP Header.Plaintext.

Original PPP Frame.Encrypted.

New PPP Trailer.Plaintext.

New PPP Header.Plaintext.

EAP headerNew PPP Trailer.

Plaintext.

CodeIdentifierLength

PPP with EAP Encryption

PPP on Direct Links and Internets

Connection over Direct Link

PPP Provides End-to-End Link

PPP Frame

Verifier(Server)

Applicant(Client)


Connection over Internet

PPP Frame inIP Packet

PPPLimitedto First

Data Link(Network)

Verifier(Server)

Applicant(Client)

RouterRouter


Note: Tunneling Places the PPP Frame in an IP

Packet, Which Delivers the Frame. To the Receiver, Appears to be a Direct

Link. Allows organization to continue using

existing PPP-based security such as encryption and authentication

Layer 2 Tunneling Protocol (L2TP)

InternalServer

L2TPRAS

DSL AccessMultiplexer(DSLAM)with L2TP

ClientRunning

PPP

Carrier Network

LocalNetwork

L2TP Tunnel DSL

Note: L2TP does not provide security. It provides only tunneling.L2TP recommends the use of IPsec for security.

Content :Content :





UNIT 4UNIT 4




Point-to-Point Tunneling Protocol (PPP)

RADIUSServer

PPTPRAS

ISPPPTP

AccessConcentrator

CorporateSite A

IP Protocol 47 (GRE) Data Connection

TCP Port 1723SupervisoryConnection(Vulnerable)

InternetRemote

CorporatePC

LocalISP Access

(Not Secure)

RADIUS Server

Point-to-Point Tunneling Protocol (PPP)

RADIUSServer

PPTPRAS

CorporateSite A

IP Protocol 47 (GRE) Data Connection

TCP Port 1723SupervisoryConnection(Vulnerable)

InternetRemote

CorporatePC

Direct connection between PCAnd RADIUS Server

PPTP Encapsulation for Data Frames

Enhanced GeneralRouting

Encapsulation(GRE) Header;

Information AboutEncapsulated

Packet

New IP Header;Protocol=47;

IP DestinationAddress Is That ofRemote Access

Server

EncapsulatedOriginal

IP Packet

RADIUS for Dial-Up Remote Access

RADIUSServer

RAS 1

RAS 2

RemoteCorporate PC

RemoteCorporate PCPublic Switched

TelephoneNetwork

CorporateSite A

2. OK?

1. LoginUsername

And Password

Dial-UpConnection

Dial-UpConnection

RADIUS for Dial-Up Remote Access

RADIUSServer

RAS 1

RAS 2

RemoteCorporate PC

RemoteCorporate PCPublic Switched

TelephoneNetwork

CorporateSite A

3. OK 4. WelcomeDial-Up

Connection

Dial-UpConnection

Kerberos Authentication System

Applicant (A)

Kerberos ServerKey Distribution Center

(K)

Verifier (V)

Abbreviations:A = ApplicantV = VerifierK = Kerberos Server

Kerberos Authentication System

Applicant (A)


(K)

Verifier (V)

1. Request forTicket-Granting

Ticket

2. Response:TGT*, Key nA**

*TGT (Ticket-GrantingTicket) is encrypted in away that only K can decrypt. Containsinformation that Kwill read later.

**Key nA (NetworkLogin Key for A) isencrypted with A’sMaster Key (Key mA).In future interactionswith K, A will use nAto limit the masterkey’s exposure.

Kerberos Ticket-Granting Service: Part 1

Applicant (A)


(K)

Verifier (V)

1. Request Ticket for V; TGT;

Authenticator*encrypted with

Key nA

2. Response:Key AV** encrypted

with Key nA;Service Ticket

*Authenticator is A’sIP address, user name,and time stamp. Thisauthenticator is encryptedwith Key nA to prove thatA sent it.

**Key AV is a symmetric session key that A will usewith V.

Kerberos Ticket-Granting Service: Part 2

Applicant (A)


(K)

Verifier (V)

*Authenticator (Auth) encrypted with Key AV.

**Service Ticket containsKey AV encrypted with theVerifier’s master key, Key mV.

3. Request for Connection:Auth*; Service Ticket**

4. V decrypts Service Ticket;Uses Key AV to test Auth

5. Ongoing Communication with Key AV

1.Kerberos uses a conventional symmetric cryptography, meaning the encryption and

decryption uses the same key for both processes. 2. It makes use of a third trusted party, which stores a

database of secret keys, and is called a Key Distribution Centre (KDC).

3. It consists of an Authentication Server (AS) and a Ticket Granting Server (TGS), to verify the identity

of the client. 4.There are 3 basic steps that are done in order to

authenticate using Kerberos

KERBEROS AUTHENTICATION ALGORITHM

Step 1: The client sends a request to the authenticating server (Kerberos).

The server then locates the client in the database and generates a session key (SK1) to start a session between the client and the

ticket-granting server. Using the client’s secret key, Kerberos will encrypt the SK1, after

which it will use the secret key generated by the TGS to create a ticket- granting ticket (TGT) and send it back to the client.

Step 2: The client decrypts the message sent by the authentication server and receives

the session key. It then uses it to create an authenticator which includes the user’s name, IP

address and timestamp, which disallows others to steal the information from the ticket and the authenticator for later use, and sends it to the TGS together with

the TGT it received. The TGS uses the SK1 inside the TGT to decrypt the authenticator and then

verifies the information it contains, including the ticket. If all are correct, the request is granted.

The TGS then creates a new session key (SK2) to start a session between the client and the target server. Using SK1, it encrypts this message, and sends it back to the client together with a new ticket containing the client’s name, IP address, timestamp and an expiration time (all of which encrypted with the

target server’s secret key), as well as the name of the server.

Step 3: The client decrypts the message sent by the TGS and receives the

second session key. It then creates a new authenticator encrypted with SK2 and sends it

to the target server, together with the session key encrypted using the target server’s secret key.

The target server decrypts and checks all of the information received. Applications that require 2-way authentication are returned a

message with time stamp plus 1, encrypted with SK2.

Finally, the client’s identity has been verified by the server, and now both are able to communicate

securely using a shared encryption key.

Cryptographic key is stored on the smart card, which is unlocked by the user using a special key pair.

In order to authenticate the user, he places his smart card into a special card reader attached to the system he is trying to log in to.

The key from the smart card is being read by the system. The system asks the user for his password to unlock the key.

After the user key in the password, the system performs a cryptographic key exchange with the central server for verification

of the key. The user is being authenticated when the key is verified.

Smart card authentication

1. The Sender Policy Framework (SPF) is an extension to the Simple Mail Transfer Protocol (SMTP).

2. It is an e-mail authentication method that prevents the forgery of the sender address residing in the return-path of an e-mail. Malicious spammers tend to disguise their

identity by making use of other e-mail addresses to send spam e-mails. In this way, these spammers could avoid being tracked down and get caught.

3. Secondly, they could avoid having their own mailbox filled with undelivered bounce e-mails. SPF helps to reduce such incidences of email address and domain spoofing by ensuring that e-mail receivers only receive e-mails from senders that

use a legitimate server of a particular domain.

Sender Policy Framework (SPF)

Content :Content :





UNIT 4UNIT 4




General users in an enterprise should be grouped at a minimum into the following three privilege levels:

1. Employees as users with general access privileges for free access around the network to default network and systems

resources2. Partners as users with lower access privileges for access to some limited, predetermined network and systems resources

3. Outside users with authority to access very limited systems resources (probably only some pieces of data or

applications) through some proxy servers.4. Additional special privilege levels are likely needed, e.g.,

for administrators as users with higher access privileges, which are required to gain access to and to administer

network and systems components like servers, routers, etc.

Levels of Access Privilege

Because IP is by definition a connectionless transport technology utilizing datagram exchanges over the

network, special facilities are needed to ensure user authentication for each of the IP packets transmitted and

received. Two IP authentication mechanisms:

1. Authentication Header AH: which provides integrity and authentication without confidentiality.

2. Encapsulating Security Payload ESP: which always provides confidentiality and optionally also provides

integrity and authentication. Both AH and ESP use an authentication algorithm to

generate authentication information known as the Integrity Check Value (ICV), which is placed in the authentication

data field in the corresponding header.

IP-AUTHENTICATION MECHANISMS

AH defines an Authentication Header that contains the authentication information for the particular IP datagram and is

used to provide connectionless data integrity and source identity authentication for IP datagrams and protection against replays.

This latter, optional service may be selected by the receiver when a Security Association is established. (Although the default calls for the sender to increment the Sequence Number used for anti-replay,

the service is effective only if the receiver checks the Sequence Number.)

AH provides authentication for as much of the IP header as possible, as well as for upper-level protocol data.

However, some IP header fields may change in transit, and the value of these fields, when the packet arrives at the receiver, may

not be predictable by the sender. The values of such fields cannot be protected by AH.

Thus, the protection provided to the IP header by AH is somewhat piecemeal.

Authentication Header AH

1. AH may be applied alone, in combination with ESP, or in a nested fashion through the use of a tunnel mode.

2. Security services can be provided between a pair of communicating hosts, between a pair of communicating security gateways, or

between a security gateway and a host.3. ESP may be used to provide similar security services as AH, and it

also provides an added confidentiality (encryption) service. 4. The primary difference between the authentication capabilities provided by ESP and AH is the extent of the coverage offered by

each. Specifically, ESP does not protect any IP header fields unless those with certain authenticating encryption algorithms. Adding the

AH header to an IP datagram prior to encapsulating the datagram using ESP might be desirable for users wishing to have strong

integrity, authentication, and confidentiality, and perhaps also for users who require strong non-repudiation.

5. When the two mechanisms are combined, the placement of the IP AH makes clear which part of the data is being authenticated.


AH Header Format: The IP protocol header (IPv4, IPv6, or Extension) immediately

preceding AH will contain the value 51 in its Protocol (IPv4) or Next Header (IPv6, Extension) field, where:


Content :Content :





UNIT 4UNIT 4




IPsec ESP and AH Protection

IPHeader

ESPHeader

ProtectedESP

Trailer

IPHeader

AuthenticationHeader

Protected

Confidentiality

Authentication and Message Integrity

Authentication and Message IntegrityNo Confidentiality

Protocol = 50

Protocol = 51

EncapsulatingSecurityPayload

AuthenticationHeader

Modes and Protections

ESPConfidentialityAuthenticationIntegrity

AHAuthenticationIntegrity

Transport Mode(End-to-End)

Possible Possible

Tunnel Mode(IPsec Gateway to Gateway)

Possible Possible

Digital Signature for Message-by-Message Authentication

To Create the Digital Signature:

1. Hash the plaintext to create abrief message digest; this is NOT the Digital Signature.

2. Sign (encrypt) the messagedigest with the sender’s private

key to create the digital signature.

3. Transmit the plaintext + digitalsignature, encrypted withsymmetric key encryption.

Plaintext

MD

DS

DS Plaintext

Hash

Sign (Encrypt)with Sender’sPrivate Key


4. Encrypted withSession Key

DS Plaintext

Sender Receiver


To Test the Digital Signature

5. Hash the received plaintextwith the same hashing algorithm

the sender used. This givesthe message digest.

6. Decrypt the digital signaturewith the sender’s public key.

This also should give themessage digest.

7. If the two match, themessage is authenticated.

Received Plaintext

MD

DS

MD

5. 6.

HashDecrypt withTrue Party’sPublic Key

7.Are they equal?

Public Key Deception

Impostor

“I am the True Person.”

“Here is TP’s public key.”(Sends Impostor’s public key)

“Here is authenticationbased on TP’s private key.”(Really Impostor’s private key)

Decryption of message from Verifierencrypted with Imposter’s public key,so Impostor can decrypt it

Verifier

Must authenticate True Person.

Believes now hasTP’s public key

Believes True Personis authenticated

based on Impostor’s public key

“True Person,here is a message encrypted

with your public key.”

CriticalDeception

Important X.509 Digital Certificate Fields

Field Description

VersionNumber

Version number of the X.509. Most certificates follow Version 3. Different versions have different fields. This figure reflects the Version 3 standard.

Issuer Name of the Certificate Authority (CA).

SerialNumber

Unique serial number for the certificate, set by the CA.


Field Description

Subject The name of the person, organization, computer, or program to which the certificate has been issued. This is the true party.

Public KeyThe public key of the subject—the public key of the true party.

Public KeyAlgorithm

The algorithm the subject uses to sign messages with digital signatures.


Field Description

ValidPeriod

The period before which and after which the certificate should not be used.Note: Certificate may be revoked before the end of this period.

DigitalSignature

The digital signature of the certificate, signed by the CA with the CA’s own private key.Provides authentication and certificate integrity.User must know the CA’s public key independently.


Field Description

SignatureAlgorithmIdentifier

The digital signature algorithm the CA uses to signits certificates.

Digital Signature and Digital Certificate in Authentication

Digital Certificate

Authentication

Public Key ofTrue Party

Signature to BeTested with


Digital Signature

Public Key Infrastructure (PKI) with a Certificate Authority

Create &Distribute

(1) Private Keyand

(2) Digital Certificate

4.Certificate

for Lee

3.Request Certificate

for Lee

5.Certificate

for Lee

6. Request CertificateRevocation List (CRL)

7. Copy of CRL

Verifier(Brown)

Applicant (Lee)

Verifier(Cheng)

CertificateAuthority

PKI Server

Goals of PKI:• Authenticate the user/system at the sending end of

a transaction• Authenticate the user/system at the receiving end of

a transaction• Non-repudiation

PKI components:• Certification Authority (CA) • Registration Authority (RA) • Certificate Repository• Certificate Archive

Public Key Infrastructure (PKI):

Certification Authority (CA): The CA acts like a trusted third-party which is made up of hardware, software and the

people operating it. It is in charge of issuing, managing, authenticating, signing and revoking of digital certificates.

Digital certificates are like evidence that shows the binding between an entity and its public key. Every CA is identified

by its name and public key. Therefore, certificates are signed by the CA using its name and encrypted with its

private key to prove their authenticity. Verification of the certificates is done by decrypting with the CA’s public key;

therefore, the CA must adequately protect its private key.Registration Authority (RA): Not everyone is entitled to

possess a digital certificate. The RA is set up to assist the CA in verifying an entity’s identity and determines if it is

eligible to have a public key certificate issued.

Certificate Repository: This is a database that stores all the active digital certificates managed by the CA. The

repository is publicly readable, but the CA is the only authorized entity that can modify or update it. The certificate repository also consists of a Certificate

Revocation List (CRL) which is issued, time-stamped and signed by the CA. A CRL contains unique information about revoked certificates to enable relying entities to

determine a particular certificate’s validity.

Certificate Archive: It contains old certificates that were issued by the CA and valid at that point in time.

Therefore, if there are any verification disputes on signatures of old documents, archived certificates can be

retrieved to prove the authenticity of these documents.

Authentication using Public Key Infrastructure (PKI): In order for authentication to take place, there must be some sort of

cryptography system to be put in place. PKI supports the authentication of users and systems by making use of public key

cryptography, which is the cryptography system that PKI is based on.

Implementation of PKI

Cross Certification of PKIs


To Create the Digital Signature:

1. Hash the plaintext to create abrief message digest; this is NOT the Digital Signature.

2. Sign (encrypt) the messagedigest with the sender’s private

key to create the digital signature.

3. Transmit the plaintext + digitalsignature, encrypted withsymmetric key encryption.

Plaintext

MD

DS

DS Plaintext

Hash

Sign (Encrypt)with Sender’sPrivate Key


4. Encrypted withSession Key

DS Plaintext

Sender Receiver


To Test the Digital Signature

5. Hash the received plaintextwith the same hashing algorithm

the sender used. This givesthe message digest.

6. Decrypt the digital signaturewith the sender’s public key.

This also should give themessage digest.

7. If the two match, themessage is authenticated.

Received Plaintext

MD

DS

MD

5. 6.

HashDecrypt withTrue Party’sPublic Key

7.Are they equal?

Public Key Deception

Impostor

“I am the True Person.”

“Here is TP’s public key.”(Sends Impostor’s public key)

“Here is authenticationbased on TP’s private key.”(Really Impostor’s private key)

Decryption of message from Verifierencrypted with Imposter’s public key,so Impostor can decrypt it

Verifier

Must authenticate True Person.

Believes now hasTP’s public key

Believes True Personis authenticated

based on Impostor’s public key

“True Person,here is a message encrypted

with your public key.”

CriticalDeception


Field Description

VersionNumber

Version number of the X.509. Most certificates follow Version 3. Different versions have different fields. This figure reflects the Version 3 standard.

Issuer Name of the Certificate Authority (CA).

SerialNumber

Unique serial number for the certificate, set by the CA.


Field Description

Subject The name of the person, organization, computer, or program to which the certificate has been issued. This is the true party.

Public KeyThe public key of the subject—the public key of the true party.

Public KeyAlgorithm

The algorithm the subject uses to sign messages with digital signatures.


Field Description

ValidPeriod

The period before which and after which the certificate should not be used.Note: Certificate may be revoked before the end of this period.

DigitalSignature

The digital signature of the certificate, signed by the CA with the CA’s own private key.Provides authentication and certificate integrity.User must know the CA’s public key independently.


Field Description

SignatureAlgorithmIdentifier

The digital signature algorithm the CA uses to signits certificates.

Digital Signature and Digital Certificate in Authentication

Digital Certificate

Authentication


Signature to BeTested with


Digital Signature

Public Key Infrastructure (PKI) with a Certificate Authority

Create &Distribute

(1) Private Keyand

(2) Digital Certificate

4.Certificate

for Lee

3.Request Certificate

for Lee

5.Certificate

for Lee

6. Request CertificateRevocation List (CRL)

7. Copy of CRL

Verifier(Brown)

Applicant (Lee)

Verifier(Cheng)

CertificateAuthority

PKI Server

Goals of PKI:• Authenticate the user/system at the sending end of

a transaction• Authenticate the user/system at the receiving end of

a transaction• Non-repudiation

PKI components:• Certification Authority (CA) • Registration Authority (RA) • Certificate Repository• Certificate Archive

Public Key Infrastructure (PKI):

Certification Authority (CA): The CA acts like a trusted third-party which is made up of hardware, software and the

people operating it. It is in charge of issuing, managing, authenticating, signing and revoking of digital certificates.

Digital certificates are like evidence that shows the binding between an entity and its public key. Every CA is identified

by its name and public key. Therefore, certificates are signed by the CA using its name and encrypted with its

private key to prove their authenticity. Verification of the certificates is done by decrypting with the CA’s public key;

therefore, the CA must adequately protect its private key.Registration Authority (RA): Not everyone is entitled to

possess a digital certificate. The RA is set up to assist the CA in verifying an entity’s identity and determines if it is

eligible to have a public key certificate issued.

Certificate Repository: This is a database that stores all the active digital certificates managed by the CA. The

repository is publicly readable, but the CA is the only authorized entity that can modify or update it. The certificate repository also consists of a Certificate

Revocation List (CRL) which is issued, time-stamped and signed by the CA. A CRL contains unique information about revoked certificates to enable relying entities to

determine a particular certificate’s validity.

Certificate Archive: It contains old certificates that were issued by the CA and valid at that point in time.

Therefore, if there are any verification disputes on signatures of old documents, archived certificates can be

retrieved to prove the authenticity of these documents.

Authentication using Public Key Infrastructure (PKI): In order for authentication to take place, there must be some sort of

cryptography system to be put in place. PKI supports the authentication of users and systems by making use of public key

cryptography, which is the cryptography system that PKI is based on.

Implementation of PKI

Cross Certification of PKIs

Content :Content :





UNIT 4UNIT 4




VPN

VPN is used to provide secure network links across networks

VPN is constructed on top of existing network media and protocols

On protocol level IPsec is the first choice Other protocols are PPTP, L2TP

VPN? What’s that?

A VPN is a service that simulates a PRIVATE link over a PUBLIC network (usually a SP).

BranchOfficeSofia

Private Line (leased) BranchOffice

New York

Ideally:

VPN? What’s that?

BranchOfficeSofia

BranchOffice

New York

Internet/IP backbone

Confidentiality neededIPsec comes into the

play

Internet

CorporateNetwork

Encrypted IPEncrypted IP

Access VPN: Client Initiated

Encrypted tunnel from the remote clientto the corporate network

Independent of broadband access technology Standards compliant

IPSec encapsulated tunnel IKE key management

MainOffice

RemoteOffice

RemoteOffice

Service Provider

POP

POP

POPInternet/IP VPNs

VPN Types: Intranet VPN

Extends the connectionlessIP model across a shared WAN

Reduces application development time Reduces support costsReduces line costs

Service Provider

Business Partner

SupplierCustomer

Main Office

POPPOP

POPPOP

POPPOP

Remote Office

Remote Office

VPN Types: Extranet VPN

Extend connectivity to suppliers, customers, and business partners Over a shared infrastructure Using dedicated connections While ensuring proper level of authorized access

Internet/IP VPNs

Requirements for a VPN:

BranchOfficeSofia

BranchOffice

New York

Internet/IP backbone

1.Identify and authenticate the other party(AUTHENTICATION)

2.Un-authorized person should not be able to intercept, record or extract data(CONFIDENTIALITY)

3.Data should not be altered (any changeshould be detectable)

(DATA INTEGRITY)

4.Protection against replay attacks(SEQUENCING)

5.From a user point of view IPsec packets areregular IP packets (SA,DA,“precedence” bits, etc)(TRANSPARENCY)

VPN Issues

Virtual Private Network (VPN) Transmission over the IP Net with added security Some analysts include transmission over a PSDN

with added security

Why VPNs PSDNs are not interconnected IP Net reaches almost all sites Low transmission cost per bit transmitted

Virtual Private Network (VPN)Site-To-Site

VPNServer

ProtectedServer

VPNServer

ProtectedServer

CorporateSite A

CorporateSite B

WAN e.g. IP

Net

RemoteCustomer orSupplier PC

RemoteCorporate PC

RemoteAccess

VPN

RemoteAccess

VPN

Site-to-SiteVPN

Site-to-Site VPNs and Extranets Site-to-site networks link sites within a single

company Often part of an intranet—use of TCP/IP transmission

and applications internally TCP/IP transmission is low in cost TCP/IP applications are good, standardized, and

inexpensive

Extranet: communication with customers and suppliers with security over the IP Net

Server

Host-to-Host VPN

Hosts can communicateDirectly with each other

Client-ServerClient-Client

WAN e.g. IP

Net

Virtual Private Network (VPN)Host-To-Host

Encrypted Communication and FirewallsOptimum Place for VPN Gateway

BorderRouter

BorderRouter

Firewall

Firewall

VPNGateway

VPNGateway

InternalHost

InternalHost

Firewallcan not

readencryptedpackets.

Merelypasses them

through tothe VPNGateway

Firewallcan readdecryptedpackets

But open toattack becausenot defended

by firewall

Enterprise VPN Applications

ISP BackboneCorporate

Remote Office

HomeOffice

MobileWorker

Remote Office

VPN connections allow users working at home or on the road to connect in a secure fashion to a remote corporate server using the routing infrastructure provided by a public IP Network (such as the IP Net).

From the user’s perspective, the VPN connection is a point-to-point connection between the user’s computer and a corporate server. The nature of the intermediate IP Network is irrelevant to the user because it appears as if the data is being sent over a dedicated private link.

Common Uses of VPNs

VPN configurations: Remote Access Over the IP Net Connecting Networks Over the IP Net Connecting Computers over an Intranet

Virtual Private Networks (VPNs)

Remote Access Over the IP Net

VPNs provide remote access (nationally or internationally) to corporate resources over the public IP Net, while maintaining privacy of information.

Figure shows a VPN connection used to connect a remote user to a corporate intranet.

Rather than making a long distance call to a corporate or outsourced network access server (NAS), the user calls a local ISP.

Using the connection to the local ISP, the VPN software creates a VPN between the dial-up user and the corporate VPN server across the IP Net.

Connecting Networks Over the IP Net There are 2 methods for using VPNs to connect LAN at remote sites: Using dedicated lines to connect a branch office to a corporate LAN.

Rather than using an expensive long-haul dedicated circuit between the branch office and the corporate hub, both the branch office and the corporate hub routers can use a local dedicated circuit and local ISP to connect to the IP Net.

The VPN software uses the local ISP connections and the IP Net to create a VPN between the branch office router and corporate hub router.

Using a dial-up line to connect a branch office to a corporate LAN:

Rather than having a router at the branch office make a long distance call to a corporate or outsourced NAS, the router at the branch office can call the local ISP.

The VPN software uses the connection to the local ISP to create a VPN between the branch office router and the corporate hub router across the IP Net.

In both cases, the facilities that connect the branch office and corporate offices to the IP Net are local.The corporate hub router that acts as a VPN server must be connected to a local ISP with a dedicated line. This VPN server must be listening 24 hours a day for incoming VPN traffic.

Figure 3: Using a VPN connection to connect two remote sites

Connecting Computers over an Intranet

In some corporate IP Networks, the departmental data is so sensitive that the department’s LAN is physically disconnected from the rest of the corporate IP Network.

Although this protects the department’s confidential information, it creates information accessibility problems for those users not physically connected to the separate LAN.

Using a VPN connection to connect to a secured or hidden network

Connecting Computers over an Intranet

The solution must allow roaming of remote clients to connect to LAN resources, and the solution must allow remote offices to connect to each other to share resources and information (router-to-router connections).

In addition, the solution must ensure the privacy and integrity of data as it traverses the IP Net.

The same concerns apply in the case of sensitive data traversing a corporate IP Network.

Therefore, a VPN solution should provide at least all of the following:

1- User Authentication: The solution must verify the VPN client’s identity and restrict VPN access to authorized users only. It must also provide audit and accounting records to show who accessed what information and when.

2- Address Management: The solution must assign a VPN client’s address on the intranet and ensure that private addresses are kept private.

3- Data Encryption: Data carried on the public network must be rendered unreadable to unauthorized clients on the network.

4- Key Management: The solution must generate and refresh encryption keys for the client and the server.

5- Multi Protocol Support: The solution must handle common protocols used in the public network. These include IP, IP Network Packet Exchange (IPX), and so on.

An IP Net VPN solution based on the Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP) meets all of these basic requirements and takes advantage of the broad availability of the IP Net.

Other solutions, including IP Net Protocol Security (IPSec), meet only some of these requirements, but remain useful for specific situations.

Advantages of VPNs Cost Savings: VPNs enable organizations to utilize cost-effective

third-party IP Net transport to connect remote offices and remote users to the main corporate site, thus eliminating expensive

dedicated WAN links and modem banks. Furthermore, the advent of cost-effective, high-bandwidth technologies like DSL,

organizations can use VPNs to reduce their connectivity costs while simultaneously increasing remote connection bandwidth.

Security: VPNs provide the highest level of security using advanced encryption and authentication protocols that protect data

from unauthorized access. Scalability: VPNs enable corporations to utilize easy to provision

IP Net infrastructure within ISPs and devices that allow for the easy addition of new users. Therefore, corporations are able to add

large amounts of capacity without adding significant infrastructure. Compatibility with Broadband Technology: VPNs allow mobile

workers, telecommuters and day extenders to take advantage of high-speed, broadband connectivity, such as DSL and Cable, when

gaining access to their corporate networks, providing workers significant flexibility and efficiency. Furthermore, high-speed

broadband connections provide a cost-effective solution for connection remote offices.

There are four concerns with VPN solutions:

1. VPNs require an in-depth understanding of public network security issues and taking proper precautions in VPN deployment.

2. The availability and performance of an organization's wide-area VPN (over the IP Net in particular) depends on factors largely outside of their control.

3. VPN technologies from different vendors may not work well together due to commercial or specific standards.

4. VPNs need to accomodate protocols other than IP and existing ("legacy") internal network technology.

Disadvantages of VPNs

Content :Content :





UNIT 4UNIT 4




802.11 Wireless LAN Security

802.11 Wireless LAN (WLAN) Security

802.11 Wireless LAN Family of Standards

Basic Operation Main wired network for servers (usually

802.3 Ethernet) Wireless stations with wireless NICs Access points Access points are bridges that link

802.11 LANs to 802.3 Ethernet LANs

802.11 FrameContaining Packet

802.11 Wireless LAN

NotebookWith PC CardWireless NIC

EthernetSwitch

AccessPoint

Server


(2)

(3)

Client PC

(1)

802.11 Wireless LAN

NotebookWith PC CardWireless NIC

EthernetSwitch

AccessPoint

Server



(2)

(1)

Client PC

(3)


Basic Operation

Propagation distance: farther for attackers than users

Attackers can have powerful antennas and amplifiers

Attackers can benefit even if they can only read some messages

Don’t be lulled into complacency by internal experiences with useable distances

802.11 Wireless LAN Standards

StandardRated Speed

(a)UnlicensedRadio Band

EffectiveDistance (b)

802.11b 11 Mbps 2.4 GHz ~30-50 meters

802.11a 54 Mbps 5 GHz ~10-30 meters

802.11g 54 Mbps 2.4 GHz ?

Notes: (a) Actual speeds are much lower and decline with distance. (b) These are distances for good communication; attackers can read some signals and send attack frames from longer distances.


Apparent 802.11 Security Spread spectrum transmission does not

provide security Signal is spread over a broad range of

frequencies

Methods used by military are hard to detect

802.11 spread spectrum methods are easy to detect so devices can find each other

Used in 802.11 to prevent frequency-dependent propagation problems rather than for security


Apparent 802.11 Security SSIDs

Mobile devices must know the access point’s service set identifier (SSID) to talk to the access point

Usually broadcast frequently by the access point for ease of discovery, so offers no security.

Sent in the clear in messages sent between stations and access points


Wired Equivalent Privacy (WEP) Biggest security problem: Not enabled

by default 40-bit encryption keys are too small

Nonstandard 128-bit (really 104-bit) keys are reasonable interoperable


Wired Equivalent Privacy (WEP) Shared passwords

Access points and all stations use the same password

Difficult to change, so rarely changed People tend to share shared passwords too

widely

Flawed security algorithms Algorithms were selected by cryptographic

amateurs


802.1x and 802.11i Authentication server User data server Individual keys give out at access point

802.1x Authentication for 802.11i WLANs

AccessPoint

Applicant(Lee)

1.Authentication

Data

2.Pass on Request to

RADIUS Server

3.Get User Lee’s Data(Optional; RADIUSServer May Store

This Data)

4. AcceptApplicant Key=XYZ

5. OKUse

Key XYZ

DirectoryServer orKerberos

Server

RADIUS Server


802.1x and 802.11 Control access when the user

connects to the network At a wired RJ-45 jack At a wireless access point

802.1x is a general approach to port authentication

802.11i is the implementation of 802.1x on 802.11 wireless LANs


802.1x and 802.11 Extensible Authentication Protocol (EAP)

Supports multiple forms of authentication EAP-TLS EAP-TTLS PEAP


802.1x and 802.11 Extensible Authentication Protocol (EAP)

Authentication mechanisms Passwords

Simple and inexpensive to implement Low security

Digital Certificate Complex and expensive to install digital

certificates on many devices Very strong authentication


Client Authentication

Access Point Authentication

Comment

EAP-TLS Digital Certificate orNothing at all

Digital Certificate

Expensive client authentication or none

EAP-TTLS Password or other authentication method

Digital Certificate

Fits reality that many users have passwords

PEAP (Protected EAP)

Password or other authentication method

Digital Certificate

Strong. Supported by Microsoft, Cisco, and RSA


TLS The default for 802.11i security but choice of

either digital certificates for clients or no client authentication is undesirable

PEAP and TTLS Very similar in terms of the authentication

methods they support PEAP is supported by Microsoft, Cisco, and

RSA TTLS is supported by a consortium of other

vendors


802.1x and 802.11i

After authentication, the client must be given a key for confidentiality

Temporal Key Integrity Protocol (TKIP) is used in 802.11i and 802.1x

Key changed every 10,000 frames to foil data collection for key guessing

This is an Advanced Encryption Standard (AES) key

Wi-Fi and WPA

Wi-Fi Alliance Industry group that certifies 802.11

systems Created the Wi-Fi Protected Access

(WPA) system in 2002 WPA is basically 802.11i

But does not use AES keys Many installed wireless products can be

upgraded to WPA Stop-gap measure before 802.11i

802.11i Today

802.11i standard was released in July 2004 But products started appearing in 2003

What must firms do? Throw out WEP-only products

In security, legacy technologies are not acceptable

Decide if it can have WPA and 802.11i products co-exist


Virtual Private Networks (VPNs) Add security on top of network

technology to compensate for WLAN weaknesses

Discussed in Chapter 8

WLAN, etc.

VPN

The Situation Today in Wireless Security

Wireless security is poor in most installations today

The situation is improving, and technology will soon be good

But old installations are likely to remain weak links in corporate security

Content :Content :





UNIT 4UNIT 4



• USERID AND PASSWORD AUTHENTICATION

Access Controls Types

Discretionary Access Control Mandatory Access Control Role-Based Access Control

Discretionary AC

Name AccessTom YesJohn NoCindy Yes

ApplicationAccess List

Restricts access to objects based solely on the identity of users who are trying to access them.

Individuals Resources

Server 1

Server 3

Server 2

Legacy Apps

Mandatory AC MAC mechanisms assign a security level to

all information, assign a security clearance to each user, and ensure that all users only have access to that data for which they have a clearance.

Better security than DAC

Principle: Read Down Access equal or less Clearance Write Up Access equal or higher Clearance

Mandatory AC (cont)

Individuals Resources

Server 1“Top Secret”

Server 3“Classified”

Server 2“Secret”

Legacy Apps

Role-Based AC A user has access to an object based on the

assigned role. Roles are defined based on job functions.

Permissions are defined based on job authority and responsibilities within a job function.

Operations on an object are invocated based on the permissions.

The object is concerned with the user’s role and not the user.

“Ideally, the [RBAC] system is clearly defined and agile, making the addition of new applications, roles, and employees as efficient as

possible”

Role-Based AC

Individuals Roles Resources

Role 1

Role 2

Role 3

Server 1

Server 3

Server 2

User’s change frequently, Roles don’t

Privilege

Roles are engineered based on the principle of least privileged .

A role contains the minimum amount of permissions to instantiate an object.

A user is assigned to a role that allows him or her to perform only what’s required for that role.

No single role is given more permission than the same role for another user.

Role-Based AC Framework

Core Components Constraining Components

Hierarchical RBAC General Limited

Separation of Duty Relations Static Dynamic

Core Components

Defines: USERS ROLES OPERATIONS (ops) OBJECTS (obs) User Assignments (ua)

assigned_users

Core Components (cont)

Permissions (prms) Assigned Permissions Object Permissions Operation Permissions

Sessions User Sessions Available Session Permissions Session Roles

Constraint Components

Role Hierarchies (rh) General Limited

Separation of Duties Static Dynamic

RBAC Transition

Models Hierarchies Constraints

RBAC0No No

RBAC1Yes No

RBAC2No Yes

RBAC3Yes Yes

Most Complex

Least PrivilegedSeparation of

Duties

RBAC Model

Effort

RBAC3

RBAC System and Administrative Functional Specification

Administrative Operations Create, Delete, Maintain elements and relations

Administrative Reviews Query operations

System Level Functions Creation of user sessions Role activation/deactivation Constraint enforcement Access Decision Calculation

USERS

Process

Process

Person

Intelligent Agent

ROLES

DeveloperBudgetManager

Help Desk Representative

An organizational job function with a clear definition of inherent responsibility and authority (permissions).

Director

MTM relation betweenUSERS & PRMS

OPS (operations)

An execution of an a program specific function that’s invocated by a user.

•Database – Update Insert Append Delete •Locks – Open Close•Reports – Create View Print•Applications - Read Write Execute

SQL

OBS (objects)

An entity that contains or receives information, or has exhaustible system resources.

•OS Files or Directories•DB Columns, Rows, Tables, or Views•Printer•Disk Space•Lock Mechanisms

RBAC will deal with all the objects listed in the permissions assigned to roles.

UA (user assignment)

A user can be assigned to one or more roles

Developer

USERS set ROLES set

Help Desk Rep

A role can be assignedto one or more users

UA (user assignment)

Mapping of role r onto a set of users

User.DB1•View•Update•Append

USERS setROLES set

User.DB1

User.DB1

permissions object

User.F1User.F2User.F3

PRMS (permissions)

The set of permissions that each grant the approval to perform an operation on a protected object.


permissions object

User.F1•Read•Write•Execute

permissions object

PA (prms assignment)

A prms can be assigned to one or more roles

Admin.DB1

PRMS set ROLES set

A role can be assignedto one or more prms

User.DB1

ViewUpdateAppend

CreateDeleteDrop


SUSERSxROLEUA

PRMS setROLES set

User.F1User.F2User.F3Admin.DB1

Mapping of role r onto a set of permissions

•Read•Write•Execute

•View •Update•Append•Create•Drop

SQL


SUSERSxROLEUA

PRMS setOPS set

Mapping of operations to permissions

public int read(byteBuffer dst) throws IOException

Inherited methods from java.nio.channlsclose()isOpen()

READ

Gives the set of ops associated with the permission


Mapping of permissions to objects

PRMS set

•Open•Close


SQL

DB1.table1

Objects

BLD1.door2Gives the set of objects associated with the prms

SESSIONS

The set of sessions that each user invokes.

USER

guest

user

admin

invokes SQL

DB1.table1

FIN1.report1

APP1.desktop

SESSION

SESSIONS

)),(_(|{)(_

2):(_

UArsuserssessionROLESrsrolessession

SESSIONSsrolessession

ii

ROLES

The mapping of user u onto a set of sessions.

USERS

guest

user

admin

invokes SQL

User2.DB1.table1.session

User2.FIN1.report1.session

User2.APP1.desktop.session

SESSION

USER2

USER1

SESSIONS

The mapping of session s onto a set of roles

SESSION ROLES

•Admin•User•Guest

SQL

DB1.table1.session

SESSIONS

Permissions available to a user in a session.

DB1.ADMIN


SQL

DB1.table1.session

PRMSROLE SESSION

authorized users

Mapping of a role onto a set of users in the presence of a role hierarchy

}),(|{)(_ UAruUSERSuruserassigned


First Tier USERS setROLES set

User.DB1

User.DB1

permissions object

Admin.DB1User.DB2User.DB3

authorized permissions

Mapping of a role onto a set of permissions in the presence of a role hierarchy

PRMS setROLES set

User.DB1User.DB2User.DB3Admin.DB1

•View•Update•Append

•Create•Drop

SQL

Separation of Duties

Enforces conflict of interest policies employed to prevent users from exceeding a reasonable level of authority for their position.

Ensures that failures of omission or commission within an organization can be caused only as a result of collusion among individuals.

Two Types: Static Separation of Duties (SSD) Dynamic Separation of Duties (DSD)

SSD

SSD places restrictions on the set of roles and in particular on their ability to form UA relations.

No user is assigned to n or more roles from the same role set, where n or more roles conflict with each other.

A user may be in one role, but not in another—mutually exclusive.

Prevents a person from submitting and approving their own request.

SSD in Presence of RH

A constraint on the authorized users of the roles that have an SSD relation.

Based on the authorized users rather than assigned users.

Ensures that inheritance does not undermine SSD policies.

Reduce the number of potential permissions that can be made available to a user by placing constraints on the users that can be assigned to a set of roles.

DSD

Places constraints on the users that can be assigned to a set of roles, thereby reducing the number of potential prms that can be made available to a user.

Constraints are across or within a user’s session. No user may activate n or more roles from the roles set in

each user session. Timely Revocation of Trust ensures that prms do not

persist beyond the time that they are required for performance of duty.

DSD (cont)

Supervisor

Roles

inherits

Cashier

CashierCorrect Error

Supervisor

Closes Cashier Role sessionClose Cash Drawer

Opens Supv Role sessionOpen Cash Drawer

Accounting Error

ReduceCOI

Topics Covered

Policy-Driven Access Control Identify resources Create an access policy for each Let the policy drive implementation and

testing

Topics Covered

Password-Based Access Control

Reusable passwords are inexpensive because built into servers

Usually weak because people often pick cracked passwords

Hacking root is a key goal

Password resets are necessary but dangerous

Topics Covered

Access Cards and Tokens Magnetic strip cards Smart cards with CPU and Memory Tokens

Tokens with constantly-changing passwords Tokens that plug into USB ports

Proximity cards with radio communication Pins can be short because of manual entry

Topics Covered

Biometric Authentication Can replace reusable passwords Fingerprint scanning dominates biometrics

Inexpensive, somewhat secure Iris recognition is more precise Face recognition can be done surreptitiously Identification vs verification vs watch list FARs and FRRs Often easily deceived by attackers

Topics Covered

802.11 Wireless LAN Security Signals travel outside building, allowing drive-

by hacking Initial security was WEP

Often not even turned on Very easily cracked because uses shared static key

for both confidentiality and authentication

Some firms added passwords and/or VPNs to allow secure communication anyway

Topics Covered

802.11 Wireless LAN Security Now, 802.11i security

Based on 802.1x security for wired LANs

Sophisticated authentication

EAP supports multiple methods

Not a single standard, so problems with equipment interoperability

Strong AES confidentiality

Topics Covered

802.11 Wireless LAN Security Now, 802.11i security

Requires an infrastructure Central authentication server

Adequate for corporate needs

Today Buy only 802.11i equipment See if can keep WPA (post-WEP/pre-

802.11i) products Discard WEP products

Many thanks

Content : Access and Authentication Technology Authentication methods: PPP, PAP, CHAP, EAP AAA,...

Documents

Transcript of Content : Access and Authentication Technology Authentication methods: PPP, PAP, CHAP, EAP AAA,...