Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Introduction to Security
Avinanta Tarigan
Universitas Gunadarma
1 Avinanta Tarigan Introduction to Security
Layout
ProblemsGeneral SecurityCryptography & Protocol reviewed
2 Avinanta Tarigan Introduction to Security
Problems
Life was beautiful before computer, getting worse afterInternetDistributed systems: each depends on othersHow can we assure system behaves correctly & securely ?Can we trust systems on the other side ?
3 Avinanta Tarigan Introduction to Security
Problems .. (cont)
How to assure security of the networkHow to quantify riskWhat are the boundaries of the system ?Relationship to political, social, enomical aspects is notwell understoodUncertainty
4 Avinanta Tarigan Introduction to Security
Definition
In General :
Computer Security deals with the method againstunauthorized actions in computer systems
More General :
Dependability to other institution is also insecurity
5 Avinanta Tarigan Introduction to Security
Basic
6 Avinanta Tarigan Introduction to Security
Basic
7 Avinanta Tarigan Introduction to Security
Basic
Vulnerability (Kelemahan)
Security Violation (Pelanggaran)
* Unauthorized Access (Cracked)
* Password Stolen* Unauthenticated Sites
* Sensible Information Sniffed
Attacker who attacks
State(Keadaan)
StateTransition
8 Avinanta Tarigan Introduction to Security
What is secure ?
Computer based system behaves according to1 algorithms (program/software)2 user direction (input)
Given systems & environment:1 secure states (system maintains security properties)2 insecure states (violation of security policy)3 paths lead to insecure states (vulnerability)
Correctness: maintain intended behavior according tocorrect specification while unintended behavior will not bereachableSecurity policy: definition of (1,2,3)Attack : Persistence, Intentional, Outsider vs Insider,Loss vs Gain
9 Avinanta Tarigan Introduction to Security
Threats ... (cont)
Towards vulnerable system [Abadi] :
Interaction with uncertain physical, network, softwareenvironment.Using public network, distributed administration, diverseoperatorsCOTS, business demand is the priority, Monocultures
10 Avinanta Tarigan Introduction to Security
Threats ... (cont)
Attack :
Physical attackex. theft of harddisk/cdroms, bombing, etc.Syntatic attackex. buffer overflow, domain theft, SQL injectionSemantic attackex. Social engineering, site phising
11 Avinanta Tarigan Introduction to Security
Security Policy
We define secure states and insecure statesDefine paths which always bring system in secure states:what is permitedDefine also paths might lead to insecure states: what is notallowedSpecified in formal language for clearness, unambiguity,consistency, and verificabilityWritten in natural language for better understanding
12 Avinanta Tarigan Introduction to Security
Properties
Confidentiality (Secrecy)Unauthorized disclosure of information is not reachable(Acces Control - Cryptography)IntegrityUnauthorized modification of information is not reachable
Data integrity - Origin integrity / authenticationPrevention (access control) - Detection (hash function)
13 Avinanta Tarigan Introduction to Security
Properties ... (cont)
AvailabilityPrevention & detection of denial of serviceAccountabilityThe availablity and completeness of the track of pastsystem statesWho - Whom - What - When - WhereImplementation: should be forensic ready
14 Avinanta Tarigan Introduction to Security
Goals
Preventionto fail the attackDetectionto detect unprevented attackRecoveryto stop the attack & repair attacked system
15 Avinanta Tarigan Introduction to Security
Security Mechanism
Way to enforce security policiesHow to limit system behavior according to policiesSpecification - Design - Implementation - Operation &Maintenance - Audit (Forensic)Access Control & Cryptography
16 Avinanta Tarigan Introduction to Security
Access Control
Reference MonitorSet of precise rules according to security policy, applied asa filter to the transition states of the system, which preventssystem in entering insecure stateAuthentication is mandatorySubjects, Objects, Actions, Time, Location, and otherattributes
17 Avinanta Tarigan Introduction to Security
Model of Acces Control
Subj 1 Subj 2 Subj N
Obj 1 Obj 2 Obj N Obj 1 Obj 2 Obj N
DiscretionaryAccess Control
(DAC)Access Control
(MAC)
Mandatory Safe Dealing(SD)
Role BasedAccess Control
(RBAC)
Obj 1 Obj 2 Obj N
Subj 1 Subj NSubj 2 Subj 1 Subj NSubj 2Subj 1 Subj NSubj 2
���������������
���������������
���������������
���������������
���������������
���������������
������������
������������
Confident AttributeControl
Ticket K−1 Ticket K
Ticket K+1
Enrollment
Secret
Top Secret
Obj 2
Obj N
Obj 1
18 Avinanta Tarigan Introduction to Security
Implementation: Cryptography
Algorithm to protect secrecy of dataAlso used to gain :
authenticationintegritynon repudiation
Includes : algorithm and key(s)
19 Avinanta Tarigan Introduction to Security
Cryptography ... (cont)
Chipertext = Encrypt(Message,Key)
Message = Decrypt(Chipertext ,Key)
Decrypt(Chipertext) hard without KeyResearch questions :Is there any algorithm which is hard to compute originalmessage but easy to verify itIn implementation requires a protocol (CryptographicProtocol)
20 Avinanta Tarigan Introduction to Security
Symmetric Crypt.
A 7→B : {M }Kab
Principal A sends B message Mencrypted with shared-key Kab
Key is shared between 2 principalsNeeds N2 keys for N principalsFast but key management is not easyExample of Chiper: DES, 3DES, Blowfish, AES
21 Avinanta Tarigan Introduction to Security
Asymmetric/Public Key Crypt.
A 7→B : {M }Kb
Principal A sends B message Mencrypted with B’s public-key Kb
Only with private-key K −1b , B can decrypt M
Principal has its own K which is published and K −1
which must be keeped secretKey management is less difficult, usualy managed byCertification AuthorityExample of Chiper: RSA (Rivest-Shamir-Addleman),Elliptic-Curve
22 Avinanta Tarigan Introduction to Security
One-Way-Hash
Algorithm to compute large data into small integer,producing fingerprint of the message
Used for maintaining integrity of message beingtransferredExample: MD5, SHA1, SHA-256, Ripemd, Haval
23 Avinanta Tarigan Introduction to Security
Digital Signature (Sign)
24 Avinanta Tarigan Introduction to Security
Digital Signature (Verify)
25 Avinanta Tarigan Introduction to Security
Digital Signature
A 7→B : {M ,{Hash(M )}Ka}Kb
A’s digital signature on a message is the hash of messageencrypted with A’s private-keyAuthentication: only with A’s public-key, the hash can bedecryptedIntegrity: Hash functionConfidentiality: message can be decrypted only with B’sprivate-keyNon-Repudiation: explain for your self
26 Avinanta Tarigan Introduction to Security
Pictures of Cryptographer
27 Avinanta Tarigan Introduction to Security
Cryptographic Protocol
Implementation of Cryptography AlgorithmAchieving security properties (authentication,secrecy, etc.)Example :
Needham-Schroeder (authentication)Kerberos (authentication)SSL/TLS (auth - secrecy )
28 Avinanta Tarigan Introduction to Security
Cryptographic Protocol
Example : Needham-Schroeder Protocol
M1 A 7→S : A, B, Na
M2 S 7→A : {Na, B, Kab, {Kab, A}Kbs}Kas
M3 A 7→B : {Kab, A}Kbs
M4 B 7→A : {Nb}Kab
M5 A 7→B : {Nb−1}Kab
Intoducing Nonce (N)
29 Avinanta Tarigan Introduction to Security
Cryptographic Protocol
More example : Kerberos Protocol
M1 A 7→S : A, B
M2 S 7→A : {Ts, L, B, Kab, {Ts, L, Kab, A}Kbs}Kas
M3 A 7→B : {Ts, L, Kab, A}Kbs, {A, Ta}Kab
M4 B 7→A : {Ta + 1}Kab
Introducing TimeStamp (T ) and Lifetime (L)
Used in many system, including Windows
30 Avinanta Tarigan Introduction to Security
Cryptographic Protocol
Problem :
Wrong design could lead to flaw
Needham-Schroeder ProtocolSSLv1.0
Wrong implementation could lead to vulnerability
Padding problem in SSL, SSH, and WTLSUser Interface design in Browser
Vulnerability arise between two protection technologies(Anderson, Ross)
31 Avinanta Tarigan Introduction to Security
Assurance : Formal Method
To prove correctness in achieving security properties whichprotocol carry outThere are two development approach :
Extention from method used in communicationNewly developed method
Four classifications :
1. General purpose tools 3. Expert System2. Logic based 4. Algebraic approach
32 Avinanta Tarigan Introduction to Security
Formal MethodUsing General Purpose Tools
Treated as ordinary comm. protocolAdversary is explicit, capable in read, intercept, and modifymessagesMethod : FSM, CSP, FDR, Petri NetsExample : Lotos, Ina Jo, Murphy
A BINTRUDER
System State
33 Avinanta Tarigan Introduction to Security
Formal MethodUsing Expert System
Investigate every possible scenario of Attack - Flaw -DefenceNeeds to define insecure states and search paths to themMore successful than General Purpose ToolsExample : Interrogator by Millen, NRL Protocol Analyzer byMeadows, Longley and Rigby
34 Avinanta Tarigan Introduction to Security
Formal MethodAlgebraic Approach
Capabilties in modeling knowledge which representscomponent in cryptographic operation (Nonce, Key(s), andold messages)Example :
Dolev - Yao (term re-writing systems)Sphi - Calculus by Abadi and Gordon (to prove secrecy)
35 Avinanta Tarigan Introduction to Security
Formal MethodLogic Based
One sees crypt. protocol as distributed algorithmDevelop logics from modal logicThere are inference rulesGoal is to derived statements which represents correctconditionExample : BAN Logic and GNY Logic
36 Avinanta Tarigan Introduction to Security
Towards Secure System
Specification : Security PolicyImplementation : Security MechanismCorrectness : AssuranceMan - Machine - Management
37 Avinanta Tarigan Introduction to Security
Towards ... (cont)
Preventivemeasures
General Users
Detectivemeasures
Desktop
Servers
Perimeter
Managers
Security Team
Responsivemeasures
38 Avinanta Tarigan Introduction to Security
Towards .. (cont)
− Government Agent− Financial Institutions− Organizations− Local − etc
− Availability− Integrity− Confidentiality− Non Repudiation− etc
− User Education− Secure OS, Application, Perimeter− etc
Constituent Systems
ConstituentOrganizationalUnitsSecurity Goals
− Policy
39 Avinanta Tarigan Introduction to Security
Books, Papers, and Links
Ross Anderson, “Security Engineering”Matt Bishop, “Computer Security”Schneider et. al. “Modelling and Analysis of SecurityProtocols”Martin Abadi’s homepage athttp://www.cse.ucsc.edu/˜abadi
40 Avinanta Tarigan Introduction to Security
The End
End of this presentation
41 Avinanta Tarigan Introduction to Security