Security Architecture

1
Security Architecture

• Prof. Vijay Varadharajan
• Professor and Microsoft Chair in Computing

2
(No Transcript)
3
Security Architecture

• Security Threats
• Security Services
• Security Mechanisms
• Security Building Blocks

4
Security Threats

• Masquerading
• Unauthorized Access
• Unauthorized Disclosure of Information
• Unauthorized Modification of Information
• Repudiation of Action

5
Security Service

• Security Information/Attributes
• Security Mechanisms and Rules
• Security Authorities

6
Identification and Authentication Service

• Provides the confidence that at the time of
  request, an entity is not attempting to
  masquerade or to mount a replay attack
• Identification associates an
  identifier with an entity

7
Identification and Authentication Service

• Authentication Information
• Something known to an entity password, key
• Possession of something physical card
• Some immutable characteristic of a user retinal
  scan
• Context location of the entity, time

8
Identification and Authentication

• Authentication Methods and Mechanisms
• Model
• Claimant Entity which is to be authenticated
• Verifier Entity which verifies the identity
  of the Claimant
• Simple Password
• Claimant presents password/key to Verifier
• Vulnerable to Eavesdropping attack

9
Identification and Authentication

• Protect Authentication Information using
  Cryptography or One-Way Hash functions
• Claimant encrypts password/key
  Verifier
• Vulnerable to Replay attack

10
Identification and Authentication

• Authentication Methods and Mechanisms
• Protect against disclosure and replay
• Using Cryptographic Chaining Techniques
• Using some unique information
• suitably enciphered timestamp, random number

11
Identification and Authentication

• Challenge-Response
• Claimant Makes an Authentication Request
• Verifier Provides a Challenge
• Claimant Transforms Challenge using his
  Authentication Information
  Response
• Verifier Checks the Response

12
Identification and Authentication

• Authentication Authorities
• Authentication between Parties
• One-Way
• Mutual

13
Identification and Authentication

• General Situation
• Trusted Authority based Authentication
• Simple Model
• Trusted Authority Authenticates Claimant
• Trusted Authority Proves the Claimant
  Authenticity to Verifier
• Both Claimant and Verifier Trust the Authority
• Trusted Authorities
• Authentication Servers, Certification Servers,
  Key Management Servers

14
Access Control and Authorization Service

• Limits and Controls access to information and
  resources
• Model Initiator and Target Entities

Initiator
Target
Access Control
15
Access Control and Authorization Service

• Access Control Information
• Individual identities of initiators and targets
• Group identities of initiators and targets
• Security labels of initiators (clearances) and
  targets (classification)
• Roles
• Actions or operations that can be allowed to be
  performed on the Target
• Contextual information routing, location, time
  periods

16
Access Control and Authorization Service

• Access Control Policy
• Rules that define the conditions under which
  initiators can access targets
• Traditional Access Policies
• Rule based Policies Mandatory Access Control
• Rules apply to all entities and information
• System has access enforcement mechanisms
• Security Labels Clearance and Classification
• Identity based Policies
• Individualized access control information such as
  Identity or Role
• Discretionary Allows user/administrator to
  control access as they see fit

17
Access Control and Authorization Service

• Access Control Mechanisms
• Access Control Lists (ACL)
• Targets ACL List of Initiators and/or
  Operations
• Initiators Individual Identity, Group Identity,
  Role
• Operations Permitted and/or Forbidden
• ACLs convenient
• Fine granularity access control is required
• A Few Initiators
• ACLs Not Convenient
• When Initiator population is frequently changing
• Revocation
• Modification of ACLs

18
Access Control and Authorization Service

• Access Control Mechanisms
• Capabilities
• Target and Authorized Operations on the Target
• Target Individual Identity, Group Identity,
  Role
• Operations Permitted and/or Forbidden
• Can also identify Initiators
• Must be unforgeable
• Convenient
• Many Initiators accessing a Few Targets

19
Access Control and Authorization Service

• Access Control Mechanisms
• Security Labels
• Secrecy Levels, Integrity Levels, Security
  Compartments
• Access allowed when Initiators Security Labels
  match with those of the Target
• Operation match defined by Access Policy
• Convenient
• Many Initiators accessing Many protected Targets
• Coarse level of granularity of access control

20
(No Transcript)
21
(No Transcript)
22
(No Transcript)
23
Information Confidentiality Service

• Provides protection of information from
  unauthorized disclosure
• Encryption Mechanisms
• Symmetric Key and Public Key Schemes
• Security Information
• Keys
• Security Authorities
• Key Management
• Certification

24
Information Integrity Service

• Mechanisms Cryptographic Techniques
  Chaining Techniques
• Security Information
• Keys/Parameters associated with Integrity
  Algorithms
• Security Authorities
• Key Management

25
Information Integrity Service

• Provides protection of information from
  unauthorized modification
• Alteration, Insertion, Deletion, Replay
• Generation of Integrity Checks (at the
  originating end)
• Verification of Integrity Checks (at the
  receiving end)

26
Information Integrity Service

• Mechanisms Cryptographic Techniques
  Chaining Techniques
• Security Information
• Keys/Parameters associated with Integrity Checks
  Algorithms
• Security Authorities
• Key Management

27
Non-Repudiation Service

• Provides proof of certain action
• Origin or delivery of information
• Protects
• an originator against false denial by the
  recipient
• a recipient against the false denial by the
  originator
• Requires a Trusted Third Party Arbitration of
  Disputes

28
Non-Repudiation Service

• Service must be in place prior to information
  transfer
• Common Mechanisms Digital Signatures
• Senders Signature Non-Repudiation of Origin
• Receivers Signature of Proof-of-DeliveryNon-Rep
  udiation of Delivery

29
Non-Repudiation Service

• Classification of Service
• Basic Non-Repudiation
• Assurance about the time of event
• Assurance about the content
• Security Information
• Keys/Parameters associated with Digital
  Signatures
• Security Authorities
• Key Management
• Certification

30
Auditing Service

• Not directly involved in the prevention of
  security violations but assists their detection
• Test the adequacy of the security controls and
  the conformance of the system with the security
  policy

31
Auditing Service

• Mechanisms
• Definition of security related events to be
  audited
• Definition of audit record
• Definition and generation of security alarms and
  actions
• Storage and Analysis of audit trails

32
Auditing Service

• Authorities
• Audit Policy Management Authority
• Audit Agents
• Audit Service itself requires
• integrity, authentication and confidentiality
  services

33
Denial of Service

• Can be regarded as an extreme case of information
  modification in which the information transfer is
  either blocked or delayed
• Confidentiality, Integrity and Authentication
  Detect Some Attacks

34
Denial of Service

• Measure
• Periodic exchange of information between entities
• Greater the frequency shorter the
  time greater the reduction in
  effective bandwidth

35
Security Management

• Security Policy Management
• Security Service Management
• Security of Management Functions

36
Security Management

• Security Policy Management
• Related to Business and Organization
• Different Managers Responsible
• Different parts of the Organization
• Different functions of the Organization

37
Security Management

• Security Policy Management
• Different levels of Policies
• Sub-Organization/Project/Application Levels
• Separation of Responsibilities
• Enabling Static Delegation of Responsibility in a
  Hierarchical Manner

38
Security Management

• Security Service Management
• Management of Security Information
• Specification of Mechanisms and Rules
• Selection of Security Mechanisms
• Interaction with Security Services

39
Security Management

• Authentication Management
• Associating authentication information
  (passwords, identities, tokens, keys) to system
  entities
• Updating, modifying and revoking authentication
  information
• Assisting in the verification process

40
Security Management

• Access Control Management
• Associating access control information (ACLs,
  Capabilities, Labels, Roles, etc) to system
  entities
• Establishing and enforcing access control rules
• Updating, modifying and revoking access control
  information and rules

41
Security Management

• Key Management
• Generation of Keys
• Maintenance of Keys
• Distribution of Keys
• Updating, Modifying and Removal of Keys

42
Security Management

• Audit Management
• Definition and selection of security relevant
  events
• Enabling/Disabling of audit trail logging of
  selected events
• Analysis of audit trails
• Preparation of audit reports

43
Security Management

• Security of Management Functions
• Securing Management Information
• Security of Management Protocols and
  Communications
• E.g. Network Administration System

44
(No Transcript)
45
(No Transcript)
46
(No Transcript)
47
Networked Computing Security Solutions
...
Defence
Telecom
Medical
Finance
Internet Commerce and Services
SECURITY MANAGEMENT
...
...
USERS
USERS
...
...
AP
AP
...
...
Confidentiality
Authentication
Access Control
Non-Repudiation
Auditing
Integrity
OMF
OMF
OS
OS
...
AP Application
...
OMF Object Mgmt. Facility
HW
HW
OS Operating System
Network
HW Hardware
48
Networked Computing Security Services

Personal Inf
User
Smart
Appliances
Card
Login


App B
ACI
App A
Encryption
Signature
Hashing
Encryption
Hashing
Signature
Audit/Monit Server
TTP (E.g Notary, Arbitration)
Directory Server
AuthN/Cert Server
AuthZ Server
49
Security