1 / 26

Virtual Directories: Attack Models and Prevention

Virtual Directories: Attack Models and Prevention. June 2 nd , 2009 Bill Claycomb Systems Analyst Sandia National Laboratories.

more
Télécharger la présentation

Virtual Directories: Attack Models and Prevention

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtual Directories:Attack Models and Prevention June 2nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company,for the United States Department of Energy’s National Nuclear Security Administration under contract DE-AC04-94AL85000.

  2. Agenda • Directory services and virtual directories • Threats to directory services • Attack models for directory services • Preventing attacks on directory services • Protecting information in directory services • Future directions

  3. Directory Services • Localized data store containing information about objects • Users • Computers • Contacts, etc. • Provide information to applications • Authentication and access control • Contact information • Group membership • Use LDAP Communication Protocol • Lightweight Directory Access Protocol

  4. Directory Services Data dn: cn=Joe User,dc=somedomain,dc=com cn: Joe User givenName: Joe sn: User telephoneNumber: 1 505 555 1212 postalAddress: 123 Main St. mail: juser@somedomain.com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top Object Attribute

  5. Directory Services • Popular Directory Services Implementations • Windows Server Active Directory • IBM Tivoli • Apple Open Directory • OpenLDAP • Fedora Directory Server • Sun JAVA System Directory Server

  6. Virtual Directories Virtual Directory Server Client Directory Servers

  7. Virtual Directories Synchronization Virtual Directory Server Data Stores Directory Servers

  8. Threats to Sensitive Directory Information • “Insider Threat Study: Illicit Cyber Activity in the Government Sector”, a study conducted by U.S. Secret Service and CERT (2008) found: • Most of the insiders had authorized access at the time of their malicious activities • Access control gaps facilitated most of the insider incidents, including: • The ability of an insider to use technical methods to override access controls without detection • System vulnerabilities that allowed technical insiders to use their specialized skills to override access controls without detection

  9. Attack Models on Virtual Directories • Authentication Attacks • Cache Attacks • Data Transformation Attacks • Network Attacks • Data Source Attacks

  10. Authentication Attacks Stored Credentials User Credentials Stored Credentials Virtual Directory Server Stored Credentials Destination Servers

  11. Preventing Authentication Attacks • Require pass-through authentication • Use a surrogate pass-through directory if necessary • User restricted accounts when stored credentials are required

  12. Cache Attacks High Speed Cache Client Virtual Directory Server Directory Servers

  13. Preventing Cache Attacks • Do not use cache for high-risk information • Require frequent consistency checks • Require datastore connectivity before returning any data • Protect cache on directory server

  14. Data Transformation Attacks (505) 555-1212 505-555-1212 US Citizen: Y US Citizen: N Data Transformation Virtual Directory Server Client Directory Servers

  15. Preventing Data Transformation Attacks • Protect transformation scripts on virtual directory server • Do not allow transformation of sensitive data • Double-check sensitive data sent to client machines • Establish consistency checking on transformation scripts • Monitor for changes

  16. Network Attacks Accounts: X Y Z Change Detected: Disable Account X Virtual Directory Server Directory Server

  17. Network Attacks Accounts: X Y Z Change Detected: Disable Account X Virtual Directory Server Directory Server

  18. Preventing Network Attacks • Detect inconsistencies in data stores • Require consistency checking at standard intervals • Require consistency checking after network disruption • Require transactions to be atomic and durable

  19. Data Source Attacks Synchronization Virtual Directory Server Authoritative Data Store Account Store

  20. Preventing Data Source Attacks • Protect authoritative data sources • Monitor sensitive data modifications • Protect sensitive data

  21. Protecting Sensitive Directory Information Personal Virtual Directory Service

  22. Protecting and Delegating Access • New Approach • S – symmetric data encryption key • Krw / K’rw– public/private key pair for signing data • Kux – data user public key • Ko/ K’o– data owner public/private key pair • IDo – data owner identifier

  23. Personal Virtual Directory Service Components

  24. Advantages of PVDS • Uses existing key management infrastructure • Little client modification • No user-based key protection • Directory independent • Can be extended to protect databases as well • Performance impact largely confined to clients utilizing PVDS capabilities

  25. Future Directions • Implement attack models to determine feasibility • Explore attacks on various VDS implementations • Identify additional attacks on virtual directory servers • PVDS • Reduce the impact of working with encrypted attributes • Analyze impact to different types of data sources • Consider how security policies may conflict with using a virtual directory to manage security • Usability studies

  26. Questions • http://www.sandia.gov • wrclayc@sandia.gov

More Related