Lecture III : Communication Security, Services & Mechanisms

Lecture III : Lecture III : Communication Security, Services & Communication Security, Services & Mechanisms Mechanisms

Internet Security: Principles & Practices

John K. Zao, PhD SMIEEENational Chiao-Tung University

Fall 2005

Fall 2005Internet Security - ComSec Services & Mechanisms2

What is Communication Security?What is Communication Security?

To provide safe communication over unsafe medium

Alice Bob

Eve

Safe Communication Alice can send a message to Bob that only Bob can

understand Confidentiality

Nobody can tamper with message content during communication Integrity

Bob can know for sure it was Alice who sent the message Authentication

Unsafe Medium Medium over which passive and active attacks are possible


OutlineOutline

What types of services do we need to protect

communication?

What kinds of mechanisms do we use to protect

communication?


ISO 7498-2 : Security Framework ISO 7498-2 : Security Framework ArchitectureArchitecture

Security Services Service Types

Service Layer Mapping

Security Mechanisms Mechanism Definition

Service - Mechanism Mapping


Communication Security ServicesCommunication Security Services Confidentiality

Data Confidentiality Traffic Confidentiality

Data Integrity Authentication

Data Origin Authentication Peer Authentication

Access Control Non-Repudiation

Non-Repudiation of Origin Non-Repudiation of Reception

Audit Availability – an after-thought but increasingly important

Note: all services are defined here in context of Communication Security

Primary Services


ConfidentialityConfidentiality

Service Types Data Confidentiality / Disclosure

ProtectionConnection OrientedConnectionlessSelective Field

Traffic Flow ConfidentialityOrigin Destination AssociationMessage SizeTransmission Patterns

Accompanied with Data Integrity

Protection Mechanisms Data Encryption

Symmetric (Secret-Key)Asymmetric (Public-Key)

Protection of information from disclosure to unauthorized entities (organizations, people, machines, processes).

Information includes data contents, size, existence, communication characteristics, etc.


IntegrityIntegrity

Service TypesMessage Integrity

Associated with connectionless communication

Message Stream IntegrityAssociated with

connection oriented communication

Protection Mechanisms Message Digests (Hashing) Sequence Numbers Nonce ID (Random Number) Time Stamps

Protection of data against creation, alteration, deletion, duplication, re-ordering by unauthorized entities (organizations, people, machines, processes).

Integrity violation is always caused by active attacks.


AuthenticationAuthentication

Service TypesData Origin Authentication

Associated with Connectionless Communication

Peer Entity AuthenticationAssociated with

Connection Oriented Communication

Fundamental for access controlhence, confidentiality & integrity

Protection Mechanisms Password

ManualOne-Time Password

Key SharingManualSymmetric Key (Tickets)Asymmetric Key (Certificates)

Challenge – ResponseNonce BasedZero Knowledge Proof

Communicating entities are provided with assurance & information of relevant identities of communicating partners (people, machines, processes).

Personnel Authentication requires special attention.


Access ControlAccess Control

Service Types Subject Based Typing

Identity BasedRole Based

Enforcement Based TypingMandatory Access Control

― Management DirectedDiscretionary Access Control

― Resource Owner Directed

Protection Mechanisms Access Control Lists

(ACLs)Object Based Specification

Ex.: UNIX File System

CapabilitiesSubject Based

Specification Issue Tickets/Certificates

Protection of information resources or services from access or use by unauthorized entities (organizations, people, machines, processes). Privileges – rights to access or use resources or services Principles – entities own access control privileges Subjects – entities exercise access control privileges Objects / Targets – resources or services accessed/used by subjects Delegation – transfer of access control privileges among principals Authorization – transfer of access control privileges from principals to

subjects


Non-RepudiationNon-Repudiation

Service Types Non-Repudiation of Origin Non-Repudiation of Reception

Protection Mechanisms Notarization Time Stamp Digital Signature

Protection against denial of participation by communicating entities in all or part of a communication.


AuditAudit

Service Types Off-line Analysis

(Computer Forensic) On-line Analysis

(Real-time Intrusion Detection)

Protection Mechanisms “Syslog” Intrusion Monitors / Sensors

Common Intrusion Detection Framework (CIDF)

Common Information Model (CIM)

Recording & analyses of participation, roles and actions in information communication by relevant entities.


Layers of Protocol ProtectionLayers of Protocol Protection

APPLICATION

PRESENTATION

SESSION

TRANSPORT

NETWORK

DATA LINK

PHYSICAL Secure Signaling

MSP, PEM

KEY MGMT

TLSP

NLSP, IPSP

SILS

Security Protection is provided in multiple protocol layers.


Service vs. Layer MappingService vs. Layer Mapping


ISO 7498-2 : Security ArchitectureISO 7498-2 : Security Architecture

Security ServicesService Types

Service Layer Mapping

Security MechanismsMechanism Definition

Service - Mechanism Mapping


Security MechanismsSecurity Mechanisms

Encipherment – with Secret / Public Key Cryptography

Data Integrity – with One-Way Hash Function

Authentication – with Public-Key Challenge/Response

Access Control

Digital Signature – with Public-Key Cryptography

Traffic Padding

Notarization


Symmetric / Secret Key Symmetric / Secret Key EnciphermentEncipherment

Algorithms use same keys for encryption & decryption : Symmetric / Secret Key must be dispatched in secret Used for bulk encryption / decryption

Also used in following security services : Authentication

EncryptionEngine

DecryptionEngine

ClearText

CipherText

ClearText

SymmetricKey

SymmetricKey

RandomNumberGenerator


Asymmetric / Public Key Asymmetric / Public Key EnciphermentEncipherment

Algorithms use different keys for encryption & decryption Public Key is disclosed but Private Key is kept secret Computationally intensive - based on large prime

numbers

Also used in following security services : Digital Signatures Authentication Key Exchange

EncryptionEngine

DecryptionEngine

ClearText

CipherText

ClearText

Private KeyPublic Key


Data Encryption & Key Distribution Data Encryption & Key Distribution

EncryptionEngine

DecryptionEngine

PublicKey

PrivateKey

EncryptionEngine

DecryptionEngine

ClearText

CipherText

ClearText

SymmetricKey

SymmetricKey


{ Symmetric

Key


Message Digest or HashMessage Digest or Hash

Message OriginatorComputes a fixed-length message digest from the message using a one-way hash transformation

Message RecipientValidate message integrity by computing the message hash and comparing with the message digestMD5

Digest

Message


Challenge-Response AuthenticationChallenge-Response Authentication Challenger sends a challenge of random number to Responder

Responder creates a response by digitally signing the challenge with its private key and returns the response to the Challenger

Challenger processes the response with public key of legitimate Responder and compare it with original challenge

=Same?

Response

Challenge

Challenge (Recovered) EncryptionEngine

PublicKey


DecryptionEngine

PrivateKey


Digital SignatureDigital Signature

DecryptionEngine

PrivateKey

SignedDocument

DigitalSignature

MD5

Hash

Signature is public-key encrypted hash of a document and its relevant parametersMessag

e

Message


Digital Signature ValidationDigital Signature Validation

Message recipients can validate the signature by “encrypting it” with the public key and comparing with document’s hash valueSignedDocument

EncryptionEngine

PublicKey

= Valid?

MD5

Hash

HashDigital

Signature

Message


Service - Mechanism MappingService - Mechanism Mapping

Service: Data ConfidentialityMechanism [1]: Encipherment

Symmetric (Secret-Key) CipherAsymmetric (Public-Key)

Cipher

Mechanism [2]: IntegrityMessage Digest / Digital Hash

Mechanism [3]: Key ManagementKey Distribution Centers

(Secret-Key)Public Key Infrastructure

(Public-Key)Manual Keying

Service: Peer AuthenticationMechanism [1]:

Challenge+ResponseNonce (Random Number) BasedZero-Knowledge Proof

Mechanism [2] IntegrityMessage Digest / Digital Hash

Single security services may need to be implemented by multiple and different security mechanisms.

Lecture III : Communication Security, Services & Mechanisms

Documents

Transcript of Lecture III : Communication Security, Services & Mechanisms