Security in B2B Systems - PowerPoint PPT Presentation

1 / 39

About This Presentation

Title:

Security in B2B Systems

Description:

Outsiders. Eavesdropping. Hacking. Partners. Falsified ... Know when the outsiders get in. Intrusion detection systems. Regular configuration audits ... – PowerPoint PPT presentation

Number of Views:63

Avg rating:3.0/5.0

Slides: 40

Provided by: jeremye

Category:

more less

Transcript and Presenter's Notes

Title: Security in B2B Systems

1
Security in B2B Systems

Presentation to INFS 770
George Mason University
April 4, 2001

Jeremy Epstein Director, Product Security
Performance jepstein_at_webMethods.com 703 460 5852
2
Outline

What is a B2B system?
B2B Security features
Standards
Protocol issues
Open issues
Conclusions

3
The Real Issue

The biggest problem e-commerce companies face
is they can't keep up with the pace of security
patches to their lousy operating systems. In
production systems, patches frequently break the
application, and have to be tested thoroughly
before being applied. With critical patches
coming in almost daily, the administrators are
faced with either applying untested patches (and
breaking things), or being perpetually behind,
and vulnerable.
-- David Safford, IBM T.J. Watson Research
(April 3, 2001)

4
What is a B2B system?
5
What is a B2B system?
6
How B2B Systems Are Used

Available to Promise
Purchase Order

Your Enterprise
Available to Promise
Request for Quote

-Inventory Price
Catalog Info

Credit Check

- Credit Processing
Shipping logistics

Invoicing
Customer synchronization

7
How B2B is Used...
8
B2B Security Features
9
Threats to B2B Systems

Outsiders
Eavesdropping
Hacking
Partners
Falsified transactions
Denial of transactions
Plus all outsider attacks
Insiders
Eavesdropping
Hacking

10
Security Features

Non-technical
Physical, personnel, and operational security
Network infrastructure
Boundary protection
Encryption
Authentication
Access Controls
Auditing

11
Network Infrastructure

Use the infrastructure you have!
Firewalls
Host configuration
Keeping up to date on patches
No system is perfect
Know when the outsiders get in
Intrusion detection systems
Regular configuration audits

12
Boundary Protection
13
Uses for Encryption

Protection of data in transit
Secure Sockets Layer (SSL)
Virtual Private Network (VPN) with IPSec
Digital signatures
XML Digital Signature draft standard
Proprietary methods for representation
Non-repudiation
Rely on digital signatures

14
SSL or VPN?

SSL
End-to-end security
Can provide bi-directional authentication
Highly interoperable
Easy to set up
Requires application level integration (HTTPS)
Slow connection establishment
VPN
Invisible at the application layer (FTP, SMTP)
Point-to-point security
High speed
Hard to set up
Interoperability questionable
Proper choice depends on the environment

15
Non-Repudiation of Origin

How it works
Hash the message and digitally sign the hash
using the private key of the signer
Anyone can verify the signature by recomputing
the hash, and verifying that the signature is
correct by using the signers public key
Proves that a message came from someone who had
the private key
Does not prove who actually signed it (I.e., a
person)
Relies on proper control of private keys
Relies on proper action of software using private
keys
A Trojan Horse might have used the private key

16
Non-Repudiation of Delivery

Goal is to preclude a recipient denying having
received a message that was actually received
Effectively impossible, unless
Sender (or trusted 3rd party) controls systems at
both ends
Then have to rely on accurate statements by 3rd
party
Even then, provides proof of delivery only to
delivery agent, not to endpoint
There is research in this area, but no strong
products

17
Authentication

Username/password combinations
Careful choice of passwords
Protection of stored passwords is critical!
Directory integration
Strong authentication
Server certificates
Client certificates
PKI integration
Tokens, biometrics etc. not generally useful for
B2B environments
Server-to-server no human there!

18
Access Controls

Control access to
Services
Web pages
Based on
Type of connection (encrypted or not)
Strength of encryption (40 vs. 128 bit)
Source domain and/or IP address
User identity (as proven by password or client
certificate)
Group membership
Data values
Etc.
Flexible and scalable configuration

19
Auditing

Record all security relevant events
Protection of audit trail
Attackers may cover their tracks
Effective tools to sort through the audit data
Integration with intrusion detection systems

20
Other Security Concerns

Buffer overflow attacks
Format perversion attacks
Denial of Service (DoS) attacks
Viruses, worms, and other malicious software
Legal aspects of import/export

21
Assurances

Assure to make safe, to give confidence
Security features are great
Need to know theyre implemented correctly
Need to know theres no other features that can
subvert
Assurance methods
Design review
Code review
Vulnerability analysis
Testing
Penetration testing
Features without assurance are worthless

22
B2B Security Standards
23
Standards for B2B Security

XML Signature
XML Encryption
XKMS - XML Key Management System
SAML - Security Assertions Markup Language
XACML - XML Access Control Markup Language
EIEIO - proposed by McDonalds

24
XKMS - XML Key Management System

Goal Replace traditional PKI protocols (PKIX,
CMS, OCSP, etc.) with XML documents
XML documents represent requests/responses
How to request a certificate
How to renew a certificate
How to validate a certificate (expiration, CRL,
OCSP, etc.)
History
Idea originated at Verisign
webMethods, Citigroup, and Microsoft joined in
refinement
Other endorsers Baltimore Technologies,
Hewlett-Packard, IBM, IONA Technologies,
PureEdge, Reuters Limited
Relies on XML Signature XML Encryption
Status
Submitted to W3C
Has not yet become a standards activity
For more information
http//www.w3.org/TR/xkms/

25
XML Signature

Security goals
Prevent message tampering attacker changes a
message in transit
Forgery attacker lies about his identity
Recipient tampering recipient tampers with
message after receipt
Features
An all XML digital signature solution no ASN.1
Signatures over parts of documents
Signatures over multiple entities
Signatures over external entities referenced by
URI
What it does
A block of data attached to the message sender
creates the message and then signs it
Recipient verifies signature knows that message
wasnt tampered with, and knows who sent it
Verifies every byte of message, unlike a
holographic signature
Not a digitized signature
Signature is on a cryptographic hash, not the
whole message

26
XML Signature - signature process
Object
SignedInfo
SHA
Signature
URI
Digest
SignedInfo
Senders Key
SHA
DSA
Signature Value
Private Key
KeyInfo
Objects
Certificate
27
XML Signature - example
ltSignature xmlns http//www.w3.org/2000/02/xml
dsiggt ltSignedInfogt deleted
signed lt/SignedInfogt
ltSignatureValuegtabcdef...lt/SignatureValuegt
ltKeyInfogt ltRetrievalMethod
http//www.rtfm.com/mykeygt
lt/RetrievalMethodgt lt/KeyInfogt ltObjectgt
ltmessagegtdeletedlt/messagegt digested
lt/Objectgt lt/Signaturegt
28
XML Signature - conclusion

History
Joint W3C/IETF working group
Status
W3C Candidate recommendation Jan 2001
W3C Recommendation and IETF Draft Standard
expected May 2001
For more information
http//www.w3.org/Signature/

29
XML Encryption

Goal Allow encryption of pieces of XML documents
(elements)
Different recipients will be able to read
different parts of the document
Example Trading hub can see what is wanted to
make routing decision, but cant see payment
information, which is only available to suppliers
History
Grew out of need identified in XML Signature
group
Workshop November 2000
Chartered by W3C early 2001
Status
Operating as a W3C working group
For more information
http//www.w3.org/Encryption/2001/

30
SAML - Security Assertions Markup Language

Goals Represent authentication and authorization
decisions using XML
For use by applications such as B2B servers, web
servers
Apps can request authentication or authorization
decisions from security servers
Will allow interoperability with security servers
such as Netegrity SiteMinder, Securant
ClearTrust, Oblix NetPoint, IBM PolicyMaker, etc.
History
S2ML (Security Services Markup Language) --
Netegrity, Sun, webMethods, Verisign, etc.
AuthXML (Authorization/Authentication XML) --
Securant Outlook Technologies
Merged under the OASIS banner

31
SAML (cont.)

Status
OASIS Security Services Technical Committee
(SSTC) underway
For more info
http//www.oasis-open.org/committees/security/inde
x.shtml

32
XACML - XML Access ControlMarkup Language

Goal Represent access control policies in XML
Grew out of research in universities and research
labs
Key players
Simon Blackwell, Psoom
Ernesto Damiani, University of Milan
Michiharu Kudo, IBM Tokyo
History
Proposed as a separate working group within OASIS
Will coordinate with SSTC
Status
Very early in discussion area
Proposal for a new group submitted to OASIS April
4, 2001

33
B2B Protocols Open Issues
34
Protocols Used in B2B Systems

Transport
HTTP
HTTP/S (HTTP with SSL)
FTP
SMTP (optionally with S/MIME)
Data representation
XML
Proprietary representations

35
HTTP Tunneling
HTTP
What we know love
TCP
IP
B2B technology generally relies on bypassing the
firewall Must compensate by strengthening our
hosts!
36
Some Open Problems