1 / 65

潘柱廷 ( 大潘 ) Jordan Pan blog.jordanpan mailto:jordan@venustech

安全与可信 security and trusted 脆弱性安全 vs. 结构性安全 Vulnerability vs. Structure 攻防两端如何在结构性安全环境中寻求空间 Space in the structural environment. 潘柱廷 ( 大潘 ) Jordan Pan http://blog.jordanpan.cn mailto:jordan@venustech.com.cn. 摘要 Summary. 脆弱性安全 Vulnerability-oriented security 结构性安全 Structural security

franklin-prince
Download Presentation

潘柱廷 ( 大潘 ) Jordan Pan blog.jordanpan mailto:jordan@venustech

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 安全与可信security and trusted脆弱性安全 vs. 结构性安全Vulnerability vs. Structure攻防两端如何在结构性安全环境中寻求空间Space in the structural environment 潘柱廷(大潘) Jordan Pan http://blog.jordanpan.cn mailto:jordan@venustech.com.cn

  2. 摘要Summary • 脆弱性安全Vulnerability-oriented security • 结构性安全Structural security • 结构性安全中的脆弱性 Vulnerabilities in structures • 结构性威胁Structural threats

  3. 脆弱性安全Vulnerability-oriented security

  4. 脆弱性Vulnerabilities • 弱口令 simple password • 病毒 virus • 操作系统漏洞 OS flaw • 协议漏洞 protocol flaw • 造成拒绝服务攻击的性能限制 performance limitation • 防火墙配置不当 bad configuration of firewalls • … …

  5. 面向脆弱性的安全Vulnerability-oriented security • 防病毒系统 anti-virus system • 漏洞扫描系统 vulnerability scanner • 补丁管理系统 patch management system • 入侵检测系统 IDS • 防拒绝服务攻击系统 anti-DoS • 防火墙 Firewall • 多功能安全网关 UTM • … …

  6. PSPC需求驱动筐架Requirement Driven BaCaMeth

  7. 面向脆弱性的风险管理Vulnerability-oriented risk management

  8. 国家标准中的风险管理关系图Risk management elements in Chinese standard

  9. 最精简的风险管理3要素模型3-element risk management model

  10. Best anti-malware solution Best Anti-spyware Best Anti-trojan Best Anti-virus Best Anti-worm Best Content Security Solution Best Anti-spam Best Email Content Filtering Best Email Security Best IM security Best Intellectual Property Protection Best Network Security Solution Best Wireless Security Best Enterprise Firewall Best Intrusion Detection Best Intrusion Prevention Best Desktop Firewall Best Remote Access Best VPN - SSL Best VPN - Ipsec Best Endpoint Security Solution Best Web Filtering Best Encryption Best Identity Management Solution Best Password Management Best Authentication Best Single Sign-on Best Two-Factor Solution Best Unified Threat Solution Best Integrated Security Software Best Integrated Security Appliance Best Managed Security Service Best Email Managed Service Best Network Security Management Best Event Management Best Computer Forensics Best Policy Management Best Security Audit Best Security Management Tool Best Vulnerability Assessment and Remediation Best Patch Management Best Vulnerability Assessment 2006 SC Awards Source from: http://www.scmagazine.com/uk/awards/previous/26104/year/2006/

  11. 脆弱性安全的产业环境Vulnerability-oriented security industrial environment 用户 User 厂商 Provider 威胁方 Threat agents

  12. 木桶原理的迷失Misleading of Cask Rule • 误导 • 将整体结构仅仅简化为防御结构 • 不考虑防御纵深问题 • 只考虑静态的结果状态 • 没有成本观念 • … … • Misleading • Only consider prevention structure • Not consider deep prevention • Only consider static state • Not consider cost-effective • … …

  13. 结构性安全Structural security 基本结构basic structure 紧密结构 tight structure 松散结构loose structure

  14. 访问控制的RM机制Reference monitor of access control • 访问控制的RM机制是非常基本的安全结构 • Reference monitor of access control is a very basic security structure

  15. 三个条件 不能被绕过 不可篡改 足够小,可以被证明 3 conditions of VRM Can not be bypass Can not be tampered Be small enough, can be proved RM机制有效的结构性条件Structural conditions of valid RM mechanism

  16. message message X15/^ ow83h7ERH39DJ3H X15/^ ow83h7ERH39DJ3H 密钥交换过程Key Exchange Process Alice Public key Private key Randomly Generated Symmetric Key (seed + PRNG) Bob Public key Private key

  17. http://www.trustedcomputinggroup.org 可信的定义 Definition of trust 可信就是,一个设备的行为是按照其预期目标和指定方式执行的 Trust is the expectation that a device will behave in a particular manner for a specific purpose. 一个可信平台应当至少提供三个基本特性:保护能力、完整性测量和完整性报告 A trusted platform should provide at least three basic features: protected capabilities, integrity measurement and integrity reporting. (From section 4.1, TCG Architecture Overview 1.0) 紧密安全结构的代表——可信计算Tight security structure — Trusted Computing

  18. 信任根就像“公理”一样,是信任的基础。在PC系统中,常常用硬件芯片实现。信任根就像“公理”一样,是信任的基础。在PC系统中,常常用硬件芯片实现。 Roots of trust In TCG systems roots of trust are components that must be trusted because misbehavior might not be detected. 信任链则是信任传递的机制。常常采用密码技术。 Chains of trust Transitive trust also known as “Inductive Trust”, is a process where the Root of Trust gives a trustworthy description of a second group of functions. TCG的基石性原理Fundamental rule of TCG

  19. 一个包含TPM的PCReference PC platform containing a TCG TPM

  20. TCG – 可信平台模块TCG – Trusted Platform Module (TPM) • 一个可信平台常常拥有三个可信根 There are commonly three Roots of Trust in a trusted platform • 测量可信根 root of trust for measurement (RTM) • 存储可信根 root of trust for storage (RTS) • 报告可信根 root of trust for reporting (RTR)

  21. 证明协议和消息交换Attestation protocol and message exchange

  22. TPM – 存储可信根的体系结构TPM – Root of Trust for Storage (RTS)

  23. TPM 部件体系结构TPM component architecture

  24. TCG 软件分层TCG software layering

  25. 可信平台的生命周期The trusted platform lifecycle

  26. 可信平台上的用户认证User authentication using trusted platforms

  27. 可信平台上的用户认证User authentication using trusted platforms

  28. 经典的四角模型The classical four corners model

  29. 四角模型的可信平台实现Detailed TP deployment architecture

  30. TCG对于可信计算平台的划分8 categories of Trusted platform 移动设备Mobile 客户端PC Client 服务器Server 体系结构Architecture TPM 软件包 Software Stack 可信网络连接 Trusted Network Connect 存储Storage

  31. TCG的IWG和TNC的对应关系the IWG and TNC architecture

  32. TNC体系结构TNC architecture

  33. TNC体系结构下的消息流Message flow between components

  34. 拥有TPM的TNC体系结构The TNC architecture with the TPM

  35. 思科的自防御网络体系Cisco’s self-defending network

  36. 思科的自防御网络体系Cisco’s self-defending network

  37. 松散安全结构的代表——框架和方案Loose security structure — Framework • 松散结构中的各个部件关联关系,常常靠人的集成来实现 The connection among the components of loose structure is always integrated by human. • 松散结构常常表现为框架Framework • 技术框架Technology framework • 管理体系Management system • ISO27001, ISO20000, etc.

  38. 技术功能是PDR的衍生PDR can express technology framework

  39. 检测能力是松散技术结构的关联要素Detection make the loose structure tight • 攻击者不得不面对越来越多的 Attackers have to face more • 入侵检测 IDS • 漏洞扫描 scanner • 应用审计系统 Application auditing system • 日志系统 log system • 蜜罐 honey pot • 取证系统 forensic system • 监控平台 monitoring platform • 等等 etc.

  40. 一个信息安全管理体系的结构Structure of a ISMS (modified ISO27001)

  41. 结构性安全中的脆弱性Vulnerabilities in structures

  42. 你对刚才阐述的结构性安全有什么感觉?What’s your feeling about structural security? • 复杂 complex • 怀疑其完备性 concern about the completion • 成本 cost • 蠢人永远有 stupid guys are there • … …

  43. 不要被“结构性安全”给忽悠了!Do not be misled by structural security • 不要被“结构性安全”给忽悠了!脆弱性安全和结构性安全并不是对立的,也不是两个发展阶段;脆弱性安全也有结构,结构性安全也有脆弱性。 • Do not be misled by structural security • Vulnerability-oriented security also has structure • Structural security also has vulnerabilities

  44. 借助非技术环节来侵害技术结构Find vulnerabilities from non-technology parts Alice Public key Private key Randomly Generated Symmetric Key (seed + PRNG) Bob Public key Private key

  45. 借助非技术环节来侵害技术结构Find vulnerabilities from non-technology parts Alice Public key Private key Public key Randomly Generated Symmetric Key (seed + PRNG) Carl Bob Private key Public key Private key 线路的透明插入,可以完成对于加密通信的嗅探攻击

  46. 借助非技术环节来侵害技术结构Find vulnerabilities from non-technology parts Alice Public key Private key Public key Randomly Generated Symmetric Key (seed + PRNG) Carl Bob Private key Public key Private key

  47. 结构性安全的局限性Limitation of structural security • 结构是在环境中的、有边界的 environment and boundary

  48. 在生命周期中寻找弱点Find vulnerabilities along the lifecycle • 厂家的生产环节常常会埋有后门 back doors embedded during manufacturing • 没有一个系统是完美的 No perfect system • … …

  49. 在结构的时序中寻找突破Find vulnerabilities through time sequence • 以文档保密系统为例 Sample: Document protection system • 文档的生成环节最可能存在漏洞 Vulnerabilities during creating documentation

More Related