1 / 39

Authentication and Authorization

Authentication and Authorization. Tjaden, Fundamentals of Secure Computer Systems, Franklin, Beedle & Associates, 2004, Chapters 6, 7 and 9. Smith & Marchesini, The Craft of System Security, Addison-Wesley, 2008, Chapter 9. Overview.

teal
Télécharger la présentation

Authentication and Authorization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication and Authorization • Tjaden, Fundamentals of Secure Computer Systems, Franklin, Beedle & Associates, 2004, Chapters 6, 7 and 9. • Smith & Marchesini, The Craft of System Security, Addison-Wesley, 2008, Chapter 9 Fundamentals of Secure Computer Systems

  2. Overview • User authentication – determine the identity of an individual accessing the system • Mechanisms, attacks, defenses • Authorization Fundamentals of Secure Computer Systems

  3. User Authentication • Three basic approaches: • Knowledge-based – usersprove their identity through something that they know • Example: passwords • Token-based – usersprove their identity through something they possess (something they have) • Example: passport • Biometric – users prove their identity through a unique physiological characteristic (something they are) • Example: fingerprint Fundamentals of Secure Computer Systems

  4. Multi-Factor Authentication • Multi-factor authentication – uses a combination of approaches • Example: ATM card + pin • More expensive • More secure • Tradeoffs – cost, usability, security Fundamentals of Secure Computer Systems

  5. Passwords • Passwords are widely-used for user authentication • Advantages: • Easy to use, understood by most users • Require no special equipment • Offer an adequate degree of security in many environments • Disadvantages: • Users tend to choose passwords that are easy to guess • Many password-cracking tools are available • Users often reuse passwords Fundamentals of Secure Computer Systems

  6. Using Passwords • User enters username and password • The operating system consults its table of passwords: • Match = user is assigned the corresponding uid • Problem: the table of passwords must be protected Fundamentals of Secure Computer Systems

  7. Using Passwords and One-Way Functions • User’s password is not stored in the table • A one-way hash of the password, h(password), is stored in the table • h(dumptruck) = JFNXPEMD • h(baseball) = WSAWFFVI Fundamentals of Secure Computer Systems

  8. Using Passwords and One-Way Functions (cont) • User enters username and password • The operating system hashes the password • The operating system compares the result to the entry in the table • Match = user is assigned the corresponding uid • Advantage: password table does not have to be protected • Disadvantage: dictionary attack Fundamentals of Secure Computer Systems

  9. A Dictionary Attack • An attacker can compile a dictionary of several thousand common words and compute the hash for each one: • Look for matches between the dictionary and the password table • Example: WSAWFFVI tells us Bob’s password is baseball Fundamentals of Secure Computer Systems

  10. Dictionary Attacks (cont) • Dictionary attacks are a serious problem: • Costs an intruder very little to send tens of thousands of common words through the one-way function and check for matches • Between 20 and 40 percent of the passwords on a typical system can be cracked in this way • Solution #1: don’t allow users to select their own passwords • System generates a random password for each user • Drawback: • Many people find system-assigned passwords hard to remember and write them down • Example: L8f#n!.5rH’ Fundamentals of Secure Computer Systems

  11. Combating Dictionary Attacks • Solution #2: password checking • Allow users to choose their own passwords • Do not allow them to use passwords that are in a common dictionary • Solution #3: salt the password table • A salt is a random string that is concatenated with a password before sending it through the one-way hash function • Random salt value chosen by system • Example: plre • Password chosen by user • Example: baseball Fundamentals of Secure Computer Systems

  12. Salting the Password Table • Password table contains: • Salt value = plre • h(password+salt) = h(baseballplre) = FSXMXFNB Fundamentals of Secure Computer Systems

  13. Salting the Password Table (cont) • User enters username and password • The operating system combines the password and the salt and hashes the result • The operating system compares the result to the entry in the table • Match = user is assigned the corresponding uid • Advantages: • Password table does not have to be protected • Dictionary attacks are much harder Fundamentals of Secure Computer Systems

  14. A Dictionary Attack • Attacker must now expand the dictionary to contain every possible salt with each possible password: • baseballaaaa • baseballaaab • baseballaaac …. • baseballaaaz • baseballaaba • baseballaabb …. • 264 (about half a million) times more work to check each word in the dictionary (for 4-letter salts) Fundamentals of Secure Computer Systems

  15. Attacks and Countermeasures • Online attack – manual attempt to break in • Countermeasures • exponential backoff – wait longer and longer after each attempt • restricted list – stop accepting input after N guesses, which can lead to DoS Fundamentals of Secure Computer Systems

  16. Attacks (continued) • Offline attack • Attacker captures some information (password file?) and takes it offline for analysis • Dictionary attack • Brute force methods Fundamentals of Secure Computer Systems

  17. Defenses • CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart • Special case of knowledge-based authentication •  Differentiates between humans and automated users

  18. CAPTCHA • Something easy for a human and difficult for a computer • Turing test – AI has been achieved when a human communicating with a human and a computer cannot tell the difference Fundamentals of Secure Computer Systems

  19. Human Factors • “A good password should be too complex to remember.” • “You should never write a password down.” • Bob Blakely Fundamentals of Secure Computer Systems

  20. Human Factors (continued) • Strong passwords • Humans are not good at spontaneous, context-free recall • Credential-recovery problem – often knowledge-based • The ‘spouse’ effect • Other reasons for credential transfer Fundamentals of Secure Computer Systems

  21. Biometrics • Measure a physical aspect • Compare it to a stored template • Fingerprints, hand geometry, ear prints, iris scans, DNA, face recognition • Readers are not accurate • Physical attributes vary from day to day Fundamentals of Secure Computer Systems

  22. ROC Curve • Sensitivity of biometric systems is tunable • False positives – imposter it authenticated • False negatives – legitimate user is rejected • Tradeoffs shown be receiver operations characteristics curve Fundamentals of Secure Computer Systems

  23. Receiver Operations Characteristics (ROC) Curve • False positives – imposter is authenticated • False negatives – legitimate user is rejected

  24. Biometrics • Invasive • Threatening Fundamentals of Secure Computer Systems

  25. Token-based Authentication • Something the user has • ATM card • Token • a small computational device which generates one-time passwords based on the real-time clock • the authenticating computer generates matching tokens using its own clock • susceptible to clock drift Fundamentals of Secure Computer Systems

  26. Attacks • Man-in-the-middle, bucket brigade or chess grandmaster attack • Adversary takes over user interface and collects user name and password • Adversary logs in for the user • Session hijacking – examples of TOCTOU • Social engineering Fundamentals of Secure Computer Systems

  27. Cryptographic Protocols • A protocol is an agreed-upon sequence of actions performed by two or more principals • Cryptographic protocols make use of cryptography to accomplish some task, such as authentication, securely Fundamentals of Secure Computer Systems

  28. Authentication • Authentication is the process of proving your identity to someone else • One-way • Two-way • Authentication protocols are often designed using a challenge and response mechanism • Authenticator creates a random challenge • Authenticatee proves identity by replying with the appropriate response Fundamentals of Secure Computer Systems

  29. Using Nonces to Establish Freshness • A nonce is a randomly-generated value that: • Is never reused • Can be used to prove the freshness of a message Fundamentals of Secure Computer Systems

  30. One-way Authentication Using Symmetric-Key Cryptography • Assume that Alice and Bob share a secret symmetric key, KAB • One-way authentication protocol: • Alice creates a nonce, NA, and sends it to Bob as a challenge • Bob encrypts Alice’s nonce with their secret key and returns the result, Encrypt(NA, KAB), to Alice • Alice can decrypt Bob’s response and verify that the result is her nonce A: => B(NA); B: => A(Encrypt(NA, KAB)); • A decrypts her own nonce and authenticates Bob Fundamentals of Secure Computer Systems

  31. Two-way Authentication A: => B(NA); B: => A(NB, Encrypt(NA, KAB)); A: => B(Encrypt (NB, KAB)); Fundamentals of Secure Computer Systems

  32. One-way Authentication Using Symmetric-Key Cryptography • Problem: an adversary, Mallory, might be able to impersonate Bob to Alice: • Alice sends challenge to Bob (intercepted by Mallory) • Mallory does not know KAB and thus cannot create the appropriate response • Mallory may be able to trick Bob (or Alice) into creating the appropriate response for her: A: => M(NA); M: => B(NA); B: => M(Encrypt(NA, KAB)); M: => A(Encrypt(NA, KAB)); Fundamentals of Secure Computer Systems

  33. One-way Authentication Using Public-Key Cryptography • Alice sends a nonce to Bob as a challenge • Bob replies by encrypting the nonce with his private key • Alice decrypts the response using Bob’s public key and verify that the result is her nonce A: => B(NA); B: => A(Encrypt(NA, BPrivate)); • Encrypting just any message that someone sends as an authentication challenge might not be a good idea Fundamentals of Secure Computer Systems

  34. Authentication and Key-Exchange Protocols • Combine authentication and key-exchange • Two parties are on opposite ends of a network and want to talk securely • Want to agree on a new session key securely • Want to each be sure that they are talking to the other and not an intruder • Wide Mouth Frog • Yaholom • Denning and Sacco Fundamentals of Secure Computer Systems

  35. Single Sign-on (SSO) • Multiple applications, each requires login • Provide users with the ability to log in only once for usability • Automatically propagate login to all applications

  36. Advantages and Disadvantages of SSO • Advantages: • Unified mechanism • One login/password to remember • One login/password for staff to set up • New applications reuse code • Disadvantages: • Cost of retrofitting old applications is high • Can weaken security

  37. Access Control Policies • Once a user has logged in the system must decide which actions she can and cannot perform • Examples: • Bob may be allowed to read files that Alice cannot • Alice may be permitted to use a printer that Bob cannot • In general, we view the system as a collection of: • Subjects (users) • Objects (resources) • An access control policy specifies how each subject can use each object Fundamentals of Secure Computer Systems

  38. Authorization • Authorization entails determining whether or not the protection policy permits a given user to perform a given action • Example: • Badges at a military installation • Many operating systems base authorization decisions on a user’s unique user identifier (or uid): • User is authenticated during log on and given an appropriate uid • Must enter valid username and password • The uid is used to determine which actions are authorized Fundamentals of Secure Computer Systems

  39. Summary • Important components of computer security: • User authentication – determine the identity of an individual accessing the system • Knowledge-based (knows), token-based (has), and biometrics (is) • Authorization - access control policies stipulate what actions a given user is allowed to perform on the system Fundamentals of Secure Computer Systems

More Related