1 / 76

E138 Tightening up EAServer Security

E138 Tightening up EAServer Security. Markus Ohly Sybase European CS&S Markus.Ohly@sybase.com. Tightening up EAServer Security. AGENDA Security Concerns and Risks Security Techniques Applying Security Techniques to EAServer. Tightening up EAServer Security. AGENDA

bunny
Download Presentation

E138 Tightening up EAServer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E138Tightening up EAServer Security • Markus Ohly Sybase European CS&S Markus.Ohly@sybase.com

  2. Tightening up EAServer Security AGENDA • Security Concerns and Risks • Security Techniques • Applying Security Techniques to EAServer

  3. Tightening up EAServer Security AGENDA • Security Concerns and Risks • Introduction • Fighting against Risks and Dangers • Security Techniques • Applying Security Techniques to EAServer

  4. C++ Security Concerns and Risks

  5. Security Concerns and Risks • Disclosure of confidential information (Eavesdropping) • Modification, Deletion, Reuse of data (Data tampering) • Misuse of protected resources • Misuse that compromises availability • Masquerading, Misrepresentation and Repudiation • Sender claims that he did not send a message • Repetition of original messages • Compromised Privacy, Integrity, and Accountability

  6. Security Concerns and Risks Fighting against Risks and Dangers • Your company is in danger when computing resources fail, are unavailable, or compromised. • Not all of the threats can be easily eliminated (if at all) • Reduce exposure to an acceptable level • Use Security Means

  7. Security Concerns and Risks Fighting against Risks and Dangers • Authentication • Mechanism by which callers and servers prove to one another that they are acting on behalf of specific users • A component acting as an intermediary in a call chain may impersonate the user the originating user or have its own identity. • Normally, Authentication builds the basis for Authorization

  8. Security Concerns and Risks Fighting against Risks and Dangers • Authorization • Authorization mechanisms limit usage of resources to users, groups, or systems for the purpose of enforcing integrity, confidentiality, or availability constraints. • Protected Resources are distinguished by the presence of authorization rules that grant access only to authentic caller identities

  9. Security Concerns and Risks Fighting against Risks and Dangers • Networe Architecture • Firewalls • DMZs • Proxies • Auditing • Public Key Cryptography • Encryption • Digital Signatures

  10. Tightening up EAServer Security AGENDA • Security Concerns and Risks • Security Techniques • What is Encryption ? • What are Certificates ? • What are Digital Signatures ? • What is SSL ? • Applying Security Techniques to EAServer

  11. What is Encryption ? • A Mathematical Domain allowing to scramble data to keep it safe from external "eyes” and thus ensures a high level of security • Two major types of cryptographic algorithms exist: • Symmetric encryption (secret key cryptography) • Asymmetric encryption (public key cryptography)

  12. What is Encryption ? Secret Key Cryptography

  13. What is Encryption ? Secret Key Cryptography • Algorithms: DES, Triple-DES, RC2, RC4, RC5 • Advantage: Fast and efficient • Problem: Key exchange • The keys must be shared by both end points • How to keep the shared key secret ?

  14. What is Encryption ? Public Key Cryptography • Solution to the key exchange problem • Diffie, Hellman (1976) • Rivest, Shamir, Adleman (1978) • Public key encryption is based upon a key pair • public key and private key • It is VERY VERY difficult to compute the private key from the known public key

  15. What is Encryption ? Public Key Cryptography • Public and private keys are inverse and can be applied in two directions • Encryption Equation: • D(private, E(public, m)) = m • Authenticity Equation: • D(public, E(private, m)) = m

  16. What is Encryption ? Public Key Cryptography

  17. What is Encryption ? Public Key Cryptography • D(private, E(public, m)) = m (Encryption Equation) • Everyone can send secret messages to a person using the public key of the addressee • Arbitrary individuals cannot decrypt messages encrypted with a public key because they do not know and cannot compute the private key • Only a person having the matching private key can decrypt the message

  18. What is Encryption ? Public Key Cryptography • Advantage: No secret key exchange, only public keys are exchanged • Disadvantages: • CPU intensive (factor 100 to DES in Software) • Performance hit on busy site with lots of connections • Known algorithms: RSA (Rivest, Shamir, Adleman)

  19. What are Digital Signatures ? • Authenticity Equation: • D(public, E(private, m)) = m • Using the private key for encryption can only be done by the key owner • Everybody can read the message but nobody is able to change it • Messages with digital signatures are authentic

  20. What are Digital Signatures ? • How to digitally sign a document ? • Compute a Message Digest of fixed length by applying a Hash Function to the document • Authenticate the Message Digest, that is encrypt the Message Digest with your private key • How to verify a Digital Signature ? • Apply the Hash Function to the received text • Decrypt the provided Digest using the public key • Authenticity is prooved if both results match

  21. What are Digital Signatures ? Hash Functions • A Hash Function is an efficient transformation of an arbitrary message to a hash value of fixed length • The hash value is much smaller than the original input • Additionally, it is difficult to reverse a hash function (hash functions are one way) • collision freeness: it is very difficult to find two messages resulting in the same hash value. • Examples: MD5, SHA

  22. What are Digital Signatures ?

  23. What are Digital Signatures ?

  24. What are Certificates ? • How to assure keys and entities match? • We demand certification ! • Certificates give us the guarantee that the mentioned entity and the public key do in fact belong together, they bind the identity of a person to his public key. • The pair of identity and public key is digitally signed • Certificates are issued by Certificate Authorities after a rigorous check • Trust to the certificate is implied by trust to the Certificate Authority.

  25. Public Key of the Client Public Key of the Server What are Certificates ? Server Server’s Private Key CA’s Public Key + Client Client’s Private Key CA’s Public Key + Digitally Signed Certificates

  26. What are Certificates ? Non-Repudiation • The holder of a certificate cannot deny his authenticity nor refuse his engagements when he digitally signed a message with the secret key corresponding to the public key in his certificate

  27. What is SSL ? • The Secure Sockets Layer (SSL) Protocol maintains security, privacy, and integrity of the transmission channel by using encryption, authentication and messageauthentication codes. • The SSL protocol is able to negotiate encryption keys as well as authenticatethe server before data is exchanged by the higher-level application. • It allowsapplications to communicate in a way that is designedto prevent eavesdropping, tampering, or messageforgery. • Invented by Netscape in 1996

  28. What is SSL ? • SSL is application protocol independent. A higher level protocol can layer on top of the SSL Protocol transparently. • Application protocol traffic is embedded into SSL and encrypted during transfer • IIOP + SSL = IIOPS • HTTP + SSL = HTTPS

  29. What is SSL ?

  30. What is SSL ? • The SSL Handshake Protocol consists of two phases. • During the “handshaking“ process, thepublic-key encryption is used. • After the exchange of keys, a number ofciphers are used, eg. RC2, RC4, IDEA, DES, and triple-DES • The MD5 message-digest algorithm is used. • The public-key certificates follow the X.509 syntax

  31. What is SSL ? Server Authentication • The server, in response to a client's request, sends its certificate andits cipher preferences. • The client generates a master key, encrypts it with the server'spublic key, and sends the result to the server • The server recovers the masterkey and authenticates itself to the client by returning a message signed with the master key • Subsequent data is encrypted and authenticated with keys derived from this master key.

  32. What is SSL ? Client Authentication (optional). • The server sends a challenge to the client. • The client authenticates itself to theserver by returning the client's digital signature on the challenge, as well as its public-key certificate.

  33. Tightening up EAServer Security AGENDA • Security Concerns and Risks • Security Techniques • Using Security Means in EAServer • Listener Configuration • Set protection levels for components • Protect Server Resources • Secure Clients • Protect Data

  34. Using Security Means in EAServer • How to deal with Certificates and keys easily ? • Use a cryptographic module which is a loadable software plugin following the PKCS #11 standard • EAServer has a PKCS #11 module • Accessible from Security Manager • Accessible from Netscape

  35. Using Security Means in EAServer EAServer Security Manager

  36. Using Security Means in EAServer • Netscape Communicator

  37. Using Security Means in EAServer Internet Explorer ...

  38. Configure Listener Properties Create a listener with protocol „https“ or „iiops“ Select a Security Profile. Using Security Means in EAServer

  39. Using Security Means in EAServer Configure Listener Properties (ctd) • A security profile specifies the security characteristics: • Whether mutual authentication is required • Which Cipher Suite to use for the encrypted connection • Which certificate the server will send to the client – note that the site name and the certificate common name must match !

  40. Using Security Means in EAServer Security Profile

  41. Using Security Means in EAServer Configure Listener Properties (ctd) • Important ! The Listener Properties must match the authentication and authorization requirements • When clients are required to send certificates for authentication, „_mutual_auth“ must be selected. • Relation to Authentication Service: • Precedence of Certificates over Username/Password • Combinations

  42. Using Security Means in EAServer Authentication for Web Applications • Authentication is set at Web Application level • Authentication Mechanisms supported by EAServer: BASIC, FORM, and HTTPS Mutual Authentication • BASIC and FORM authentication should be combined with encryption to protect the passwords • In order to work effectively, you must enable an Authentication Mechanism for EAServer, eg. OS Authentication or Authentication Service

  43. Using Security Means in EAServer Authentication for Web Applications • Login Config: Authentication = Client Certificate

  44. Using Security Means in EAServer Declarative Authorization • J2EE Declarative Authorization is based upon Roles which are logical privileges • Roles are assigned to Components to define the required privileges needed to access components • Roles may be attributed to (known) Certificates • Role Assignment to EJBs and WebResources can be defined during development but must be reviewed at deployment time.

  45. Using Security Means in EAServer Authorization with Certificates

  46. Using Security Means in EAServer Programmatic Authorization • Role Service • Alternatively, a custom Authorization Service

  47. Using Security Means in EAServer Servlet Request Attributes • javax.servlet.request.cipher-suite = SSL_RSA_EXPORT_WITH_RC4_40_MD5 • javax.servlet.request.key-size = 40 • javax.servlet.request.X509Certificate

  48. Using Security Means in EAServer Authorization for Web Applications • The Web Application Provider defines the Resources that have to be protected in form of Security Constraints • EAServer will control each access and ensure that protected resources are only accessed by authenticated and/or authorized users

  49. Using Security Means in EAServer Authorization for Web Applications • Security Constraint 0, Zone 0 • Pattern = /Calculate • Role = WebAgent, WebSupervisor • Transport Guarantee = Confidential • Security Constraint 1, Zone 1 • Pattern = /Calculate/Interest • Role = WebSupervisor • Transport Guarantee = Confidential

  50. Using Security Means in EAServer Authorization for Web Applications

More Related