Pervasive Web Services and Security 2010

8/8/2019 Pervasive Web Services and Security 2010

http://slidepdf.com/reader/full/pervasive-web-services-and-security-2010 1/123

P ERVASIVE W EB A RCHITECTURES AND W EB -DRIVEN A PPLICATION S YSTEMS

Dr. Rahul Banerjee

Computer Science & Information Systems GroupBirla Institute of Technology & Science, Pilani, India

Email: [email protected] / [email protected]

Home: http://www.bits-pilani.ac.in/~rahul/

mailto:[email protected]


http://www.bits-pilani.ac.in/~rahul/










INTERACTION P OINTS

What is a Pervasive Web Architecture?Do the phrases „Pervasive Computing Systems‟and „Pervasive Web‟ mean the same thing?Elements of a Pervasive Web Architecture

What should you know to design applicationsinvolving pervasive web-applications?How do you glue the pieces you have learnt so fartogether?

Tutorial problems on Pervasive Web ApplicationDesign and ImplementationDiscussions and SummarizationConclusion



E LEMENTS OF P ERVASIVE WEB

Pervasive Computing Infrastructure involving:Internetwork of computing nodes ( local / global: private/ public or a combination )HTTP support enabled atop the Internetwork-in-question with w3c recommendations in place

Support for the transparency in spite of heterogeneityof devices , platforms , languages , servicesProvision for Web Service Description , Web Service

Deployment , Web Service Publication , Web Service Discovery , Web Service Access / Usage , Web ServiceMonitoring / Security

Applications ( client , middleware , server side ) whichcould exploit the above referred provisions on respectivedevices / device clusters .



E NABLING WEB -BASED A PPLICATIONS FOR P ERVASIVE COMPUTING DEVICES

Goal: Efficient transformation of input formats torequired output format for delivery and use by pervasivecomputing devices OR dynamically generating data inrequired formatThe respective mechanisms used to accomplish the task:

„Transcoding ‟ and „Device-specific Content Generation ‟ Example: HTML to WML transcodingBest suited to structured documents written in mark-uplanguages like XML, XHTML etc.Involves post-processing of Server-generated web-basedcontentTranscoding can happen at : Application Servers (full orselective), Application Proxies (full) <former is a betterchoice in most cases> In many cases, Transcoders come with their own sets of

APIs .



M ERITS AND DEMERITS OF TRANSCODING IN THE A PPLICATION S ERVER VERSUS

A PPLICATION P ROXY

Transcoding at the Application Server has theadvantage that it allows SSL/ TLS support ,selective transformation of content as per needand user-level transparency Transcoding at the Application Proxy takesaway all these advantages but allows ease of

deploying transcoding over just any Webserver,without necessarily being dependent on the

Application Server-specific implementation-dependent restrictions .



TRANSCODING VERSUS DEVICE -SPECIFIC CONTENT GENERATION

The latter ( DSCG ) suits freshly developedapplications

DSCG is also preferable when minimalaccess is available to back-end systemservicesIt provides better performance It is more scalable than Transcoding

Allows optimization specific to devicesCosts more



Provision for Web Service Description , WebService Deployment , Web Service Publication ,Web Service Discovery , Web Service Access /

Usage , Web Service Monitoring / Security

Step-1: Web Service Requirement IdentificationStep-2: Web Service Description

Choice of suitable web service description languageIdentification of required protocols that would allow its use

Step-3: Web Service DeploymentChoice of suitable number of tiers and deployment schemePlacement, configuration and activation of service elements

Step-4: Web Service PublicationStep-5: Web Service DiscoveryStep-6: Web Service Access / Use



N OTE : Some of the duly marked slides have been prepared with

respective input from BITS, MIT Project Oxygen, HP CoolTownProject, VirginiaTech, UIUC, ETH-Zuich, MSR, UoW, CMU,

IETF, ITU, Sun, W3C, KU, CU, LU, IEEE PC.

Use of copyrighted material from these and other sources in the following slides is meant for pureacademic reference herein is thankfully acknowledged.

<Not meant for re-distribution!>



Step-1: Web Service RequirementIdentification

What do we need to know before we begin?

How do we separate required and desirable (value-added) features?



Step-2: Web Service Description

Web Service DescriptionChoice of suitable web service description language

Identification of required protocols that would allow its use



Step-3: Web Service Deployment

Web Service DeploymentChoice of suitable number of tiers and deployment scheme

Placement, configuration and activation of service elements



Step-4: Web Service Publication

Web Service Publication Strategies

Web Service Publication Mechanisms

Web Service Publication Practices (BCP)



Step-5: Web Service Discovery

Web Service Discovery Process

Mechanisms for Discovery of Web Services

Best Current Practices for Web Service Discovery



Step-6: Web Service Access / Use

Web Service Access / Use: Common Methods

Issues associated with Web Service Access / Use



Web Service Monitoring & Security

Web Service Monitoring

Web Service Security



WHAT IS A WEB S ERVICE ?

A Web Service is simply a service available via the WebService can be implemented in any language.Problems with Web Services:

It is not practical to automatically find web servicesfor your needs

There is no built-in mechanism for payment for use of a web service

There is no built-in security control

When a web service changes (e.g., adds a parameterto its method), the program using it breaks



THE SOAP

SOAP stands for " S imple Object A ccessP rotocol"

Used for "Remote Procedure Calls", similar to:

IIOP (for Corba), ORPC (for DCOM), RMI (for Java)Difference: SOAP is text-based (actually XML),not binary. Firewall Friendly

Difference: Language independent, can call aprogram in any language

Difference: Uses standard port, since uses

standard protocols



SOAP: RPC & DOC

SOAP is simply a standard for sending messages (thinkof it as an envelope)

We can send two types of messages using SOAP:

RPC: Remote Procedure Call, a request to call a method

DOC: A document (this is used for more complex client -server communication)



THE SOAP WAY …



A N A CTUAL S OAP REQUEST LOOKS LIKE …

<SOAP-ENV:Envelopexmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance"xmlns:xsd="http://www.w3.org/1999/XMLSchema">

<SOAP-ENV:Header> </SOAP-ENV:Header>

<SOAP-ENV:Body><ns1:sayHelloTo xmlns:ns1="Hello"

SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">

<name xsi:type="xsd:string">John</name></ns1:sayHelloTo>

</SOAP-ENV:Body></SOAP-ENV:Envelope>



A ND , AN A CTUAL S OAP RESPONSE LOOKS LIKE …

<SOAP-ENV:Envelope

xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance"xmlns:xsd="http://www.w3.org/1999/XMLSchema">

<SOAP-ENV:Body><ns1:sayHelloToResponse xmlns:ns1="Hello"

SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">

<return xsi:type="xsd:string">Hello John, How are you doing?

</return></ns1:sayHelloToResponse>

</SOAP-ENV:Body></SOAP-ENV:Envelope>



SOAP H EADER S ECTION

The SOAP Header can contain information that describes theSOAP request. Example:

<SOAP-ENV:Header><t:Transaction xmlns:t="some-URI"

SOAP-ENV:mustUnderstand="1"> 5 </t:Transaction>

</SOAP-ENV:Header>Here, 5 is the transaction ID of which this method is a part.

SOAP envelope's mustUnderstand attribute is set to 1, which meansthat the server must either understand and honor the transactionrequest or must fail to process the message.



SOAP R ESPONSE ON E RROR

There may be many errors in processing a SOAPrequestError in Running Method:

e.g., the "Hello Server" does not allow anyone to say hello onTuesday

Error in Processing SOAP Headers:e.g., Problem running method as part of a transaction



THE M AIN P LAYERS IN SOAP

There are three components that take part in a SOAPapplication:

Client Application: A program that sends a SOAP request.

Wants to use a service.SOAP Processor: A program that can receive SOAP requestsand act accordingly (e.g., call an method of the ApplicationServer)

Application Server: A program that supplies the Web service



A PPLICATION S ERVER : S OME S IMPLE TIPS

The application server providing any Web Service doesnot need anything special.

In fact, your application server need not know that it is beingused for providing a Web Service!!



A BIT ON THE CLIENT A PPLICATION

The SOAP client needs to generate a SOAP request

When using Java, you shall need the following packages

in your CLASSPATH to compile:soap.jar

mail.jar

activation.jar



T IPS ON TOMCAT / S ERVLET & SOAPP ROCESSOR S CENARIO

Your Tomcat web server needs a web application that isa SOAP Processor

Put soap.war in your <tomcat_home>/webapps directory

To actually run the SOAP Processor, it needs thesoap.jar, mail.jar, activation.jar files in its classpath

Easiest way to get the files in its classpath: Add them to

the directory <tomcat_home>/lib



CREATING THE A PPLICATION S ERVER

package hello;

public class HelloServer {public String sayHelloTo(String name) {

return "Hello " + name +", How are you doing?";

}}

•Note: Put application in a package. Create a jar file from the package andput the package in <tomcat_home>/lib, so that it will be in Tomcat'sclasspath



DEPLOYING THE WEB S ERVICE

The SOAP Processor must be told about your application.This is called " deploying "

Deployment is a two-step process:Create a deployment descriptorCall the java command that deploys the web application



DEPLOYMENT DESCRIPTOR

<isd:service

xmlns:isd="http://xml.apache.org/xml-soap/deployment"id="urn:helloApp">

<isd:provider type="java"scope="application"

methods="sayHelloTo"><isd:java class="hello.HelloServer"/>

</isd:provider><isd:faultListener>

org.apache.soap.server.DOMFaultListener</isd:faultListener>

</isd:service>

The scope of theObject used tofulfill the SOAPRequest.Applicationmeans that allSOAP requestswill be sent to thesame object.



DEPLOYMENT DESCRIPTOR

<isd:service

xmlns:isd="http://xml.apache.org/xml-soap/deployment"id="urn:helloApp">

<isd:provider type="java"scope="application"

methods="sayHelloTo"><isd:java class="hello.HelloServer"/>

</isd:provider><isd:faultListener>

org.apache.soap.server.DOMFaultListener</isd:faultListener>

</isd:service>



S COPE OF WEB S ERVICE

page: The service instance is available until a responseis sent back or the request is forwarded to anotherpagerequest: The service instance is available for theduration of the request, regardless of forwardingsession: The service instance is available for the entiresession

application: The same service instance is used toserve all invocationsWhich of these scope values require us to thinkabout synchronizing access to data members and

methods?



COMPLETING THE DEPLOYMENT

Save the deployment descriptor in a file, e.g.,HelloDescriptor.xmlRun the command: java org.apache.soap.server.ServiceManagerClient

http://<host>:<port>/soap/servlet/rpcrouter deployHelloDescriptor.xml

where <host> and <port> are those of Tomcat

Note that Tomcat must be running for this to work You can get a list of all deployed web services using thecommand java org.apache.soap.server.ServiceManagerClient

http://<host>:<port>/soap/servlet/rpcrouter list



U NDEPLOYING A S ERVICE

You can undeploy a web service, so that it is no longerrecognized by the SOAP Processor using the command java org.apache.soap.server.ServiceManagerClient

http://<host>:<port>/soap/servlet/rpcrouter undeployurn:helloApp

Note that the last argument is the URI of the web serviceto be removed



WHAT MUST THE CLIENT DO : A S UMMARY N OTE

Create the SOAP-RPC call

Set up any type mappings for custom parameters

Set the URI of the SOAP service to use

Specify the method to invoke

Specify the encoding to use

Add any parameters to the call

Connect to the SOAP service

Receive and interpret a response



N OTE ON P ARAMETERS

It must be possible to "serialize" the parameters thatthe method invoked receives and returns.

The following have defaultserialization/deserialization:

primitive types: int, long, double, etc.

primitive Objects: Integer, Long, Double, String, etc.

complex Objects: Vector, Enumeration, Hashtable, arrayseasy to use JavaBeans



CREATING THE S ERVER

When the application server is a script, the script isactually put in the deployment descriptor

Need the jar files bsf.jar and js.jar

Put them in your <tomcat_home>/lib directory

http://soap_files/bsf.jar

http://soap_files/js.jar

http://soap_files/js.jar

http://soap_files/bsf.jar



UDDI - U NIVERSAL D ESCRIPTION ,D ISCOVERY AND I NTEGRATION S ERVICE

UDDI is a standard for describingand finding web services



UDDI B USINESS REGISTRY (UBR),P UBLIC CLOUD

Nodes contain all UDDI information

Nodes are synchronized, so they retain the same data

You can query any node

You can add UDDI to a node, and it will be replicated to

all others



INTERACTING WITH THE UDDI

UDDI is itself a web service!!!Interaction is via SOAP messages

The JAXR package defines a standard way to interact

with registries (can work with other types of registriestoo, e.g., ebXML)

Two types of interaction:Inquiry: Does not need authentification

Publish: Needs authentification



WSDL - W EB S ERVICES D ESCRIPTION L ANGUAGE



DESCRIBING A WEB S ERVICE

SOAP is just one standard to access a web service,there are many others (XML-RPC)

Need a standard way to describe a Web Service:

the methods available

their parameters

etc.

WSDL is a standard for describing web services usingXML



UP N P S ERVICES

Description is stored as XML fileControl via SOAP messages: SOAP developed forweb service

Most every language/platform has SOAP/XMLlibrariesEvent notification with XML in General Event

Notification ArchitecturePresentation URL can be supplied by device



THE OSG I

OSGi is open, standards-based, language-neutral and OS-neutral

Consists of framework in which bundles of services that register with a registry can run

Runs atop the Java 2 Runtime Environment(J2RE)



OSG I S ERVICE S PECIFICATIONS

Logging serviceWeb serverDevice accessConfiguration servicePreferences service

User administrationservicePermission

administrationservicePackageadministrationservice

CLIENT AUTHENTICATION OVER THE



CLIENT A UTHENTICATION OVER THE INTERNETWORKS There exist four possibilities:

No AuthenticationBasic AuthenticationModerate Authentication

Advanced Authentication

Basic Authentication : It may be provided as an extension tothe HTTP 1.1 (HHTP: RFC 2616, Extn.: RFC 2617)Moderate Authentication : Digest Access Authentication usingChallenge-Response technique

Advanced Authentication : There are two choices, dependingupon the requirements:

Kerberos-based Authentication (K-5: RFC 1510)Public-Key Cryptography-based Authentication (SSL: RFC2246, TLS: RFC 2818)



B ASIC A UTHENTICATION …

Client may use it to authenticate itself to either the OriginServer or an intermediate Proxy Server.

In this basic scheme, if an unauthorized access attempt ismade by a client, server / proxy sends it back an Error

Code: 401 / 407 : Unauthorized Access Error

However, server / proxy may ask / challenge the requestingclient to supply / respond to one or more pieces of information and if the client sends the correct piece (s) in

its response the access to restricted resource is granted.



B ASIC A UTHENTICATION …

In this scheme, user‟s ID and his/her password are transmitted using base64-ended plaintext .

This clearly is as insecure as the defaultTelnet authentication scheme.

Moderate and Advanced schemes of

authorization attempt to tackle this issue byoffering cryptographic measures .



M ODERATE A UTHORIZATION USING D IGEST A CCESS In this case, a client requesting a restricted servicereceives a nonce-challenge from the server and is expectedto generate a message digest using this nonce containingthe user Id, password, numeric value of the received nonce,

the requested HTTP method and the URI .

This digest is then transmitted over the insecure networkto the server who upon receipt, knowing the nonce andalgorithm itself, verifies the response and if found to becorrect provides the requested access to service / resource.



A DVANCED A UTHENTICATION USING SSL / TLS

In this case, as discussed earlier, if a client requestsan access to a restricted service , the servergenerates a random secret / challenge to the client .

Client is expected to respond by signing the sentchallenge by using its Private Key and transmit thissigned response along with its digital certificate .

Upon receipt, the server verifies the authenticity of the certificate , extracts client‟s public -key from itand using this verifies the client‟s signature .

If the process succeeds, the client is granted accessto the requested service / resource.

A /



A PPLICATIONS ON RESPECTIVE DEVICES / DEVICE CLUSTERS

Client-side Issues,

Middleware-specific Issues

Server-side Issues



R OLE OF N ETWORK S ECURITY IN P ERVASIVE C OMPUTING E NVIRONMENTS



INTERACTION P OINTS

Brief introduction to Network and internetworkSecurity Principles

Various forms and mechanisms of securityInfluence of Network Security on PervasiveComputing SystemsDiscussion

N I &



(c) Rahul Banerjee,BITS, Pilani (India) 54

N ETWORKS , I NTERNETWORKS &S ECURITY Network

A Computer Network is an interconnected group of autonomouscomputing nodes which:Use a well-defined, mutually-agreed set of rules and conventions known as Protocols, Interact with one-another meaningfully;

Allow resource-sharing preferably in a predictable and controllable

manner.Internetwork

A network of two or more networks is called an InternetworkParticipating networks in an Internetwork may be interconnectedfor restricted or unrestricted resource sharing

SecuritySecurity is often viewed as the need to protect one or more aspectsof network‟s operation and permitted use (access, behaviour,performance, privacy and confidentiality included),Security requirements may be Local or Global in their scope,depending upon the network‟s or internetwork‟s purpose of design

and deployment.



(c) Rahul Banerjee, BITS,Pilani (India) 55

Criteria for Evaluating Security Solutions

Ability to meet the specified needs / requirementsEffectiveness of Approach Across NetworksComputing Resources Needed vis-à-vis the value of

the protection offeredQuality and ScalabilityAvailability of Monitoring mechanisms Adaptability and FlexibilityPracticability from Sociological / Political perspective Economic considerations & Sustainability




CLASSIFICATION OF S ECURITY P ROBLEMS : A CCESS BREACHES IN INTERNETWORKS

(S/W & H/W)Intentional / Non-Intentional AccessBreachesOrigin-based Access BreachesCentralized / Distributed AccessBreachesService Blocking / Overwhelming /Redirection /Abuse / Modification /Termination-based Access Breaches

Periodic / Aperiodic Application-Data /Control-Data Access BreachesEvent-based Access BreachesStorage-based Access Breaches

O F S ECURITY A TTACKS , S ECURITY THREATS ,




, ,S ECURITY M ECHANISMS AND S ECURITY S ERVICES

Security Attack => compromises theinformation-system securitySecurity Threat => has potential for security

violationSecurity Mechanism => detects / locates /identifies / prevents / recovers from “securityattacks” Security Service => enhances security, makesuse of the security mechanisms




A CTIVE VERSUS P ASSIVE A TTACKS Active attacks involve active attempts on securityleading to modification, redirection, blockage ordestruction of data, devices or links .

Examples:Replay attacks

Masquerade attacksModification / corruption of data or accesscontrol bitsDenial-of Service attacks

Passive attacks involve simply getting access to

link or device and consequently data .

A TYPICAL INTERNETWORK M ODEL OF




A TYPICAL INTERNETWORK M ODEL OF S ECURITY

Parties involved:SenderReceiverInterceptor (Passive / Active)

Devices involved:TransmitterReceiverEncoder

DecoderLinks involved: Data and Control signal transmission links

I S




IDENTIFICATION OF S OURCES OF S ECURITY P ROBLEMS

Importance of Identification of sourcesStrategic importance for planning, preventing and /or counteringImportance with respect to Sensitivity-analysisand Economic-impact-analysis and pro-activeprotection

Possible Approaches for AnalysisMonitoring-based approaches

Log-based Agent-based

Non-monitoring approachesModel-basedExperimental Replication-based

ROLE OF CRYPTOGRAPHY OS &




ROLE OF CRYPTOGRAPHY , OS &CONFIGURATION

Role of CryptographySecret-key cryptographyPublic-key cryptography

Role of Operating SystemsBuilt-in OS Security at the Kernel-levelSupport for Cryptographic APIsNetwork Protocol Stack implementationdecision-based security

Role of Configuration in Security

Network configurationOS configuration Application configurationSecurity System configuration

ON THE INTERNETWORK




ON THE INTERNETWORK CRYPTOGRAPHY

Internetwork Cryptography aims to handleinternetwork-specific or network-specific issuesand

problems involving authentication, integrity and

secrecy / confidentiality / privacy.Cryptography can exist with or without networks but Internetwork / NetworkCryptography specifically addresses the

Internetwork / Network needs /requirements and is thus a subset of generalcryptography .




S YMMETRIC -K EY CRYPTOGRAPHY

Symmetric-Key cryptography is called so since inthis class of cryptographic algorithms, encryption aswell as decryption processes are performed using thesame (i.e. symmetric ) key .The algorithms / schemes / programs that use thisparadigm are often termed as Symmetric-KeyCiphers / Private-Key Ciphers / Secret-Key Ciphers /Conventional Ciphers etc.In such cases, Plaintext , Encryption-Decryption

Algorithm , Key and Ciphertext form four basiccomponents of the Symmetric Cipher Model .Such schemes should exhibit:

Security of Key Distribution to the legal recipients) Adequate strength of Encryption

CHARACTERIZING THE S YMMETRIC K EY




C IPHERS This is often done by:

Choice of key-spaceKey-derivation / identification within the key-spaceNumber of cycles involved in encryption /decryption processChoice of operations (or choice of type of operators )that are used in the process of encryption /decryptionNumber of internal algorithms that form the final

scheme of enciphering / decipheringRole , if any , of the compression algorithms /schemes in adding the security value




S OME M ORE B ASICS

Any cryptographic scheme is safe if and only if it isunbreakable in reasonable time using feasible resourcesin spite of the intruder‟s being aware of:

Encryption and decryption algorithmSize of the key

Kerckhoff’s Principle: Security of conventional encryption depends only upon the Secrecy of the

Key , and not on the Secrecy of the Algorithm . Strength of the algorithm and the size of key remaintwo important factors in Cryptography.Unconditionally secure and Computationally secure schemes of cryptography do exist; but in practiceinvolving computers, only the latter is popular .

CONVENTIONAL (S ECRET -K EY )




( )CRYPTOGRAPHY

Requirements for secure deployment of conventional cryptography:

Availability of a strong Encryption AlgorithmSecure distribution of the Secret Key to the intendedrecipients

Kerckhoff’s Principle remains a guiding line for theresearch on conventional cryptography and its real-lifeuse in internetworks.

Terms like Conventional / Private-Key / Secret-Key /Symmetric-Key cryptography are interchangeably usedin literature.






D IGITAL S IGNATURES

A Digitally-signed Communication is a message that

has been processed by a computer in such a mannerthat ties the message to the individual that signedthe message. Criteria for Digital Signatures Technology:

An acceptable technology must be capable of creating signatures that conform torequirements:

It is unique to the person using it; It is capable of verification;

It is under the sole control of the personusing it; It is linked to data in such a mannerthat if the data are changed, the digitalsignature is invalidated.

The technology known as Public Key




S IGNATURE D YNAMICS

The Signature Dynamics Technology:It is an acceptable technology for use bypublic entities that uses as the means themetrics of the shapes, speeds and/or other

distinguishing features of a signature asthe person writes it by hand. It involves binding the measurements toa message through the use of cryptographic

techniques.Signature Digest is the resulting bit-stringproduced when a signature is tied to adocument using Signature Dynamics.

D C




Digital Certificate: It refers to acomputer-based record which:

identifies the certification authorityissuing it;

names or identifies its subscriber;

contains the subscriber's public key; and

is digitally signed by the certificationauthority issuing or amending it &

conforms to widely-used standards .

D IGITAL CERTIFICATES




RELATED TERMS :

Certification Authority: This refers to anentity that issues a certificate, or in the caseof certain certification processes, certifiesamendments to an existing certificate.

Key Pair: This refers to a private key and itscorresponding public key in an asymmetriccryptosystem. The keys have the property

that the public key can verify a digitalsignature that the private key creates.

A FEW MORE POINTS ON D IGITAL




CERTIFICATES One of the simplest ways to describe the function of aDigital Certificate is to treat it as a means to verify thegenuineness of the Public-Key.Just as the individuals / groups are normally assigned

Digital Signatures, the corporate merchants and E-Commerce / I-Commerce Gateways are issued DigitalCertificates for proving their authenticity to others.Certificate Expiry: Most of the certificates have theirperiod of legal validity as marked by the issuing entity/ authority, after which it is considered as invalid orexpired. Certificate Revocation: If the Certificate is found to be

compromised, it may be explicitly revoked by theCertificate Authority (CA) and included in thesubsequently published Certificate Revocation List.Certificate Validation: It refers to the verification of the Certificate Chain.

WHO ARE THE COMMON CERTIFICATE




WHO ARE THE COMMON CERTIFICATE A UTHORITIES ?

As per the Secure ElectronicTransactions (SET) standard, thefollowing CAs may exist:1. The Root Certificate Authority (RCA)2. The Brand Certificate Authority (BCA)3. The Geo-Political Certificate Authority

(GCA) <optional> 4. The Merchant Certificate Authority (MCA)5. The Payment Gateway Certificate

Authority (PGCA)6. The Cardholder Certificate Authority

(CCA)Certificate Categories:1. Merchant Certificates2. Cardholder Certificates




THE H IERARCHICAL CA A RCHITECTURE

The Root Certificate Authority (RCA)

The Brand Certificate Authority(BCA)

The Geo-Political CertificateAuthority (GCA) <optional>

MCA PGCA CCAMerchant

CertificatesPaymentGateway

Cardholder Certificates




WHO ISSUES AND SIGNS THE CERTIFICATES ?

A Certificate Authority is a Trusted entitythat issues, monitors, revokes, modifiesand cancels digital certificates for a

subscribers holding / requiring certificates. A digital certificate is signed with CA‟sprivate key.In principle, certificates can be of severaltypes including Institutional AuthorityCertificates and Web Server Certificates.

STEPS INVOLVED




STEPS INVOLVED

1. A pair of Private and Public keys is created by

the Requester.2. Requester generates and encrypts a CertificateRequest using its private key and sends thecertificate request to your chosen CA .

3. CA initiates and completes a process to verifythe correctness of the information supplied bythe Requester.

4. The certificate for the Requester (who hereafterbecomes a Subscriber) is signed by a device that

holds the private key of the CA.5. The certificate is sent to the Subscriber.6. A copy of the issued Certificate is kept in

certificate repository / directory (so that using

LDAP etc. Certificates could be retrieved).

C




CERTIFICATE REVOCATION

Certificate revocation: Canceling a certificatebefore than its originally scheduled validityperiod.Certificate Revocation Lists (CRL) A CRL is a time-stamped list of revoked

certificatesOnline Certificate Status Protocol is used foronline verification.

TRUSTED VERSUS U NTRUSTED




TRUSTED VERSUS U NTRUSTED N ETWORKS

My Network (PAN/LAN)Fully TrustedPartly Trusted

Our Network (LAN/MAN/WAN/WAI)Fully TrustedPartly TrustedUnsure

Other Networks(LAN/MAN/WAN/WAI) Partly TrustedUntrustedUnsure

THE N ETWORK P ERIMETER




THE N ETWORK P ERIMETER

A Network / Internetwork Perimeter is asecure boundary of a network that mayinclude some or all of the following:

FirewallsRouters

IDS VPN mechanismsDMZScreened subnets

DMZ is outside the FirewallScreened subnet is an isolated sub-network connected to a dedicatedfirewall interface

INTRUSION DETECTION SYSTEM




INTRUSION DETECTION S YSTEM

Intrusion Detection System (IDS) is

a system thatcomprises of mechanisms / devicesinvolving one or more IntrusionDetection Sensors (traffic monitoringdevices / mechanisms) placed at

security-wise strategic locations; and,Has been designed to detect any knownor likely intrusion into the protectednetwork.

Types of IDS:Network-based IDS (NIDS) : Subnet-residentHost-based IDS (HIDS) : Host resident

Sensor reporting may involve several

forms like logs, database updates,




INTERNETWORK F IREWALL

Firewall is an internetwork securitydevice thatserves on the only access route that connectsthe internal network / internetwork (i.e. thesegment to be protected) to the externalnetwork (s) / internetwork (s); and,decides about physically allowing / denyingentry / exit to / from the protected segmentusing a set of policies (often manifested in

terms of rules) is called a Firewall. A Firewall may be implemented inhardware / software / firmware or acombination of these.

CHARACTERISTICS OF INTERNET




F IREWALLS Characteristically, an Internet Firewall exhibits securitymeasures and internetwork-control-mechanisms relatedto but not necessarily limited to:

Internet services as separated from the intranet servicesService-based directional trafficUser-specific / Class-specific / Group-specific service access

Service-usage / deployment-behaviourOrigin-specific / Destination-specific service / traffic /monitoring / QoS-security bindingsRelaying / blocking / redirection of encapsulated and / orencrypted traffic

A common assumption (though debatable) made is thatthe Firewall itself is incorruptible / impenetrable

A firewall works under the assumption that it is solelyresponsible for blockade / allowance of any traffic betweentwo or more than two networks / internetworks separatedby it.




WHAT DOES A FIREWALL DO ?

As part of an Internetwork Security System, afirewall:

Allows defining exit and entry points for traffic fromand to the internal protected network / intranetOffers a set of mechanisms and a set of locations /points for supervising security-sensitive activities /events / behaviourProvides network-level encapsulation, encryption,decryption, decapsulation, tunnelling servicesPermits a variable-security facility- zone‟s creation

that may also offer some functionalities notnecessarily related to the security function that isthe primary function of the firewallSupports creation and interpretation of structuredlogging mechanisms and files for a variety of purposes.




WHAT A F IREWALL DOES NOT DO ?

A Firewall is not meant for: Virus / Worm / Trojan Horse / Logic bomb detection Virus / Worm / Trojan Horse / Logic bomb removalSemantic analysis of the application-to-applicationmessages with certain exceptionsProtecting a network / internetwork from a trustedentity (client / server / user) or an internalauthorized user with adequate privilegesProtecting from power, link or protocol failureMonitoring processes at individual workstations /servers / switches that are of local significance to

that machine or network segment except for certainexplicitly registered classes of processes / systems /users / patternsGuarding against traffic that bypasses the Firewallitself

F IREWALL




Firewall Constituents: (some of these can serve as firewalls as

well) Application-level Gateways and ProxiesTransport-level / Circuit-level Gateways and ProxiesNetwork-level Gateways / RoutersPacket filters (also known as Static Packet Filtering

Firewalls)Bastion HostScreened Host

Types of Firewalls:Stateless Firewalls

Stateful Inspection-based FirewallsPerimeter FirewallsScreened Host FirewallsIntranet FirewallsInternet FirewallsExtranet Firewalls

XAMPLES OF OMMERCIAL F IREWALLS




F IREWALLS

Static Packet Filtering Firewall(implemented on a Router) :Example: Nortel’s Accellar Router

FirewallProxy Firewall:

Example:Secure Computing’s

Sidewinder Firewall Stateful Inspection-basedFirewall:

Example:

V IRTUAL P RIVATE N ETWORKS




V IRTUAL P RIVATE N ETWORKS

A Virtual Private Network (VPN) is a mechanism that allows establishment of a protected sessionbetween two network nodes / services located in / on two different protected networks / internetworks separated by unprotected / untrusted / insecure(often public) networks / channels / infrastructure.Example: Nortel’s Contivity, Cisco’s VPN 3000 Concatenator

Another perspective: SSH, TLS, SSL, IPSec, L2TP,PPTP are choices providing different types of security at different layers.

Although, all of these could be reused in an

appropriately designed VPN mechanism, often the L-3 and L-2 mechanisms are preferred by many VPN designers.Often, people refer to a VPN as a security device /mechanism on the perimeter of the protectednetwork / internetwork that allows encryptedsessions.




A DVANTAGES OF VPN S

Capability to access remotenetwork as if there exists aprivate channel to that networkSeveral security optionsavailable to provide a range of security

Adequacy of lower-strengthencryption schemes on certainoccasionsCost-effective if well-designed,well-implemented and well-configuredCan be uickl im lemented

D ISADVANTAGES OF VPN S




D ISADVANTAGES OF VPN S

Requirement of encryption, decryption,encapsulation and decapsulation induce a sizeableprocessing overhead, packet overhead and storageoverheads and may introduce latency as well asincrease cost of serviceIn some cases, if designed ad-hoc, certain networkinstallations may pose additional challenges inadding the VPN functionality due to the addedoverhead in packet processing.Intricate design issues, unless handled carefully,may actually serve to lower the networkperformance without really bring correspondingincrease in the security level of the network.Implementation issues include VPN pass throughissues, NAT-specific issues and MTU-size relatedissues



(c) Rahul Banerjee, BITS,Pilani (India) 90

Defining the Control Zone

• The Control Zone:• Consider a typical electronically controlled device like atape drive, hard disk drive or other gadget that operates inan unshielded environment. Each such device emits signals

that can be sensed within a zone called Control Zone.• For security reasons, it is important that:

• No important information about any device operationleaks out of the target environment

• No external body should be able to make use of control or data signals related to this device





GSM NETWORK ARCHITECTURE

BSC

MSBTS

EIR

AUCHLRVLR

MSC

OMC

UmA-bis

Voice Traffic

Mobilitymgt

A

PSTN/ISDN

(c) Source: http://choices.cs.uiuc.edu/MobilSec/posted_docs/

800, 900, 1900Mhz

Licensed &expensive

Subscriber modelStarted outlike PSTN,and gettingmore complex

Pre-paid,

premiumrate SMS

Wireless Application Protocol



WAP SECURITY ARCHITECTURE




BLUETOOTH SECURITY ARCHITECTURE

(c) http://www.cs.hut.fi/Opinnot/Tik-86.174/Bluetooth_Security.pdf



IEEE 802.11 ARCHITECTURE

(c) Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/reskit/prdc_mcc_ardu.asp



MOBILE IP

Foreign Agent (FA)Home Agent (HA)

[email protected]

(c) Source: http://www.iab.org/Workshops/IAB-wireless-workshop/

Binding update issue:● If I change FA how do I tell home agent and previous FA

such that no-one else can spoof that message?● And in a performant, scalable manner?

● MobileIPv6 has this problem ( no FA though, just care-of address)



J2ME

J2ME includes somesecurity primitives for code signing and tosupport (some)application security

(c) Source: http://choices.cs.uiuc.edu/MobilSec/posted_docs/ & (c) Sun Microsystems Inc.

http://choices.cs.uiuc.edu/MobilSec/posted_docs/

http://choices.cs.uiuc.edu/MobilSec/posted_docs/



COMMON SECURITY ISSUES Over the air (OTA) confidentiality

But don't ignore e.g. Microwave links used after a basestation!

Data origin authentication/integrity for some data andsome originsBad use of cryptographyVarious types of fraud

Cloning of hostsRe-direction to premium rate

Authentication of node or user?



S ECURITY RELEVANT DIFFERENCES

GSM's subscription model vs. 802.11's lack of asubscriber modelSubtle and different mis-uses of crypto (more later)

Open or closed node operating systems



GSM S ECURITY

A3

Mobile Station Radio Link GSM Operator

A8

A5

A3

A8

A5

Ki Ki

Challenge RAND

KcKc

mi Encrypted Data mi

SIM

Signed response (SRES) SRESSRES

Fn Fn

Authentication: areSRES values equal?



GSM CRYPTO BREAKS

Several researchers have developed breaksof GSM's use of encryptionTypically involve some known plaintext and quiteintensive (though do-able) memory and processing

e.g. Goldberg, Wagner, Green: requires difference in theplaintext of two GSM frames, which are exactly 2^11 framesapart (6 seconds) with time complexity of 2^16 dot productsof 114 bit vectors.

Base stations can also be impersonated

No authentication of BSC to ME!




GSM A TTACK DETAILS

GSM Encryption uses A5 :A5/0 – no encryptionA5/1 - “strong” encryption

A5/2 - “export” (i.e. designed weak) encryption All use a 64-bit key generated from thenetwork's challenge

Same key bits regardless of algorithm !!!



GSM A TTACK DETAILS (2)A5 is a stream cipher Applied after error correcting bits are added

even though the attacker might not know the values of particular input bits,they know that certain groups of them XOR to 0

taking the same groups of encrypted bits and XORingthem

reveals the corresponding XOR of the keystreambits



IEEE 802.11 security



WARDRIVING / BOATING

http://www.catalina42.org/war-sail/

● Picking up IEEE 802.11access points as youcycle/drive/fly/sail past● Many of these give(sometimes intentionally)

open access to the Internet

802 11 SECURITY OVERVIEW



802.11 SECURITY OVERVIEW Good setup depends on network topology

There are a few choicesWEP is broken and IPsec should be usedinstead as much as possible (probably intunnel mode)

TLS should then be used wherever sensible aboveIPsec (e.g. IMAP over SSL)

Then secure applications should be usedwhere possible

Probably based on proprietary protocols (whichmay make use of standard constructs like PKCS#7)



WEP E NCAPSULATION

802.11 Hdr Data

WEP Encapsulation Summary:

• Encryption Algorithm = RC4

• Per-packet encryption key = 24-bit IV concatenated to a pre-shared key

• WEP allows IV to be reused with any frame• Data integrity provided by CRC- 32 of the plaintext data (the “ICV”)

• Data and ICV are encrypted under the per-packet encryption key

802.11 Hdr DataIV ICV

Encapsulate Decapsulate



P ROPERTIES OF VERNAM C IPHERS (1)

The WEP encryption algorithm RC4 is a Vernam Cipher :

Pseudo-randomnumber

generator

Encryption Key K

Plaintext data byte p

Random byte b

Ciphertext data bytec

Decryption works the same way: p = c b





Thought experiment 1 : what happens when p 1 and p 2 areencrypted under the same “random” byte b ?

c 1 = p 1 b c 2 = p 2 b

Then:

Conclusion : it is a very bad idea to encrypt any two bytes of datausing the same byte output by a Vernam Cipher PRNG.

c 1 c 2 = ( p 1 b ) ( p 2 b ) = p 1 p 2



HOW TO READ WEP E NCRYPTED TRAFFIC (1)

• By the Birthday Paradox, probability P n two packets will share same IVafter n packets is P 2 = 1/2 24 after two frames and P n = P n – 1 + (n – 1)(1 – P n – 1)/224 for n > 2.

• 50% chance of a collision exists already after only 4823 packets!!!

• Pattern recognition can disentangle the XOR-ed recovered plaintext.

• Recovered ICV can tell you when you’ve disentangled plaintext correctly.

• After only a few hours of observation, you can recover all 2 24 key streams.

802.11 Hdr DataIV ICV

24 luxurious bits Encrypted under Key +IV using aVernam Cipher



HOW TO READ WEP E NCRYPTED TRAFFIC (2)Ways to accelerate the process:

– Send spam into the network: no pattern recognitionrequired!

–

Get the victim to send e-mail to you• The AP creates the plaintext for you! – Decrypt packets from one Station to another via an

Access Point• If you know the plaintext on one leg of the journey, you can

recover the key stream immediately on the other

F IXING WEP



F IXING WEPProtect against ALL known threats:

IV CollisionsWeak KeysMessage ForgeryReplayTwo alternatives: Short-term and long-term

Short-term:Temporal Key Integrity Protocol (TKIP)Does not require new hardware (but firmware/software)Some performance penalty

Longer termMove to AES based primitives with “proper” keymanagement



THE 802.11 X SECURITY SCHEME



A REASONABLE 802.11 CONFIGURATION

http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf



WLAN TOPOLOGIES Sensible network topologiesCorporate (small WLAN)

Corporate (widespread WLAN)Service provider Volunteerism

Network topology issuesNetwork accessAddress allocation (DHCP)NAT/private addresses

Firewall location and rulesets

S OME INTERESTING NETWORKS



S OME INTERESTING NETWORKS Mobile Ad-hoc networks:

Idea is that a network emerges from nodes which just

happen to be in the vicinity (AODV)Delay tolerant networksSensor networksIssues:

Mainly academic at the momentSecurity not really thought all the way through for these yet

P ERVASIVE / U BIQUITOUS COMPUTING



P ERVASIVE / U BIQUITOUS COMPUTING What if loads and loads of things (doors, TVs,couches) were nodes on a network?

Hot topicHow do you secure these systems?

TCD and partners SECURE projecthttp://secure.dsg.cs.tcd.ie/

CONCLUSIONS (1)

http://secure.dsg.cs.tcd.ie/

http://secure.dsg.cs.tcd.ie/



CONCLUSIONS (1)There are a range of different types of mobilenetwork

GSM and 802.11 are the interesting onesSecurity hasn't been handled well for these

Nor was it for the wired Internet for a loooong time!There are substantial security problems withtoday's deployed mobile networks

So, overlaying a VPN is probably a good idea

in most casesAnd overlay that with TLS and that with applicationsecurity if you can

CONCLUSIONS (2)



CONCLUSIONS (2)Users are generally less in control of mobilenetworks

Bandwidth is allocatedManufacturer/Operator/Subscriber model differsfrom wired Internet

e.g. Closed operating systemsNetwork security is “given” and not easilyfixed/managed

So, try to gain control of your applications and

try to secure the applications themselvesBetter if wireless technology changes anywayCan create a porting headache though



(c) Rahul Banerjee,

BITS, Pilani (India)120

A CKNOWLEDGEMENTS Some of these slides have been inspired by / borrowedfrom some well-received presentations made indifferent parts of the world.

All inspired / reused slides either carry theirrespective „copyright‟ information on them or havebeen acknowledged about their sources in a group

just after / before their respective usage herein.These slides are being used here purely forinstructional purposes during a live session for theregistered students of the Network Security courseSS ZG 513 and are NOT meant for any kind of reuse,

redistributions etc. All slides which carry my „copyright‟ information aremy own.



(c) Rahul Banerjee,


A NY QUESTIONS ?

Thank you!

RECOMMENDATIONS FOR F URTHER READING



(c) Rahul Banerjee,


F URTHER READING

BooksBruce Schneier: Applied Cryptography, WileyStudent Edition, Second Edition , Singapore,1996.

Alfred Menezes, Paul van Oorschot, and Scott Vanstone: Handbook of Applied Cryptography.CRC Press, NY .William Stallings: Cryptography and NetworkSecurity. Fourth Edi tion . Prentice-Hall,Englewood Cliffs, 2006. <Recommendedcompanion>C.Kauffman, R.Perlman and M.Spenser: NetworkSecurity, Second Edition , Prentice Hall,Englewood Cliffs, 2002.S.Bellovin and W.Chesvick: Internet Security andFirewalls, Second Edition , Addis on-Wesley,

Reading 1998



THAT ‟S ALL FOR TODAY !

Any questions please?

Thank you!

Documents

Pervasive Web Services and Security 2010