Security Services in Information Systems

1
Security Services in Information Systems
2
Antecedents and Motivation
3
What is this part of the course about?

• In this part of the course we will discuss the
  following topics
• security needs
• security services
• security mechanisms and protocols
• for data stored in computers and transmitted
  across computer networks

4
What we will/wont cover?

• We will cover
• security threats
• security protocols in use with emphasis on
  Authentication
• Certificates and PKI
• Introduction to Wireless Security
• We will not cover
• cryptography (just an overview will be given)
• computer networks
• operating systems
• computers in general
• how to hack

5
What security is about in general?

• Security is about protection of assets
• D. Gollmann, Computer Security, Wiley
• Prevention
• take measures that prevent your assets from being
  damaged
• Detection
• take measures so that you can detect when, how,
  and by whom an asset has been damaged
• Reaction
• take measures so that you can recover your assets

6
Real world example

• Prevention
• locks at doors, window bars, secure the walls
  around the property, hire a guard
• Detection
• missing items, burglar alarms, closed circuit TV
• Reaction
• attack on burglar, call the police, replace
  stolen items, make an insurance claim

7
Services, Mechanisms, Attacks

• 3 aspects of information security
• security attacks (and threats)
• actions that compromise security
• security services
• services counter to attacks
• security mechanisms
• used by services
• E.g. secrecy is a service, encipherment is a
  mechanism

8
NETWORK SECURITY FUNDAMENTALS

• Security Attacks and Security Services
• A Model of Network Security
• Access Policies

9
SECURITY ATTACKS SECURITY SERVICES
Security Threads

• Unauthorised Access
• Unauthorised Disclosure of Information
• Unauthorised Modification of Information
• Unauthorised Denial of Service

10
Attacker resources and methods vary greatly
Resource Teenager Academic Org. Crime Govt
Time Limited Moderate Large Large
Budget () lt1000 10K-100K 100K Unknown
Creativity Varies High Varies Varies
Detectability High High Low Low
Target Challenge Publicity Money Varies
Number Many Moderate Few Unknown
Organized No No Yes Yes
Spread info? Yes Yes Varies No
Source Cryptography Research, Inc. 1999, Crypto
Due Diligence
11
Minimal key lengths for symmetric ciphers
Source Blaze/Diffie/Rivest/Schneier/Shimoura/Thom
pson/Wiener www.bsa.org/policy/encryption
Type of attacker
Length needed for protection in late 1995
Budget
Tool
Time and cost per key recovered
40 bits
56 bits
Pedestrian Hacker SmallBusiness CorporateDepar
tment Big Company IntelligenceAgency
scavengedcomputer time FPGA FPGA FPGA ASIC FPGA
ASIC ASIC
infeasible 38 years(5,000)556
days(5,000)19 days(5,000)3 hours(38) 13
hours(5,000)6 min(38)12 sec(38)
tiny 400 10.000 300K 10M 300M
45 5055607075
1 week5 hours(0.08)12 min(0.08)24
sec(0.08)18 sec(0.001) 7 sec(0.08)0.005
sec(0.001)0.0002 sec(0.001)
12
SECURITY ATTACKS SECURITY SERVICES
Passive Attacks
13
SECURITY ATTACKS SECURITY SERVICES
Active Attacks
14
SECURITY ATTACKS SECURITY SERVICES
Attacks
Accidental
Intentional
Passive
Active

• Release of Message content
• Traffic Analysis

• Data Mod.
• Data Delay
• Data Blocking
• Data Copy
• Data Replay
• Data Destruction

15
Security Mechanisms

• Basically cryptographic techniques/technologies
• that serve to security services
• to prevent/detect/recover attacks
• Encipherment
• use of mathematical algorithms to transform data
  into a form that is not readily intelligible
• keys are involved

16
Security Mechanisms

• Message Digest
• similar to encipherment, but one-way (recovery
  not possible)
• generally no keys are used
• Digital Signatures
• Data appended to, or a cryptographic
  transformation of, a data unit to prove the
  source and the integrity of the data
• Authentication Exchange
• ensure the identity of an entity by exchanging
  some information

17
Security Mechanisms

• Notarization
• use of a trusted third party to assure certain
  properties of a data exchange
• Timestamping
• inclusion of correct date and time within
  messages
• Non-cryptographic mechanisms
• traffic padding (for traffic analysis)
• intrusion detection
• firewalls

18
Security Services

• Confidentiality - protect info value
• Authentication - protect info origin (sender)
• Identification - ensure identity of users
• Integrity - protect info accuracy
• Non-repudiation - protect from deniability
• Access control - access to info/resources
• Availability - ensure info delivery

19
Relationships
20
Two references

• ITU-T X.800 Security Architecture for OSI
• gives a systematic way of defining and providing
  security requirements
• RFC 2828
• over 200 pages glossary on Internet Security

21
Security Systems by layers
Applications Secure e-mail, Digital Money, Smart
Cards, Firewalls, etc.
Communication Protocols SSL, TLS, WTLS, WAP,
etc.
Security Services Confidentiality, Data
Integrity, Data Authentication, Non-Repudiation
Crypto User Functions Encrypt/Decrypt,
Sign/verify
Public Key Crypto Algorithms RSA, ECC Symmetric
Crypto Algorithms AES, DES, RC4, etc.
Computer Arithmetic Addition, Squaring,
multiplication, inversion and exponentiation
22
Fundamental Dilemma of Security

• Security unaware users have specific security
  requirements but no security expertise.
• from D. Gollmann
• Solution level of security is given in
  predefined classes specified in some common
  criteria

23
Fundamental Tradeoff

• Absolutely secure systems do no exist
• To half your vulnerability you have to double
  your expenditure
• Cryptography is typically bypassed not
  penetrated.

24
The Three Laws of Security

• Security unaware users have specific security
  requirements but no security expertise.
• from D. Gollmann
• Solution level of security is given in
  predefined classes specified in some common
  criteria

25
Kerckhkoffss Principle While assessing the
strength of a cryptosystem, one should always
assume that the enemy knows the
cryptographic algorithm used. The security of
the system, therefore, should be based on the
quality (strength) of the algorithm but not its
obscurity the key space (or key length)
26
A Cryptosystem Classification

• Public key cryptography (RSA, ECC, NTRU)
• Secret key Cryptography (DES, AES, RC4)
• Block ciphers (DES, IDEA, RSA) 64-128 bits
• Stream ciphers (A5, RC4, SEAL) encryption in a
  bit to bit basis.

27
A Simplified Model of Conventional Encryption
28
Message Digest

• A message digest, also known as a one-way hash
  function, is a fixed length computionally unique
  identifier corresponding to a set of data. That
  is, each unit of data (a file, a buffer, etc.)
  will map to a particular short block, called a
  message digest. It is not random digesting the
  same unit of data with the same digest algorithm
  will always produce the same short block.
• A good message digest algorithm possesses the
  following qualities
• The algorithm accepts any input data length.
• The algorithm produces a fixed length output for
  any input data.
• The digest does not reveal anything about the
  input that was used to generate it.
• It is computationally infeasible to produce data
  that has a specific digest.
• It is computationally infeasible to produce two
  different unit of data that produce the same
  digest.

29
Hash Algorithms

• Reduce variable-length input to fixed-length (128
  or 160bit) output
• Requirements
• Can't deduce input from output
• Can't generate a given output
• Can't find two inputs which produce the same
  output

30
Hash Algorithms

• Used to
• Produce fixed-length fingerprint of
  arbitrary-length data
• Produce data checksums to enable detection of
  modifications
• Distill passwords down to fixed-length encryption
  keys
• Also called message digests or fingerprints

31
Message Authentication Code MAC

• Hash algorithm key to make hash value dependant
  on the key
• Most common form is HMAC (hash MAC)
• hash( key, hash( key, data ))
• Key affects both start and end of hashing process
• Naming hash key HMAC-hash
• MD5 1 HMAC-MD5
• SHA-1 1 HMAC-SHA (recommended)

32
An Example
33
Digital Signature/Verification Schemes
34
Digital Signature/Verification Schemes
35
Digital Signature/Verification Schemes
36
Seven-Layer OSI Model
37
SECURITY ATTACKS SECURITY SERVICES
OSI Security Services

• Authentication
• Access Control
• Data Confidentiality
• Traffic Flow Confidentiality
• Data Integrity
• Non-Repudiation of both Origin and Delivery of
  Data

38
SECURITY ATTACKS SECURITY SERVICES
OSI Security Mechanisms

• Encipherment
• Digital Signatures
• Access Control Mechanisms
• Data Integrity Mechanisms
• Authentication Exchange Mechanisms
• Traffic Padding Mechanisms
• Notarisation Mechanisms
• Routing Control Mechanisms

39
Inter-network Protocol (IP)