1 / 55

Computer Systems Security Security in Networks (Security Controls)

Computer Systems Security Security in Networks (Security Controls). Topic 2 Pirooz Saeidi Source: Pfleeger, Chapter 7. Network Security Controls Agenda:-. Security Threat Analysis Design, Implementation and Architecture Control types Firewalls Intrusion Detection Systems Secure Email

queenm
Télécharger la présentation

Computer Systems Security Security in Networks (Security Controls)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Systems SecuritySecurity in Networks (Security Controls) Topic 2 Pirooz Saeidi Source: Pfleeger, Chapter 7 css security in Networks-css-ps2

  2. Network Security Controls Agenda:- • Security Threat Analysis • Design, Implementation and Architecture • Control types • Firewalls • Intrusion Detection Systems • Secure Email • Summary and Conclusion css security in Networks-css-ps2

  3. Network Security Controls • We introduce a number of defence strategies available to network security engineer. • With details of three important controls: • Firewalls, • Intrusion Detection Systems, and • Encrypted e-mail. css security in Networks-css-ps2

  4. Security Threat Analysis • The three steps of security threat analysis are: • Scrutinise all parts of the system • Consider possible damage to confidentiality, integrity and availability. • Speculate the kind of attack. css security in Networks-css-ps2

  5. Security Threat Analysis • The individual parts of a network: • Local nodes connected through • Local communication links to a • LAN which also contains • Local processes, storage and devices css security in Networks-css-ps2

  6. Security Threat Analysis • LAN is also connected to a gateway that • provides access through Network communications links to • Network control resources, routers, databases, etc. css security in Networks-css-ps2

  7. Security Threat Analysis • Possible threats and damage: • Intercepting data in traffic • Accessing or modifying data/programmes in remote hosts. • Modifying data in transit • Blocking traffic • Impersonating a user • and more… css security in Networks-css-ps2

  8. Security Threat Analysis • The network security engineer speculates these threats and uses the defence available. • Such defence varies from design and architecture to different types of controls • We will have a close look at these defences. css security in Networks-css-ps2

  9. Design, Implementation and Architecture • In previous lectures we elaborated on design and implementation issues. • Similarly a network architecture and design can have a considerable effect on its security. • In this context we will consider: • Segmentation • Redundancy and • Single Points of Failure css security in Networks-css-ps2

  10. Segmented Architecture • Reduces the number of threats and limits damage. • Consider an e-commerce application with the following parts: • A web server • Application code • Database of products • Database of orders css security in Networks-css-ps2

  11. Segmented Architecture • We don’t want to compromise the entire application by putting all of these activities in one machine. Instead we can use multiple segments. Pfleeger&Pfleeger css security in Networks-css-ps2

  12. Other Architectural Controls • Redundancy • Example: provide more than one server and usefailover mode: • Servers communicate periodically with each other. • If one fails the other takes over processing for both. • Avoid Single Point of Failure • Example: distribute parts of a database in different segments css security in Networks-css-ps2

  13. Controls: Encryption • Two forms: • Link Encryption • Between hosts • End-to-end Encryption • Between applications css security in Networks-css-ps2

  14. Link Encryption • Data encrypted just before it is placed in physical link. • Takes place in layer 1 & 2 of OSI • Appropriate when transmission line is vulnerable. Pfleeger&Pfleeger css security in Networks-css-ps2

  15. Link Encryption • Example of a typical Link Encrypted message. • Some of header/trailer information may be applied before encryption takes place. css security in Networks-css-ps2

  16. End-to-end Encryption • Encryption can be applied by hardware as well as software at highest layers. Pfleeger&Pfleeger css security in Networks-css-ps2

  17. End-to-end Encryption • Example: An encrypted message Pfleeger&Pfleeger css security in Networks-css-ps2

  18. End-to-end Encryption • Messages sent to several hosts are protected and the data content is still encrypted while in transit even if it passes through potentially insecure nodes. css security in Networks-css-ps2

  19. Virtual Private Networks (VPN) • With link encryption the users may think they are on a private network. Hence the word VPN. • The greatest exposure for a user is between his/her machine and the perimeter of the host network. • A VPN can deploy firewalls to implement an encrypted connection between a user's distributed sites over a public network. css security in Networks-css-ps2

  20. Virtual Private Networks (VPN) • Communication passes through an encrypted tunnel. • VPN is created when the firewall interacts with an authentication service inside the perimeter. • Any communication is done through the encrypted tunnel Pfleeger&Pfleeger css security in Networks-css-ps2

  21. Virtual Private Networks (VPN) • Firewall implements Access control on the basis of VPN. • Example of a VPN with privileged access • The firewall passes to internal server the privileged identity of User2 Pfleeger&Pfleeger css security in Networks-css-ps2

  22. Public Key Infrastructure (PKI) and Certificates • PKI is used to implement public key cryptography. • Offers each user a set of services on access control and identification. • Integrate digital certificates, public-key cryptography, and certificate authorities into a total, enterprise-wide network security architecture. • Involves registration authority to act as an interface between user and certificate authority • More information from: http://csrc.nist.gov/pki/ css security in Networks-css-ps2

  23. Secure Shell (SSH) Encryption • SSH is a pair of protocols originally for Unix but now available in Windows 2000 • Provides authenticated and encrypted path to shell or command line interpreter • Replaces utilities such as Telnet, rlogin and rsh for remote access • Protects against spoofing attacks and modification of data in communication. css security in Networks-css-ps2

  24. Secure Socket Layer (SSL) Encryption • SSL designed to protect communication between a web browser and a server. • Interfaces between applications and the TCP/IP protocols to provide server authentication. • Client and server negotiate a mutually supported set of encryption for session encryption and hashing css security in Networks-css-ps2

  25. Secure Socket Layer (SSL) Encryption • To use SSL, • The client requests an SSL session • The server responds with its public key certificate with which the client authenticates the server • Client returns part of a symmetric session key encrypted under the server’s public key • Client and server both compute the session key, and switch to encrypted communication, using the shared session key css security in Networks-css-ps2

  26. Encryption-IP Security Protocol (IPSec) • Adopted by IPv6, addresses many shortcomings of conventional IP such as spoofing, session hijacking, … • Implemented at IP layer so it effects all layers above it, including TCP and UDP. • Works similar to SSL in terms of authentication and confidentiality and is independent of cryptographic protocols. css security in Networks-css-ps2

  27. IP Security Protocol (IPSec) • IPSEc is based on security association, a set of security parameters for a secured communication channel. • The main data structures of IPSEc are AH (Authentication header) and ESP (Encapsulated Security Payload) css security in Networks-css-ps2

  28. IP Security Protocol (IPSec) • ESP replaces the TCP header and data portion of a packet  Packets: (a) Conventional Packet; (b) IPSec Packet. Pfleeger&Pfleeger css security in Networks-css-ps2

  29. IP Security Protocol (IPSec) • ESP replaces the conventional TCP header and data portion of a packet and • contains both of an authenticated portion and an encrypted portion The Encapsulated Security Packet Pfleeger&Pfleeger css security in Networks-css-ps2

  30. Content Integrity Controls • Guarding against modification in transmission. We can use methods such as: • Error Correcting Codes • Cryptographic checksums css security in Networks-css-ps2

  31. Error Correcting Codes • Error Detection Codes • Parity checking (odd or even parity bit) • Usually used to detect non-malicious changes (e.g. noise) • Hash code: a unique signed number returned by a hash function • Huffman code • A data compression method that changes the length of the encoded token in proportion to its information content, that is the more frequently a token is used, the shorter the binary string used to represent it in the compressed stream • Error Correction • Correct without retransmission css security in Networks-css-ps2

  32. Cryptographic Checksum • Also called message digest is a cryptographic function that produces a checksum. • The checksum is assigned to a file and used to "test" the file at a later stage to verify that the data contained in the file has not been maliciously changed. css security in Networks-css-ps2

  33. Strong Authentication Controls • Networked environments as well as both ends of communication need authentication. • We will consider the following methods: • One-Time Password • Challenge-Response Systems • Digital Distributed Authentication • Kerberos css security in Networks-css-ps2

  34. One-Time Password • Guards against wiretapping and spoofing • Password is effective only once • Uses a secretly maintained password list, or • each user can use a device to randomly generate new passwords every minute (computation is based on the value of current “time” interval). • Within the same “minute” the receiving computer should be able to compute the same password to match. css security in Networks-css-ps2

  35. Challenge_Response Systems • The user authenticates to a simple device by means of say a PIN. • The system prompts the user with a new challenge for each use: • The remote system sends a random number (the “challenge”) which the user enters into the device. • The device responds to that number with another number, which the user transmits to the system and so on. css security in Networks-css-ps2

  36. Authentication in Distributed Systems –Kerberos • Designed at MIT. • Used for authentication between clients and servers. • Based on the idea that a central server provides authenticated tokens called tickets to requesting applications. • A ticket is non-forgeable and non-replayable. css security in Networks-css-ps2

  37. Authentication in Distributed Systems –Kerberos • Kerberos design goals was to enable systems to withstand attacks in distributed systems. The main characteristics are: • No passwords are communicated on the network. • User’s password is stored only at the Kerberos server. • It is not sent from the user’s workstation when it initiates a session. • Provides cryptographic protection against spoofing. • Each access is mediated by a ticket-granting server • Which knows the identity of the user based on the authentication performed initially by the server. css security in Networks-css-ps2

  38. Authentication in Distributed Systems –Kerberos 3. Limited period of validity (of tickets) • Tickets contain timestamps with which the server will determine the ticket’s validity. • The attacker therefore will not have time to complete a long term attack. • Timestamps prevent replay attacks • In a replay attack a valid data transmission is maliciously or fraudulently repeated or delayed. • The server compares the timestamps of requests with current time. And accepts requests only if they are reasonably close to current time. • This time-checking prevents most replay attacks, since the attacker’s presentation of tickets will be delayed! 4. Mutual authentication • The user of a service can be assured of any server’s authenticity by requesting an authenticating response from the server. css security in Networks-css-ps2

  39. Authentication in Distributed Systems -Kerberos • Uses public key technology for key exchange. • A central server provides authenticated tokens, called tickets to requesting applications. • Ticket is an encrypted data structure naming a user and a service the user has permission to access. css security in Networks-css-ps2

  40. Kerberos • The user first establishes a session with Kerberos server as follows: • The user’s workstation sends user’s identity to Kerberos server. • The Kerberos server verifies that the user is authorised by sending two messages. One to the user and the other to the ticket-granting server. css security in Networks-css-ps2

  41. Kerberos • User’s message contains: • A session key SGto communicate with ticket granting server G; and a ticket TG. • SG Is encrypted under user’s password: • E(SG+ TG, PW) • Ticket granting server’s message contains: • A copy of the session key SG and the encrypted identity of the user css security in Networks-css-ps2

  42. Kerberos • If the workstation can decrypt E(SG+ TG, PW) using pw, then the user has been successful in authentication. • Diagram show how a Kerberos session is initiated Pfleeger&Pfleeger css security in Networks-css-ps2

  43. Kerberos • Now the user (U) wants to access the services of the distributed system (say access file F) • Using key SG the user requests a ticket from ticket granting server to access file F. • The ticket granting server verifies U’s access permission and returns a ticket and a session key. css security in Networks-css-ps2

  44. Kerberos • The ticket contains the following: • U’s authenticated identity • An identification of F • Access rights • A session key SF (with file server) • Ticket expiry date • Diagram shows how a Ticket can be obtained to access a file Pfleeger&Pfleeger css security in Networks-css-ps2

  45. Access Control • Access control enforce what and How of security control policies. • Mechanisms such as: • ACLs on Routers • Firewalls • We will look at them later css security in Networks-css-ps2

  46. ACLs on Routers • Routers can be configured with ACLs to deny access to particular hosts from particular hosts. • This is very expensive. Brings a large load to routers. • Routers inspect the source and destination addresses. But with UDP datagrams, attackers can forge source address so that their attack can not be blocked by router’s ACL.. • Limited and restricted use of ACLs is a more viable option. css security in Networks-css-ps2

  47. Honeypots Controls • Like catching a mouse we can set a trap with an attractive bait! • A honeypot is a computer system or a network segment open to attackers to • See what the attackers do • tempt the attacker to a place so that you can learn its habits and stop future attacks • Make a playground to divert him/her from the real system css security in Networks-css-ps2

  48. Firewalls • A firewall is a device or, software, or a combination of both designed to prevent unauthorised users from accessing a network and/or a single workstation. • Networks usually use hardware firewalls which are implemented on the router level. These firewalls are expensive, and it is difficult to configure them. • Software Firewalls are used in single workstations and are usually less expensive and it is easier to configure them css security in Networks-css-ps2

  49. Firewalls • Inspect each individual inbound or outbound packet of data to or from the system • Check if it should be allowed to enter or otherwise it should be blocked css security in Networks-css-ps2

  50. Types of firewalls • Packet filtering gateways or screening routers • Stateful inspection firewalls • Application proxies • Guards • Personal firewalls css security in Networks-css-ps2

More Related