1 / 21

CSC 382: Computer Security

This article explores the concepts of identity, files, users, groups, certificates, and anonymity in computer security. It covers topics such as authentication, access control, remote objects, distinguishing names, certification authorities, host identity, and methods for achieving anonymity on the internet.

brucemorris
Download Presentation

CSC 382: Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSC 382: Computer Security Identity CSC 382: Computer Security

  2. Identity • What is Identity? • Files and Objects • Users • Groups and Roles • Naming and Certificates • Internet Identity and Anonymity CSC 382: Computer Security

  3. What is Identity? Computer’s representation of an entity • Entities can be subjects or objects. Authentication binds a principal to an identity. Example: • username expresses your identity. • password binds the person typing to that particular identity (username). CSC 382: Computer Security

  4. Purpose of Identity Access Control • Most systems base access rights on identity of principal executing the process. Accountability • Logging and auditing functions. • Need to track identity across account/role changes (e.g., su, sudo). CSC 382: Computer Security

  5. Files and Objects Objects are identified by assigning names Example: UNIX filenames • inode: unique identifier, contains file metadata and location of disk blocks. • file descriptor: abstracts inode on a per-process basis for file reading and writing. • absolute pathnames: describe location in filesystem. • relative pathnames: describe locations of file with respect to current working directory. CSC 382: Computer Security

  6. Remote Objects Remote objects require more complex names. Example: URLs • Identifies objects by location and protocol required to access it. • <scheme>://<authority><path>?<query> • example: ftp://abcorp.com/pub/README CSC 382: Computer Security

  7. Users Identity tied to a single entity. Example: UNIX UIDs • UNIX identifies user with 15- to 32-bit user ID. • Also provides login names for convenience • Each login name corresponds to a single UID. • A UID may have multiple login names. • UID=0 is superuser regardless of login name. • Real UID is actual user. • Effective UID (EUID) used for access control. • SetUID programs allow EUID to differ from UID. CSC 382: Computer Security

  8. Groups and Roles An “entity” may be a set of entities referred to by a single identifier. Principals often need to share access to files, and thus are taken as groups. • static: alias for a group of principles. • dynamic: principal changes from one group to another as different privileges are needed. role: a group that ties membership to function example: UNIX groups CSC 382: Computer Security

  9. Certificates Bind a cryptographic key to a principal. How to identify the principal? • Distinguished Names provide unique names despite people sharing first and last names. • Certification Authorities (CAs) link DNs to a particular person. CSC 382: Computer Security

  10. Distinguished Names Hierarchical naming system • Used by X509.3 certificates, LDAP String representation: • Series of key value pairs, separated by /’s Example: /O=University of Toledo/OU=Dept. of EECS/CN=James Walden CSC 382: Computer Security

  11. Certification Authorities CA Authentication Policy: Describes level of authentication required to identify a principle to whom a certificate is issued CA Issuance Policy: Describes principals to whom CA will issue certificates CSC 382: Computer Security

  12. CA Example: Verisign Authentication Policies • Authenticates email address • Authenticates real name and address • Authenticates legal identity via a background check from investigative service Issuance Policies • Issue to individuals • Issue to web servers (organizations) CSC 382: Computer Security

  13. CA Hierarchy Hierarchical tree of CAs • Identify CAs by DNs • Root = Internet Policy Registration Authority • Policy Certification Authorities (PCAs) • Each has public authentication and issuance policies. • Issue certificates to ordinary CA. • Subordinate nodes must follow policies of parents, but can add more restrictions. • Make trust decisions by walking up tree. CSC 382: Computer Security

  14. Host Identity Ethernet (MAC) Address • 48-bit data link level identifier • example: 00:0B:DB:78:39:8A IP Address • 32-bit network level identifier • ex: 10.17.0.101 IPv6 Address • 128-bit network level identifier • ex: fe80::2a0:c9ff:fe97:153d/64 Hostname (DNS name) • string application level identifier • ex: www.nku.edu CSC 382: Computer Security

  15. Anonymity Internet connections are associated with a particular host. What if you don’t want your identity associated with a connection? Solution: anonymizer • A proxy server that performs connection on your behalf. • Internet connection associated with anonymizer, not your IP address. CSC 382: Computer Security

  16. Pseudo-anonymous Remailer • Maps anonymous ID to sender. • Replaces sender’s email addresses and other identifying information. • Forwards message to destination host. • Replies are also anonymized and forwarded to original sender. Caveat: sender and recipient both known to pseudo-anonymous remailer. CSC 382: Computer Security

  17. Cypherpunk Remailer • Encipher message with recipient’s public key. • No mapping between originator/remailer address. • Delete header. • Decipher one layer of PGP encryption (using remailer’s private key). • Encipher with PGP public key of next remailer. • Forward to next remailer or destination. CSC 382: Computer Security

  18. Traffic Analysis Attacker can still obtain association if remailer immediately forwards messages • Delay messages for random time interval. • Randomize processing order of messages. • Keep pool of incoming messages. • Send random message once n messages in pool. • What if attacker sends messages to fill pool? Attacker can obtain associations by watching message size. • Message size decreases with each remailing. CSC 382: Computer Security

  19. Mixmaster Remailer Cypherpunk remailer that handles only enciphered messages and pads or fragments all messages to a fixed size before sending. • All messages uniquely numbered to avoid replay attacks. • Messages not re-assembled until last remailer. CSC 382: Computer Security

  20. Key Points • All access control is based on identity. • Identity may have multiple representations. • Identities are bound to principals. • Anonymity allows interaction without knowledge of true identity. psuedo-anonymity: intermediary knows identity. true anonymity: no one knows true identity. CSC 382: Computer Security

  21. References • Phil Agre. “Your Face is not a Bar Code,” http://polaris.gseis.ucla.edu/pagre/bar-code.html, 2003. • Ross Anderson, Security Engineering, Wiley, 2001. • Matt Bishop, Introduction to Computer Security, Addison-Wesley, 2005. • Bruce Schneier, “Biometrics: Truths and Fictions,” Cryptogram, http://www.schneier.com/crypto-gram-9808.html#biometrics, 1998. • John Viega and Gary McGraw, Building Secure Software, Addison-Wesley, 2002. • David Wheeler, Secure Programming for UNIX and Linux HOWTO, http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html, 2003. CSC 382: Computer Security

More Related