1 / 35

CSCE 813 Midterm Topics Overview

CSCE 813 Midterm Topics Overview. Network Attacks. Classifications Passive vs. Active Against security objectives What are the security objectives? Attacker’s activities Give some examples. Forward Secrecy. Why PFS is important for security protocols?.

burtm
Download Presentation

CSCE 813 Midterm Topics Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSCE 813 Midterm Topics Overview Internet Security - Farkas

  2. Network Attacks • Classifications • Passive vs. Active • Against security objectives • What are the security objectives? • Attacker’s activities • Give some examples Internet Security - Farkas

  3. Forward Secrecy Why PFS is important for security protocols? Compromised key: permits the disclosure of the data encrypted by the compromised key. No additional keys can be generated from the compromised key. Perfect Forward Secrecy: compromise of a single key will permit access to only data protected by a single key Internet Security - Farkas

  4. Protection Protection at storage Protection during usage Protection during transmission Give an example attack and consequences for each What are the basic security technologies? Internet Security - Farkas

  5. Communication Security Security Protocols • Cryptographic protocols • Services: secrecy, integrity, authentication, key exchange, non-repudiation, etc. • Components: communicating parties (nodes), trusted third party, encryption algorithms, hash functions, timestamps, nonce, etc. Internet Security - Farkas

  6. Security Properties – Authentication of Origin • Verify • Who sent the message? • Who sent the message to whom? • Who sent the message to whom and how many times? Internet Security - Farkas

  7. Security Properties • How can we support • Non-interference • Message confidentiality • Sender authentication • Message authentication • Message integrity • Replay protection • …? • What is • Non-interference • Message confidentiality • Sender authentication • Message authentication • Message integrity • Replay protection • …? Why do we need protocol analysis? Internet Security - Farkas

  8. Attacks • Known attacks • Can be picked up by careful inspection • Non-intuitive attacks • Not easily apparent • May not depend on flaws or weaknesses of cryptographic algs. • Use variety of methods, e.g., statistical analysis, subtle properties of crypto algs., etc. Internet Security - Farkas

  9. TCP/IP Protocol Stack How does the TCP/IP stack compares to the ISO-OSI model? Why is layering a good idea? How does layering impact the security capabilities? What are the main protocols for each layer? Application Layer Transport Layer Internetwork Layer Network Access Layer How do these protocols support security? Internet Security - Farkas

  10. What are the main security capabilities supported by the security protocols? Internet Security - Farkas

  11. Security -- At What Layer? • Where to implement security? • Basic services that need to be implemented: • Key management • Confidentiality • Nonrepudiation • Integrity/authentication • Authorization • What are the security technologies supporting these services? Internet Security - Farkas

  12. Network Access Layer • Responsible for packet transmission on thephysical media • Protocols: Ethernet, Token Ring, Asynchronous Transfer Mode (ATM) Application Layer Transport Layer Network Layer Network Access L How does Ethernet support security? Internet Security - Farkas

  13. Virtual Private Network L2TP: combines Layer 2 Forwarding (L2F) and Point-to-Point Tunneling Protocol (PPTP) What does tunneling mean? Who can create a tunnel? CSCE 813 - Farkas

  14. L2TP Protocol Service 1 Client 2 LAC LNS Control Service 2 Client 1 Session 1 (Call ID 1) Session 2 (Call ID 2) • Tunnel components • Control channel (reliable): control sessions and tunnel • Data channel (unreliable): created for each call • What is the level of protection between • Client 1 & LAC? • LAC & LNS? CSCE 813 - Farkas

  15. L2TP and IPSec • L2TP is NOT secure without the support of IPSec • What are the attacks to consider? CSCE 813 - Farkas

  16. TCP/IP Protocol Stack • Packaging • Addressing • Routing Application Layer Transport Layer What are the supported security protocols? What is the effect of standardization on security? Network Layer Data Link Layer CSCE813 - Farkas

  17. Internet Engineering Task Force Standardization • IPv6 development requirements: Strong security features • 1992: IPSEC WG (IETF) • Define security architecture • Standardize IP Security Protocol and Internet Key Management Protocol • 1998: revised version of IP Security Architecture • IPsec protocols (two sub-protocols AH and ESP) • Internet Key Exchange (IKE) CSCE813 - Farkas

  18. IP Security Overview IPSec: method of protecting IP datagrams • Data origin authentication • Connectionless data integrity authentication • Data content confidentiality • Anti-replay protection • Limited traffic flow confidentiality CSCE813 - Farkas

  19. IP Security Architecture IPsec module 1 IPsec module 2 SPD SPD IKE IKE IPsec IPsec SAD SAD SA CSCE813 - Farkas

  20. The Domain Name System • Why is it needed? • Is this secure? • What are the security concerns? • Good reading: SANS Institute: Security Issues with DNS, http://www.sans.org/reading-room/whitepapers/dns/security-issues-dns-1069 Internet Security - Farkas

  21. Transport Layer • Host-to-host transportation of packets • Services: • Connection-oriented or connectionless • Reliable or unreliable • TCP, UDP Application Layer Transport Layer Network Layer Data Link Layer What are the TL security protocols? Internet Security - Farkas

  22. Security Requirements What are the advantages supporting security at this layer? Which are the most popular transport layer security protocols? • Key management • Confidentiality • Repudiation • Integrity/authentication • Authorization CSCE 813 - Farkas

  23. Transport Layer Security Protocols • Connectionless and connection-oriented transport layer service: Security Protocol 4 (SP4) – NSA, NIST, Transport Layer Security Protocol (TLSP) – ISO • Connection-oriented transport layer service: • Encrypted Session Manager (ESM) – AT&T Bell Labs. • Secure Socket Layer (SSL) – Netscape Communications • Transport Layer Security (TLS) – IETF TLS WG Most popular transport layer security protocols CSCE 813 - Farkas

  24. Application Layer • Provides applications that can access services at the other layers, e.g., telnet (port 23), mail (port 25), finger (port 79) • New services and protocols are always being developed Application Layer Transport Layer Network Layer Data Link Layer Internet Security - Farkas

  25. Approaches • Provide security system that can be used by different applications • Develop authentication and key distribution models • Enhance application protocol with security features • Need to enhance each application CSCE 813 - Farkas

  26. Cerberus Third Party Authentication Kerberos 1.Request ticket- granting ticket Once per user logon session 2. Ticket + session key KDC Client 3. Request service- granting ticket TGS Once per type of service 4. Ticket + session key 6. Provide server authentication 5. Request service Server Once per service session CSCE 813 - Farkas

  27. Security-Enhanced Application Protocol • Applications: • Terminal access • File transfer • Electronic mail • WWW transactions • DNS • Distributed file system CSCE 813 - Farkas

  28. SSH • Use generic transport layer security protocol over TCP/IP • Support for • Host and user authentication • Data compression • Data confidentiality • Integrity protection • Server listens for TCP connection on port 22, assigned to SSH CSCE 813 - Farkas

  29. PGP: Confidentiality and Authentication Sender A KAprivate Ks[M+H(M)] KBpublic Ks E M H E M E c c KAprivate[H(M)] KBpublic (Ks) H Compare D D Ks D KBprivate KApublic Receiver B CSCE 813 - Farkas

  30. Summary of Advantages and Disadvantages ofSupporting Security at Different Layers Internet Security - Farkas

  31. Network Access Layer Security • Dedicated link between hosts/routers  hardware devices for encryption • Advantages: • Speed • Disadvantages: • Not scaleable • Works well only on dedicates links • Two hardware devices need to be physically connected Internet Security - Farkas

  32. Internetwork Layer Security IP Security (IPSec) • Advantages: • Overhead involved with key negotiation decreases <-- multiple protocols can share the same key management infrastructure • Ability to build VPN and intranet • Disadvantages: • Difficult to handle low granularity security, e.g., nonrepudation, user-based security, Internet Security - Farkas

  33. Transport Layer Security • Advantages: • Does not require enhancement to each application • Disadvantages: • Difficult to obtain user context • Implemented on an end system • Protocol specific  implemented for each protocol Internet Security - Farkas

  34. Application Layer Security • Advantages: • Executing in the context of the user --> easy access to user’s credentials • Complete access to data --> easier to ensure nonrepudation • Application can be extended to provide security (do not depend on the operating system) • Application understand data --> fine tune security • Disadvantages: • Implemented in end hosts • Security mechanisms have to be implemented for each application --> • expensive • greated probability of making mistake Internet Security - Farkas

  35. Next Class: Web Application Security Internet Security - Farkas

More Related