ISA 562 Information Systems Theory and Practice

1
ISA 562Information Systems Theory and Practice

• Digital Certificates

Based on previous notes from Prof. Ravi Sandhu,
UTSA
2
PUBLIC-KEY CERTIFICATES-1

• What is a certificate?
• A statement claiming some binding of attribute
  values
• Why do we need them?
• Identifying entities outside of domain
• Distributed access control
• What do they do?
• Propagates claims
• Certifier makes a claim that can be checked for
  authenticity and accepted if the recipient
  believe the claimant to be truthful
• Manages trust distributed trust management

3
X.509v1 CERTIFICATE
VERSION SERIAL NUMBER SIGNATURE
ALGORIT ISSUER VALIDITY SUBJECT SUBJECT PUB KEY
INFO SIGNATURE
1 1234567891011121314 RSAMD5, 512 CUS, SVA,
OGMU, OUISE 9/9/99-1/1/1 CUS, SVA, OGMU,
OUISE, CNAlice RSA, 1024, xxxxxx SIGNATURE
4
PUBLIC-KEY CERTIFICATES-2

• For public-key based encryption
• sender needs public key of receiver
• For public-key digital signatures
• receiver needs public key of sender
• To establish an agreement
• both need each others public keys

5
CERTIFICATE TRUST

• Acquisition of public key of the issuer to verify
  the signature
• Go to through a certificate chain
• Whether or not to trust certificates signed by
  the issuer for this subject

6
PEM CERTIFICATION GRAPH
Internet Policy Registration Authority
IPRA
Policy Certification Authorities (PCAs)
PERSONA
RESIDENTIAL
MID-LEVEL ASSURANCE
HIGH ASSURANCE
Anonymous
MITRE
GMU
Virginia
Certification Authorities (CAs)
Abrams
LEO
Fairfax
ISSE
Subjects
Sandhu
Sandhu
7
SECURE ELECTRONIC TRANSACTIONS (SET) CA HIERARCHY
Root
Brand
Brand
Brand
Geo-Political
Bank
Acquirer
Customer
Merchant
8
Certificate Revocation

• Sometimes, the issuer need to recant certificate
• The subjects attributes have changed
• The subject misused the certificate
• There are forged certificates
• Published in a certificate revocation list

9
CRL FORMAT
SIGNATURE ALGORITHM ISSUER LAST UPDATE NEXT
UPDATE REVOKED CERTIFICATES SIGNATURE
SERIAL NUMBER REVOCATION DATE
10
X.509 CERTIFICATES

• X.509v1
• basic
• X.509v2
• adds unique identifiers to prevent against reuse
  of X.500 names
• X.509v3
• adds many extensions
• can be further extended

11
X.509v3 CERTIFICATE INNOVATIONS

• distinguish various certificates
• signature, encryption, key-agreement
• identification info in addition to X.500 name
• internet names email addresses, host names, URLs
• issuer can state policy and usage
• good enough for casual email but not for signing
  checks
• limits on use of signature keys for further
  certification
• extensible
• proprietary extensions can be defined and
  registered
• attribute certificates
• ongoing work

12
X.509v2 CRL INNOVATIONS

• CRL distribution points
• indirect CRLs
• delta CRLs
• revocation reason
• push CRLs

13
HIERARCHICAL STRUCTURE
Z
X
Y
Q
R
S
T
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
14
HIERARCHICAL STRUCTURE WITH ADDED LINKS
Z
X
Y
Q
R
S
T
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
15
TOP-DOWN HIERARCHICAL STRUCTURE
Z
X
Y
Q
R
S
T
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
16
FOREST OF HIERARCHIES
17
MULTIPLE ROOT CAs INTERMEDIATE CAs MODEL
X
S
T
Q
R
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
18
THE CERTIFICATE TRIANGLE
user
X.509 identity certificate
X.509 attribute certificate
attribute
public-key
SPKI certificate
19
2-WAY SSL HANDSHAKE WITH RSA
Handshake Protocol
Record Protocol
20
SINGLE ROOT CA MODEL
Root CA
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
Root CA
User
21
SINGLE ROOT CAMULTIPLE RAs MODEL
Root CA
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
Root CA
22
MULTIPLE ROOT CAs MODEL
Root CA
Root CA
Root CA
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
Root CA
User
Root CA
User
Root CA
User
23
ROOT CA INTERMEDIATE CAs MODEL
Z
X
Y
Q
R
S
T
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
24
MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL
X
S
T
Q
R
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
25
MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL
X
S
T
Q
R
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
26
MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL
X
S
T
Q
R
A
C
E
G
I
K
M
O
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
27
MULTIPLE ROOT CAs INTERMEDIATE CAs MODEL

• Essentially the model on the web today
• Deployed in server-side SSL mode
• Client-side SSL mode yet to happen

28
SERVER-SIDE MASQUARADING
Bob Web browser
www.host.com Web server
Server-side SSL
Ultratrust Security Services
www.host.com
29
SERVER-SIDE MASQUARADING
Bob Web browser
www.host.com Web server
Ultratrust Security Services
Server-side SSL
Server-side SSL
Mallorys Web server
www.host.com
BIMM Corporation
www.host.com
30
SERVER-SIDE MASQUARADING
Bob Web browser
www.host.com Web server
Ultratrust Security Services
Server-side SSL
Server-side SSL
BIMM Corporation
Mallorys Web server
www.host.com
Ultratrust Security Services
www.host.com
31
MAN IN THE MIDDLEMASQUARADING PREVENTED
Client Side SSL end-to-end
Ultratrust Security Services
Bob Web browser
www.host.com Web server
Bob
Ultratrust Security Services
Client-side SSL
Client-side SSL
BIMM Corporation
BIMM Corporation
www.host.com
Mallorys Web server
Ultratrust Security Services
Ultratrust Security Services
www.host.com
Bob
32
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING
Joe_at_anywhere Web browser
BIMM.com Web server
Client-side SSL
Ultratrust Security Services
Ultratrust Security Services
Joe_at_anywhere
BIMM.com
33
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING
Alice_at_SRPC Web browser
BIMM.com Web server
Client-side SSL
SRPC
Ultratrust Security Services
Alice_at_SRPC
BIMM.com
34
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING
Bob_at_PPC Web browser
BIMM.com Web server
Client-side SSL
PPC
Ultratrust Security Services
Bob_at_PPC
BIMM.com
35
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING
Alice_at_SRPC Web browser
BIMM.com Web server
Client-side SSL
SRPC
Ultratrust Security Services
BIMM.com
PPC
Bob_at_PPC