chapter 3 preventive security approaches. 3.1 two main approaches §safeguard l is defined as any...
Post on 19-Dec-2015
219 views
TRANSCRIPT
Chapter 3
Preventive Security Approaches
3.1 Two Main Approaches
Safeguard is defined as any mechanism or procedure to
mitigate the effect of a threat before it can occur
Countermeasure is defined as any mechanism or procedure to
mitigate the effect of a threat that has already occurred
3.1.1 Safeguards
Integrated into Design introduce safeguard in its earliest stage
Avoids Disastrous Threats life critical operations requires early safeguard
Possible Waste of Resource additional resources must be justified
Difficult to Measure Success uncertainty exists for the practical issues
3.1.2 Countermeasures
Based on acted on EMERGENCY, teams will be formed to respond to the emergency.
Advantages:Possibly Avoids Waste of ResourcesEasier To Measure Success
Drawbacks:Allows Threats to Occur
3.2 Security MechanismsAuditing and Intrusion Detection Identification, Authentication and PasswordsEncryptionKey Management ProtocolsMandatory and Discretionary Access ControlPrivilegeSecurity KernelsConfiguration Management, Formal Methods and
Enhanced Life Cycle Activities
Classifications
Preventive: Auditing, Intrusion Detection, Identification and Authentication and Encryption
Logistic: Passwords, Key Management Protocol, Mandatory and Discretionary Access Control, Privilege and Security Kernels (chapter 4)
Others: Configuration Management, Formal Methods and Enhanced Life Cycle Activities
3.2.1 Auditing
Concept: The method involves the use of automated
mechanisms and associated procedure that cause a record of computer system activity to be automatically created and stored in a protected, computerized log.
The log provides a means of identifying the time, source and other important characteristics of a given attack
3.2.1.1 Auditing Requirements
Mechanisms and Procedures automatic obtaining computer activity and
placing it in a protected log manual logging is not acceptable for on-line
auditing
Recording of Relevant Activity activities about potential malicious attacks must
be included ideally all types of activities are included
Minimal Effect on Functionality the auditing procedure should not introduce harmful
or undesirable effects to the normal functionality of system
Audit Record Format A well-defined format of audit records are required
for data interpretation such as IEEE POSIX
Records in Protected Log records are use to reconstruct the attack hence
protection is very crucial. If protection cannot be introduced, effort should be made to avoid illegal modifications of audit record
3.2.1.2 Operational Description Three-step procedure is requiredStep 1: Determine what must be audited
e.g. file, mode and time
Step 2: Insert Audit Calls e.g. insert audit calls in the open routine
open(file,mode)
{ audit(time)
if mode = 0 “read” audit(file, read)
if mode = 1 “write” audit(file, write)
if mode = 2 “both” audit(file, read/write)
}
Step 3: Create protect Log Routines ensure all log is in the protected area normally append mode is used to avoid
overwritten secured compartment with secondary storage is
another possibility, e.g. magnetic tape printing of hardcopy is another way
user
Open(a,b)
Underlying openroutine sequence
Completion of openroutine sequence
Protectedaudit log
Auditingroutine
Call to auditing routine
Invocation ofcommand
System callinterface
Auditing Operation View
3.2.1.3 Alternate Auditing Approaches
Off-line Monitors drawback of auditing is that if the intruder is
successful in attacking a given system, the auditing scheme could be attacked
to avoid this off-line monitors of traffic is used the traffic monitor connected to off-line
computer which will not be affected limitation for access monitor only
Architectural Auditing Mechanisms by introducing additional auditing hardware e.g. dedicated computer system component to
provide for auditing of security-critical network traffic and operation
3.2.1.4 Attacks Countered by Auditing
Attacks are prevented because the attacker knows that auditing is present
attacks are countered by reconstructing the details of the attack using audit records
Hence innocent will be more careful and intruders are more cautious
3.2.2 Intrusion Detection
An automated support approach and set of associated manual procedure that are used to process and interpret the information in the audit log and to detect the potential presence of intruder is called intrusion detection.
3.2.2.1 Intrusion Detection Architecture
Assumption: a log of all security-relevant activity in a given setting or application is available for inspection.
This is based on identifying the normal and defining the abnormal
The approach is called profiling Algorithm is then created to compare what is
observed in the audit trail with defined user or system profiles and to detect the difference as abnormal
TargetSystemActivity
AuditingMechanism Audit
Log
IntrusionDetection
Mechansim
SystemActivity
Data
Intrusion Detection Architecture
3.2.2.2 Intrusion Detection Concepts
A given individual typically logs onto a system and logs off at roughly the same times and use same CPU time daily - this can be build into a profilee.g. <time_of_login, average_CPU_usage,
time_of_logout>
A record of four days are:<08:00,23, 17:00>
<07:50, 24, 17:10>
<07:56, 23, 16:45>
<08:13, 27, 17:03>
However, if the following behavior is recorded on the some day<03:25, 10, 06:34>
This record will raise suspicionTo build an automated detection algorithm, a
threshold profile is used, e.g.<1.0, 10, 1.0> <variation of one hour log in, 10 hours
CPU usage and one hour logoff>
The size of the threshold will determine the window of the profile and will be set accordingly
3.2.2.3 IDES Model
The Intrusion Detection System (IDES) was introduced by Dorothy Denning from SRI International
The model is composed of five explicit components: Subjects and Objects audit records profiles anomaly records activity rules
Subjects and ObjectsSubjects are the active initiators of
operations that are audited on the system, e.g. processes controlled by OS
Objects are information repositories on which system performs operations, e.g. files and directories
For UNIX, subjects are UNIX processes and objects are files, directories and other entities
Audit Record
In IDES, audit records are assumed to be structures with 6 components, i.e.<subject, object, action, error, resource, time> Subjects is the initiator of action Objects is the record error describes any true exception conditions resources provides statistics on any resource usage time provides a time stamp of when the action
occurs
Example:<joe, myfile, execute, no. CPU(00:02), 2:00>
and
<joe, important_file, read, no, CPU(00:01), 5:00>
<lee, important_file, read, no, CPU(00:01), 5:01>
<scr, important_file, read, no, CPU(00:01), 5:02>
<kin, important_file, read, no, CPU(00:01), 5:03>
This leads to security administrator to investigate why the important_file is read abnormally
6 components can be expanded to suit other applications
ProfileProfile is used to characterize expected
normal activity on a computer systemLogin Activity: time, earliest and frequencyExecutive Parameters: use of CPU, memory
and other resourcesFile access: profiles on frequency of reads
or writes to certain files, number of failed requests and other file access parameters
Format:<subject, object, action, e_pattern, r_pattern,
t_pattern>
Example:<joe, myfile, execute, no, CPU(00:01-00:04), 2:00-
22:00> This would denote Joe executes myfile, no error
are expected, CPU usage should be 1 and 4 seconds and time of execution should be between 2:00 am to 10:00 pm
comparison of profiles can be setup automatically
Anomaly Record
Anomaly records are alarms that are created whenever audited behavior does not match the profiles
In IDES model, 3-tuples are used<event, time, profile> Event specifies the activity that triggered alarm Time specifies when the problem was observed Profile specifies the mismatched structure
Example:Any users tries to log into the system after 2 am
or whenever someone fails to gain access several times in a row
Anomaly records are constructed with the two specific types of behaviors: behavior is suspicious for any user on the
system behavior is suspicious for some specific user on
the system
In the former cases, generic anomaly records and profiles are used to established that someone is causing strange behavior on the system to occur, e.g. many failure attempt of log in
In the latter case, anomaly records and profiles establish that a specific user is acting strangely e.g. access file frequency is more than normal
Activity Rules
Actively rules are programs that describe what action should take place when an alarm is set
Example: terminal screen will blink someone’s phone will ring electronic mail will be sent to an administrator and so
on
if alarm (0) then activity (0)
if alarm (1) then activity (1) …
if alarm (n) then activity (n)
3.2.2.4 Example: ComputerWatch
ComputerWatch is an audit trail analysis tool reported by Cheri Dowell & Paul Ramstedt of AT& T
This tool is compatible with most UNIX-based audit trails such as V/MLS audit trail tool
Raw AuditTrail
Audit Trail inDatabase Format
Rule Base
Database Schemas
ReportGeneration
Build-InQueries
CustomQueries
SummaryReport of Activity
User View
AuditTrailTranslation
ComputerWatch Data Flows and Modules
3.2.2.5 Attacks Countered by Intrusion Detection
Benefits: it deters possible attacks whenever an attacker
believes that the chances of getting caught outweigh the payoff of a proposed attack succeeding
use audit trails to determine who initiated the attack and once initiated what damage occurred
it provides evidence of attack
Drawbacks: it may be based on an incorrect profile, I.e
profile is not adequately describe the normal behavior
sophisticated user might behave abnormally to build up a profile that might be useful in subsequent attacks
strange behavior may not be part of attack, e.g. illegal login with good explanation
an attack leaves no identifiable clues that an intrusion detection system will be pick up
3.2.3 Identification and Authenticatin
Identification are techniques for distinguishing those active entities that are responsible for initiating specific actions on a computer system.
Authentication are techniques for ensuring that the identification has been done properly.
Example: the users types in the username and then the system demands a password
3.2.3.1 Concepts
Identification is defined as consisting of those procedures and mechanisms that allows agents external to some computer system to notify that system of their identity. Example: login:Joe
Authentication is defined as consisting of those procedures and mechanisms that allow a computer to ensure the stated identity is correct Example: Password: 123456
3.2.3.2 Approaches
Three major types of approaches exists: something possessed something embodied something known
AgentComputers
system
Identification
Authentication
•Something Possessed•Something Embodied•Something Known
Something Possessed
One way to ensure that the identity has been reported correctly is to check for something that only the identified agent could possibly possesses.
The most common approach is using smart card
The protocol exchange will identify the userAdvantage: the user is difficult to spoof the
function, i.e unbreakable
Steps to identify the agent/user Step 1: a computer system administrator sets up
a smart card for some user by entering a function that is chosen for only that user onto the card. The user is given an identification number that protects the card from being used by an intruder if it is lost
Step 2: The card is given to the user and the user should not lose or loan it. Normally a personal identification number (PIN) is used in conjunction with the card
Step 3: Whenever the user must be authenticated, the system provides a value to the user
Step 4: The users evaluates the function on the smart card for the input and enters it back into the system either by typing or using a card reader
Step 5: The system determines the value of the function on the input and compares it to the user’s result
Step 6: if results match, the user is authenticated
Something Embodied
This approach involves checking in an invoking user for some characteristic that is inherently part of that agent.
Example: voice, fingerprints, rentinal patterns and signature
Advantage: cannot be spoofed easily because the user/agent has distinct features
Disadvantage: expensive hardware
Something Known
Involves a something known scheme.Commonest example: passwordAdvantage:
it increase the amount of information an attacker must obtain to spoof the login
One time pad approach can be integrated to challenge-response scheme
This can also been introduced with smart card devices
Alternate Approaches
Alternate approach: associative Sequence of reasoning or concept association:
login: joe
provide association:
bardados: vacation
football: gaints
cloak: dagger
woman: lee
Another alternative approach: challenge sequence of questions and answers
login: joe
provide responses:
date of birth? 12-03-61
dog’s name? Scrappy
grandfather’s profession? Barber
spouse’s maiden name? matuska
coat size? 40r
3.2.3.3 Example: Polonius
User ID
User PIN
(2)
User Passport Channel Authentication Service Server Provider
User ID Counter(1)
ChallengeGenerator
(4)
(5)(3)
AssessResult(6)
Result(7)
StepsStep 1: User enters a user identification sequence to
the hostStep 2: host uses a database to provide challenge
sequencing information to a challenge generatorStep 3: a challenge is issue to the userStep 4: user enters PIN to passportStep 5: Passport computes a responses using secret keyStep 6: A response is sent to hostStep 7: host use secret key to compute the responseStep 8: Authentication results are passed to host
service provider
3.2.3.4 User sessionsIn normal login, users are identified and
authenticated by a system in the login session after that the user is authentic to use the system by invoking a series of commands
If during the login session, some attack occurs and the user’s identity has changed, the initial identification and authentication will no longer be valid as a result of some spoof that steals the passwords
Thus, in some systems explicit authentication may be required during a user session if certain critical commands are invoked
Example is the superuser commands in UNIX system
To strengthen this weakness, a secondary authentication is introduced in addition to the primary authentication used normally.
3.2.3.5 Trusted Path
A trusted path is a direct communication path between a user and a routine or program that results from some procedure or mechanism that suitably authenticates the routine or program in a manner that cannot be spoofed.
This approach is complicated if one’s means for accessing a system is more than just a dumb terminal.
3.2.3.6 Attacks Countered by Identification and Authentication
Two categories exist: attacks that require an external intruder gaining
unauthorized access to a system attacks that can be traced back to an individual that was
identified and authenticated by the system
Problem only exists if the scheme is not planned or implemented properly
Integrated with auditing will strengthen the approach
3.2.4 Encryption
Encryption Encryption will modify data into irregular form for
security storage and transmission. The reconstruction is achieved by using a set of relevant Keys.
Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cyptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.
Common Encryption Techniques
Three algorithms will be introduced DES (Data Encryption Standard) RSA (Rivet, Shamir, Adleman) ECC (Elliptic Curve Cryptography)
DES
DES the most well-known symmetric system being
used by banking sector and computer security. the technique was originated from IBM and
certified by National Bureau of Standards in 1977.
an official unclassified data encryption method. widely been used by Banking sectors
64 Bit Plaintext
Initial Permutation
32 Bit L0 32 Bit R0
F(R0,K1)+
32 Bit L1 32 Bit R1
32 Bit L15 32 Bit R15
F(R15,K16)+
32 Bit L16 32 Bit R16
Final Permutation
64 Bit Ciphertext
Encryption ProcessDES System
64 Bit Key
Permutation Choice 1
56 Bit Key
28 Bit C0 28 Bit D0
Left Shift Right Shift
C1 D1
BuildingBlock
PermutedChoice 2
K1(48 bits)
C16 D16
PermutedChoice 2
Key Schedule
Li-1
32 bitsRi-1 32 bits
ExpansionPermutation 48 bits
S-BoxSubstitution
choice 32 bits
P-box Permutation
Li
32 bitsRi
32 bits
56 bits KeyPermuted Choice
48 bits
Function f
DES Substitution Boxes Operation
Operation Tables of DES (IP, IP-1, E and P)
RSA
developed by 3 researchers at MIT in 1977based on two prime numbers (p & q) to generate
the keysmost popular is RSA 129 where p x q gives a 129
bit numberhighly security and has once been proposed to
replace DES in banking application report cipher analyzed by a group of 600 specialist
in May 1994 through internetFast Montgomery’s approach available
RSA Steps
Select two large prime p& qGenerate n = pqGenerate f(n) = (p-1)(q-1)Select e (encryption/public key) and d
(decryption/secret) as ed = 1 (mod(f(n))
Encrption by C =(Me, mod n) where M is the message
Decrypt by M =(Cd, mod n)
ECC
ECC a new elliptic curve cryptosystem method for
public key applications developed by Neil Koblitz (Washington
University) and Victor Miller (IBM, Yorktown Heights) in 1985
using points in the elliptic curve as the elements for encryption
will become IEEE standard in 2000 (P1613)
ECC - key generation
Select an elliptic curveGenerate the coordinate pairs which satisfy the
conditions of modulo n and select starting point P
Key generation: select a random integer d (secret key) in the interval
[2, n-2] compute point Q = dP make Q public
ECC Encryption
Encryption select a random integer k in the interval [2, n-2] compute (x1,y1) = kP and (x2,y2) generate a mask Y from secret as f(x2) and
compute C = YM where M is the message send the encrypted ciphertext EM as
concatenated [x1, y1, C]
ECC Decryption
Decryption extract (x1,y1) from ciphertext EM compute (x2,y2) from d(x1,y1) compute mask Y as f(x2) recover message by M = CY
Encryption and Decryption :
Actions perform by Party B
Encryption :
Actions perform by Party A
Decryption Process
1. Looks up A public key : Q =
(xQ,yQ)
= ( ,0)
2. Select a random integer k = 2 in the
interval [2, n -2 ] - the private key
for
the one - time key pair
3. Computes the point (x1,y1) = kP =
2(5, 11) = ( , ) =
((1100),(1100))
- the public key for one - time key
pair
4. Computes the point (x2,y2) = kQ =
2( , ) = (5, 11) =
((1010),(1110))
x2 is the secret value.
5. Generates a mask Y of length 6
with the mask generation function
used, Y will vary. For the purposes
in this example, let Y = 011010.
6. Computes C = Y M = (011010)
(010100) = (001110)
7. Computes the encrypted message
by concatenating (x1,y1) and C,
and transmit (11001100001110) to
A.
1.Ciphertext EM = (11001100001110)
received from B
2. Uses the first 8 bits of the string for
one
- time public key : ((1100),(1100)).
The rest of EM will be stored in C
3. Computes the point (x2,y2) = d
( x1,y1) = 3 (1100,1100) = 3(, ) =
(5, 11)= ( (1010),(1110)). X2 is the
secret value.
4. Using the same mask generation
function as B, A generate from x2 the
mask Y = 011010.
5. Recover the message M by XORing
all
but the first 8 bits of EM with the
mask Y: M : C Y = (001110)
(011010) = (010100)
Attacks Countered by Encryption
Attacks that are designed to disclose information in transit between remote computer systems or between a user and a remote system to an unauthorized entity
attacks that are designed to masquerade information in transit between remote computer systems or between a user and a remote system
attacks that are designed to disclose certain “expendable” types of stored data
3.2.5 Configuration Management
Careful Maintenance of computer recordThreats normally required get access to the
software and introduce Trojan HorsesCareful management can avoid this types of
threats by comparing the difference of different versions to avoid illegal modification to software
3.2.6 Formal Methods
Formal method based on formal specification and verification is normally used for accurate and vigorous computer system development
Tools are available for verifying the validity of the software to avoid any introduction of software threats
3.2.7 Enhanced Life Cycle
Provide an enhance life cycle to the software such as
documentation needs to identify work and unwork portion of
software to avoid threats
Reviews walkthrough and review possible weaknesses in
the code
Traceability mapping ensure all materials are traceable to avoid
malicious developer
Tool Use if automatic tools can be used the manual
intervention can be avoid
Testing introduce tests on different scenarios are
required to ensure all possible threats can be eliminated or minimized
3.3 Selection Principles
Cost Effectiveness to consider the impact of mechanism related to
all costs such as fix and recurring costs
Human Invention human intervention can cause error and the
protection will not be optimal
Failsafe Operation the fail must be safe contained but not open
Design Secrecy design must kept confidential to avoid possible
leak to intruders
Entrapment to allow certain degree of allowance for possible
intruder to attack
Independence of Control and Subject those develop the protection such be eliminated
from controlling the operation to reduce the risk possibilities
Universal Application preventive mechanism must not be associated
with special cases and exceptions, they must be more universal and general
Acceptance and Tolerance by Personnel introduction of preventive mechanism should
not introduce inconvenience to affected personnel otherwise methods will be developed to subverting the protection methods
3.4 Reference
E Amoroso Chapters 15, 16, 17,18, 20