REVISION CSE2500 SYSTEM SECURITY & PRIVACY. RevisionSrini & Nandita2 Introduction to security Security attack - action that compromises the security of

REVISIONREVISION

CSE2500 SYSTEM SECURITY & PRIVACY

Revision Srini & Nandita2

Introduction to securityIntroduction to security

Security attack - action that compromises the security of a system and its information

Security mechanism – prevention, detection and reaction

Security services – tools and programs that prevent/detect/react the attacks. many combine mechanism/services into

method(s) for thwarting security threats.


Security Attack TypesSecurity Attack Types

Interruption – attack on availabilityInterception – attack on confidentialityModification – attack on integrityFabrication – attack on authenticity

Function Property


Security is defined asSecurity is defined as

Computer security deals with the prevention and detection of unauthorised actions by users of a computer system AND

deals with the ready availability of valuable assets by authorised agents, and the denial of that access to all others


Attacks – typesAttacks – types

Passive (interception) – eavesdropping on, monitoring of, transmissions. Examples: release of message contents and traffic analysis

Active - Involve modification of the data stream or creation of a false stream and can be subdivided into – masquerade, replay, modification of messages and denial of service..


RISK ANALYSIS & SECURITY PLANRISK ANALYSIS & SECURITY PLAN

RISK = LOSS ($) X PROBABILITYBenefits of RA

Awareness & documentation of assets & risks

Accountable decision and expenditutreCriticism of RA probable loss &

uncertaintySecurity Plan

Document addressing security needs


Steps to Complete a RASteps to Complete a RA

List the Assets Determine their value, including costs of

recreating data files Vulnerabilities Probability of Loss Computation Possible Controls Cost of Applied Controls Cost/Benefit


Content of a Security Plan (1)Content of a Security Plan (1)

PolicyCurrent Situation RequirementsRecommendationsAccountable PersonnelPlans and SchedulesEvaluation and Review


Authentication meansAuthentication means

to establish the proof of identity.Authentication techniques may vary

depending on the kind of resource being accessed.

The various kinds of access can be classified into user-to-host host-to-host user(or process) –to – user (process)


Authentication is done byAuthentication is done by

by something you are (SYA) by something you know (SYK) by something you have (SYH)

SYA is more reliable and accurate compared to SYH.


User-to-Host authenticationUser-to-Host authentication

Typical methods are static passwords - SYK challenge and response – mathematical

function shared one-time passwords – changes every time trusted third parties - simple sign-on system


Static passwords - Static passwords - problemsproblems

A password guesser (also known as cracker/dictionary attack) can be used to guess some of the passwords even if the passwords (or its derivatives) are stored in encrypted form.

The passwords can be guessed because of their poor choice such as password is same as the user name

or the actual user name, or the popular words in the dictionary, etc.


Biometric TechniquesBiometric Techniques

Biometrics identify people by measuring some aspect of individual anatomy or physiology - SYH

Handwritten signaturesFace RecognitionFingerprintsIris CodesDevices


Fundamental Model of Access Fundamental Model of Access ControlControl

subject Access request Reference

Monitorsobject


Possible Access Control Possible Access Control Mechanisms areMechanisms are

Control Matrix Control lists Groups and Roles Extension to Distributed (+file) Systems


Access Control MatrixAccess Control Matrix

Object

Users

Operating system

Accounts

Program

Accounting Data

Audit Trail

Sam rwx rwx rw r

Alice x x rw -

Bob rx r r r


ACLs per subject(Capabilities list)ACLs per subject(Capabilities list)

Sam

rwx

rwx

r

r

Alice

rx

x

-

-

Acc.pgm

rx

r

rw

w

Bob

rx

r

r

r

Srini

rx

r

r

r

User

OS

A/C Prgm

A/C Data

Audit trail


Access Control ListsAccess Control Lists

User Accounting Data

Sam rw

Alice rw

Bob r

Srini r


Trusted hosts – Trusted hosts – advantages/disadvantagesadvantages/disadvantages

Password cannot be sniffed because it is not transmitted.

Users can log in once and then subsequently move to any machine in the trusted network.

A compromised host makes others vulnerable

Vulnerable to IP spoofing


Security Models and their properties:Security Models and their properties:

The Bell-LaPadula model addresses information confidentiality

Chinese Wall model restricts information flow and addresses conflicts of interest

Biba model addresses information integrityClarke-Wilson model formally models a policy

based on well-formed transactions.

Ranked Model multilevel security


CryptographyCryptography

plaintext (data file or messages)

encryption

ciphertext (stored or transmitted safely)

decryption

plaintext (original data or messages)


General approaches to CryptographyGeneral approaches to Cryptography

There are two general encryption methods: Block ciphers & Stream ciphers

Block ciphers Slice message M into (fixed size blocks) m1, …, mn

• Add padding to last block Use Ek to produce (ciphertext blocks) x1, …, xn

Use Dk to recover M from m1, …, mn

E.g: DES, etc. Stream ciphers

Generate a long random string (or pseudo random)called one-time pad.

Message one-time pad (exclusive or)• E.g: EC4


Types of ciphersTypes of ciphers

Private key cryptosystems/ciphersThe secret key is shared between two parties

Public key cryptosystems/ciphersThe secret key is not shared and two parties

can still communicate using their public keys


Design of Private Key CiphersDesign of Private Key Ciphers

A Cryptographic algorithm should be efficient for good use It should be fast and key length should be of the right length –

e.g.; not too short Cryptographic algorithms are not impossible to break

without a key If we try all the combinations, we can get the original message

The security of a cryptographic algorithm depends on how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographic algorithm X

using all the computers of a state, X can be thought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crack many current cryptographic algorithms.


What is PKE used for?What is PKE used for?

Private Key Encryption (PKE) can be used:Transmitting data over an insecure channelSecure stored data (encrypt & store)Provide integrity check:

• (Key + Mes.) -> MAC (message authentication code)


Private Key EncryptionPrivate Key Encryption

Caesar cipher substitution cipher (letters shifted by fixed key, K)

DES (US, 1977) (3DES)key -- 56 bits, plaintext/ciphertext -- 64 bits

IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bits

SPEED (Y Zheng in 1996)Key/(plaintext/ciphertext) -- 48,64,80,…,256 bits

AES (Joan Daemen & Vincent Rijmen 2000)Key/(plaintext/ciphertext) -- 128, 192 and 256 bits


Private key cipherPrivate key cipher

E Network or Storage

Plain Text Cipher Text Cipher Text

D

Bob

Secret Key

Alice

Secret Key

Plain Text


Motivation of Public Key CryptographyMotivation of Public Key Cryptography

Is it possible for Alice & Bob, who have no shared secret key, to communicate securely ?

This led to the SINGLE MOST IMPORTANT discovery of public key communications: Diffie & Hellman’s ideas of public key

cryptography: <private-key, public-key>


Public Key CryptosystemPublic Key Cryptosystem

E Network


D

Plain Text

Alice

Bob

Bob:

Public Key Directory (Yellow/White Pages)

Secret Key


RSA Public Key CryptosystemRSA Public Key Cryptosystem

c=m e mod n

Network

Plain Text Cipher Text Cipher Text Plain Text

Alice

Bob

Bob: (e, n)Public Key Directory (Yellow/White Pages)

public key:

e & n

secret key: d

m=c d mod n


Private key ciphersPrivate key ciphers

Good pointsin-expensive to usefastlow cost VLSI chips available

Bad pointskey distribution is a problem


Public key ciphersPublic key ciphers

Good pointskey distribution is NOT a problem

Bad pointsrelatively expensive to userelatively slowVLSI chips not available or relatively high cost


Digital Signature Digital Signature (based on RSA)(based on RSA)


Bob:

E

Network

Plain Text

Plain Text

Bob

Secret Key

+

Cathy

Signature

Accept if equal

D

Signature

?

Public Key


Digital Signature Digital Signature (for short doc)(for short doc)


Bob: (e, n)

Network

Plain Text

Plain Text

Bob

Secret Key d

+

Cathy

Signature

Accept if equal

Signature

?

Public Key (e, n)

s =md mod n t =se mod n


Digital Signature Digital Signature (for long doc)(for long doc)


Bob:

Network

Plain Text

Plain Text

H

100 bits

Bob

Secret Key

+

H 100 bits

Cathy

Signature

Accept if equal1-way hash

100 bits

Signature

?

Public Key


Why Digital Signature ?Why Digital Signature ?Unforgeable

takes 1 billion years to forge !Un-deniable by the signatoryUniversally verifiableDiffers from doc to docEasily implementable by

software orhardware orsoftware + hardware


Use & Abuse of encryptionUse & Abuse of encryption

Proper use:protects privacy of individualsprotects commercial interests of companies

Abuse:organised crimes (s.a. drug trafficking)fraud and corruptionterrorism......


Escrowed keyEscrowed key

E Network or Storage


D

OriginalPlain Text

Bob

Secret Key

Alice

Secret Key

EscrowAgency A

EscrowAgency B


A positive use of key escrowA positive use of key escrowEncrypted data become useless if the key

is lost or forgotten !Have you ever forgotten your password ?

To prevent loss of corporate information, a company can build a company-wide “key escrow” system (our original Question on slide 2)Question: HOW ?

(hint: no police or court system is involved in this case.)


Shamir’s (t,n)-threshold schemeShamir’s (t,n)-threshold scheme

Key disposing --- by the dealerinitialisationdistributing a share to each of the n

participants in the groupKey recovery --- by participants

gathering shares from t participantsreconstructing the key from the t shares


Auditing and LoggingAuditing and Logging

Log files are an important building block of a secure system: they form a recorded history, or audit trail, of the computer’s past, making it easier to track an attack.

Log files also have a fundamental vulnerability (as they can be modified similar to modifying the database files) as they are stored on the system which can be modified by the intruder.


Integrity ManagementIntegrity Management

The goal of integrity management is to prevent alterations to (or deletions of) data, to detect modification or deletions if they occur, and to recover from alterations or deletions if they happen.


Integrity Management TechniquesIntegrity Management Techniques

Setting appropriate file permissions and restricting access to the root account on Unix.

Immutable files – that cannot be modified once the system is running.

Append only files – files to which data can be appended, but in which the existing data cannot be changed. This type is ideally suitable for log files.

Read-only file systems – a hardware read only protection will be even better.


Detecting a change in a file(s)Detecting a change in a file(s)

Meta data - such as file sizes, last modification time, etc

Comparison copies – comparing byte-by-byte – unwieldy and time consuming.

Checksum – file content can be modified in such a way that it generates the same checksum – not effective.

Digital Signatures!!!


DDB should deliverB should deliver (advantages) (advantages)

shared accessminimal redundancydata consistencydata integritycontrolled access


Reliability & integrityReliability & integrity three dimensions:

database integrityelement integrityelement accuracy

various techniques2-phase update introducing redundancy recoveryconcurrency/consistency controlusing monitors


Access decisions on sensitive dataAccess decisions on sensitive data

factors to be considered when permitting “user x to access data y”availability of data

• Record is blocked from read while it is modified

acceptability of access• No disclosure (even ‘partial’) of sensitive values

to unauthorized users

assurance of authenticity of user• Limit access based on other considerations

(time of access, previous accesses,…)


Inference ProblemInference Problem

definition:infer or derive sensitive data from non-

sensitive or (seemingly) un-related data“inference” is a subtle vulnerability in

database security


Summary of inferenceSummary of inference

no perfect solution to inference problem3 common approaches

suppress obviously sensitive data fairly easy

track what the user knows costlydisguise data may result in incorrect or

wrong responses to legitimate queries


Guidelines on Protection of Privacy & Transborder flows of personal Information were adopted by the OECD on 30 September 1980, contained 8 basic principles:

1. Collection limitation

2. Data quality

3. Purpose specification

4. Use limitation

5. Security Safeguards

6. Openness

7. participation

8. Accountability


State legislation

Victoria and NSW have introduced Privacy legislation.

The Information Privacy Act 2000 (Victoria) applies to state government Departments. Ministers of the state Crown, courts, police – and universities set up under state legislation.

Contains 10 Information Privacy Principles (IPPs) very similar to the 10 NPPs in the Federal Act.

The Health Records Act 2001 (Victoria), protects privacy of health records

Contains 11 Health privacy Principles (HPPs)

Documents

REVISION CSE2500 SYSTEM SECURITY & PRIVACY. RevisionSrini & Nandita2 Introduction to security Security attack - action that compromises the security of