Lecture III : Lecture III : Communication Security, Services & Communication Security, Services & Mechanisms Mechanisms
Internet Security: Principles & Practices
John K. Zao, PhD SMIEEENational Chiao-Tung University
Fall 2005
Fall 2005Internet Security - ComSec Services & Mechanisms2
What is Communication Security?What is Communication Security?
To provide safe communication over unsafe medium
Alice Bob
Eve
Safe Communication Alice can send a message to Bob that only Bob can
understand Confidentiality
Nobody can tamper with message content during communication Integrity
Bob can know for sure it was Alice who sent the message Authentication
Unsafe Medium Medium over which passive and active attacks are possible
Fall 2005Internet Security - ComSec Services & Mechanisms3
OutlineOutline
What types of services do we need to protect
communication?
What kinds of mechanisms do we use to protect
communication?
Fall 2005Internet Security - ComSec Services & Mechanisms4
ISO 7498-2 : Security Framework ISO 7498-2 : Security Framework ArchitectureArchitecture
Security Services Service Types
Service Layer Mapping
Security Mechanisms Mechanism Definition
Service - Mechanism Mapping
Fall 2005Internet Security - ComSec Services & Mechanisms5
Communication Security ServicesCommunication Security Services Confidentiality
Data Confidentiality Traffic Confidentiality
Data Integrity Authentication
Data Origin Authentication Peer Authentication
Access Control Non-Repudiation
Non-Repudiation of Origin Non-Repudiation of Reception
Audit Availability – an after-thought but increasingly important
Note: all services are defined here in context of Communication Security
Primary Services
Fall 2005Internet Security - ComSec Services & Mechanisms6
ConfidentialityConfidentiality
Service Types Data Confidentiality / Disclosure
ProtectionConnection OrientedConnectionlessSelective Field
Traffic Flow ConfidentialityOrigin Destination AssociationMessage SizeTransmission Patterns
Accompanied with Data Integrity
Protection Mechanisms Data Encryption
Symmetric (Secret-Key)Asymmetric (Public-Key)
Protection of information from disclosure to unauthorized entities (organizations, people, machines, processes).
Information includes data contents, size, existence, communication characteristics, etc.
Fall 2005Internet Security - ComSec Services & Mechanisms7
IntegrityIntegrity
Service TypesMessage Integrity
Associated with connectionless communication
Message Stream IntegrityAssociated with
connection oriented communication
Protection Mechanisms Message Digests (Hashing) Sequence Numbers Nonce ID (Random Number) Time Stamps
Protection of data against creation, alteration, deletion, duplication, re-ordering by unauthorized entities (organizations, people, machines, processes).
Integrity violation is always caused by active attacks.
Fall 2005Internet Security - ComSec Services & Mechanisms8
AuthenticationAuthentication
Service TypesData Origin Authentication
Associated with Connectionless Communication
Peer Entity AuthenticationAssociated with
Connection Oriented Communication
Fundamental for access controlhence, confidentiality & integrity
Protection Mechanisms Password
ManualOne-Time Password
Key SharingManualSymmetric Key (Tickets)Asymmetric Key (Certificates)
Challenge – ResponseNonce BasedZero Knowledge Proof
Communicating entities are provided with assurance & information of relevant identities of communicating partners (people, machines, processes).
Personnel Authentication requires special attention.
Fall 2005Internet Security - ComSec Services & Mechanisms9
Access ControlAccess Control
Service Types Subject Based Typing
Identity BasedRole Based
Enforcement Based TypingMandatory Access Control
― Management DirectedDiscretionary Access Control
― Resource Owner Directed
Protection Mechanisms Access Control Lists
(ACLs)Object Based Specification
Ex.: UNIX File System
CapabilitiesSubject Based
Specification Issue Tickets/Certificates
Protection of information resources or services from access or use by unauthorized entities (organizations, people, machines, processes). Privileges – rights to access or use resources or services Principles – entities own access control privileges Subjects – entities exercise access control privileges Objects / Targets – resources or services accessed/used by subjects Delegation – transfer of access control privileges among principals Authorization – transfer of access control privileges from principals to
subjects
Fall 2005Internet Security - ComSec Services & Mechanisms10
Non-RepudiationNon-Repudiation
Service Types Non-Repudiation of Origin Non-Repudiation of Reception
Protection Mechanisms Notarization Time Stamp Digital Signature
Protection against denial of participation by communicating entities in all or part of a communication.
Fall 2005Internet Security - ComSec Services & Mechanisms11
AuditAudit
Service Types Off-line Analysis
(Computer Forensic) On-line Analysis
(Real-time Intrusion Detection)
Protection Mechanisms “Syslog” Intrusion Monitors / Sensors
Common Intrusion Detection Framework (CIDF)
Common Information Model (CIM)
Recording & analyses of participation, roles and actions in information communication by relevant entities.
Fall 2005Internet Security - ComSec Services & Mechanisms12
Layers of Protocol ProtectionLayers of Protocol Protection
APPLICATION
PRESENTATION
SESSION
TRANSPORT
NETWORK
DATA LINK
PHYSICAL Secure Signaling
MSP, PEM
KEY MGMT
TLSP
NLSP, IPSP
SILS
Security Protection is provided in multiple protocol layers.
Fall 2005Internet Security - ComSec Services & Mechanisms13
Service vs. Layer MappingService vs. Layer Mapping
Fall 2005Internet Security - ComSec Services & Mechanisms14
ISO 7498-2 : Security ArchitectureISO 7498-2 : Security Architecture
Security ServicesService Types
Service Layer Mapping
Security MechanismsMechanism Definition
Service - Mechanism Mapping
Fall 2005Internet Security - ComSec Services & Mechanisms15
Security MechanismsSecurity Mechanisms
Encipherment – with Secret / Public Key Cryptography
Data Integrity – with One-Way Hash Function
Authentication – with Public-Key Challenge/Response
Access Control
Digital Signature – with Public-Key Cryptography
Traffic Padding
Notarization
Fall 2005Internet Security - ComSec Services & Mechanisms16
Symmetric / Secret Key Symmetric / Secret Key EnciphermentEncipherment
Algorithms use same keys for encryption & decryption : Symmetric / Secret Key must be dispatched in secret Used for bulk encryption / decryption
Also used in following security services : Authentication
EncryptionEngine
DecryptionEngine
ClearText
CipherText
ClearText
SymmetricKey
SymmetricKey
RandomNumberGenerator
Fall 2005Internet Security - ComSec Services & Mechanisms17
Asymmetric / Public Key Asymmetric / Public Key EnciphermentEncipherment
Algorithms use different keys for encryption & decryption Public Key is disclosed but Private Key is kept secret Computationally intensive - based on large prime
numbers
Also used in following security services : Digital Signatures Authentication Key Exchange
EncryptionEngine
DecryptionEngine
ClearText
CipherText
ClearText
Private KeyPublic Key
Fall 2005Internet Security - ComSec Services & Mechanisms18
Data Encryption & Key Distribution Data Encryption & Key Distribution
EncryptionEngine
DecryptionEngine
PublicKey
PrivateKey
EncryptionEngine
DecryptionEngine
ClearText
CipherText
ClearText
SymmetricKey
SymmetricKey
RandomNumberGenerator
{ Symmetric
Key
Fall 2005Internet Security - ComSec Services & Mechanisms19
Message Digest or HashMessage Digest or Hash
Message OriginatorComputes a fixed-length message digest from the message using a one-way hash transformation
Message RecipientValidate message integrity by computing the message hash and comparing with the message digestMD5
Digest
Message
Fall 2005Internet Security - ComSec Services & Mechanisms20
Challenge-Response AuthenticationChallenge-Response Authentication Challenger sends a challenge of random number to Responder
Responder creates a response by digitally signing the challenge with its private key and returns the response to the Challenger
Challenger processes the response with public key of legitimate Responder and compare it with original challenge
=Same?
Response
Challenge
Challenge (Recovered) EncryptionEngine
PublicKey
RandomNumberGenerator
DecryptionEngine
PrivateKey
Fall 2005Internet Security - ComSec Services & Mechanisms21
Digital SignatureDigital Signature
DecryptionEngine
PrivateKey
SignedDocument
DigitalSignature
MD5
Hash
Signature is public-key encrypted hash of a document and its relevant parametersMessag
e
Message
Fall 2005Internet Security - ComSec Services & Mechanisms22
Digital Signature ValidationDigital Signature Validation
Message recipients can validate the signature by “encrypting it” with the public key and comparing with document’s hash valueSignedDocument
EncryptionEngine
PublicKey
= Valid?
MD5
Hash
HashDigital
Signature
Message
Fall 2005Internet Security - ComSec Services & Mechanisms23
Service - Mechanism MappingService - Mechanism Mapping
Service: Data ConfidentialityMechanism [1]: Encipherment
Symmetric (Secret-Key) CipherAsymmetric (Public-Key)
Cipher
Mechanism [2]: IntegrityMessage Digest / Digital Hash
Mechanism [3]: Key ManagementKey Distribution Centers
(Secret-Key)Public Key Infrastructure
(Public-Key)Manual Keying
Service: Peer AuthenticationMechanism [1]:
Challenge+ResponseNonce (Random Number) BasedZero-Knowledge Proof
Mechanism [2] IntegrityMessage Digest / Digital Hash
Single security services may need to be implemented by multiple and different security mechanisms.