comp 208/214/215/216 – lecture 10
DESCRIPTION
COMP 208/214/215/216 – Lecture 10. Implementation Issues Security. Database and system Security. Authentication Privacy Integrity Audits and control. Authentication. Commonly based on shared secret Passwords are typically Stored in hashed form - PowerPoint PPT PresentationTRANSCRIPT
COMP 208/214/215/216 – Lecture 10
ImplementationIssues Security
Database and system Security• Authentication• Privacy• Integrity• Audits and control
• Commonly based on shared secret
• Passwords are typically– Stored in hashed form– Used as part of challenge
handshake response– Should be encrypted before
transmitting over the network
Authentication
Password hashing• One way function• Hash(“secret”)= A13FCB34DF• Now the password cannot be read plain from dbase
table• Salt, helps to protect against pre-computed “rainbow”
table, (salt is random bits stored with hash)• Rainbow table
– “cat” ABCEF– “fred” 24ABFC– “password” 4BAF12
• Now to attack a particular hash seen on the network one would need to use all different salt combinations
SSL/TLS/https• SSL
– Secure sockets layer, developed by Netscape for secure connection between browsers and web servers
• TLS– IETF standard, based on SSL
• https– This means http (hyper text transfer
protocol transfer securely over TLS)
slide 6 Internet Security
Asymmetric Key
Encryption Decryption
Key 123 Key ABC
Hi MumPlaintext Hi MumHi MumHi MumHi MumHi MumHi MumGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCGH BVCH BVCGH BVCGH BVCGH BVCGH BVCGH BVCHi MumHi MumHi MumHi MumHi MumHi MumHi Mum Plaintext
Cipher text
Different Keys used for Encryption and Decryption
slide 7Internet Security
Digital Signature• Example Signature
Dear Bank M anager,I would like to transfer $1,000,000from the company account to mypersonal accountthank youJohn Tayloraccount manager
</signature>2344553AD1EF9896454343343434674785BE0E85CD </signature>
em ail to: Bank M anager@ Bank.Comfrom : JohnTaylor@ com pany.comsubject: Transfer of funds
slide 8Internet Security
Digital Signature• Transmission Operation
I would liketo transfer$1,000,000Thank you.
HashFunction
Hash ResultE12D4378BA980C1214390
SigningFunction
I would liketo transfer$1,000,000Thank you.
<sig>34E02B2BC8D746A21B4285C87E64BA29<sig>Digital
signature
Sender’sprivate key
slide 9Internet Security
Digital SignatureDigital Signature
Reception Operation
HashFunction
Hash ResultE12D4378BA980C1214390
Decrypt
I would liketo transfer$1,000,000Thank you.
<sig>34E02B2BC8D746A21B4285C87E64BA29<sig>
Sender’spublic key
Hash valuesthe same?
reject
accept
slide 10Internet Security
Secure Hash Functions• h = H(M)• Where h = hash value H = hash function M = message• Special properties of hash function• Different h value for different messages (random
distribution)• Impossible (very difficult to generate message
with given hash value)• Very difficult to generate two messages with
same hash value i.e. two message M1, M2 where H(M1)=H(M2)
slide 11Internet Security
PKI Public Key Infrastructure• Services defined
– Key/identity binding– Key distribution– Key integrity– Key revocation
PKI Public Key Infrastructure
• When you connect to web server, using TLS• Web server sends certificate containing
– Organisation’s identity– Organisation’s public key– Digital Signature of certification authority
• The certificate is validated and then the public key and the private key held at the server is used to– Authenticate the server– Help establish encryption keys between client and
server
Limitations of https
• Only secures data transmission over the Internet, so is just secure transport
• Does not– Secure data in database– Provide user authentication– Provide security for relayed messages
(example for email security)
Database Encryption options• Database encryption functions (backend)
– e.g. MySQL AES_Encrypt– Drawbacks… technology specific, change dbase needs re-write– Puts extra load on database server– Needs secure connections between middleware and backend
• Middleware encryption (application layer)– Easier to port– Easier to integrate hardware support for encryption
• Client side – True end to end security– Relies on client side key management which is hard to keep
secure, v.complex– Clients have to be attacked 1 by 1 makes large scale attacks
difficult
Authentication and authorization• Authentication
– Who are you?
• Authorization– What can you do?
Authentication
• Challenge handshake response– Server sends long random number as
challenge (nonce)– Client responds with nonce encrypted
with private key
• Commonly used in– ISP access as part of PPP
Authorization
• Run all code through standard API• For each user/table have
– Read/write/insert/delete permissions
• Can be done at– MySQL level (poor granularity, need
different MySQL creds. For each user role)
– Application layer (better flexibility, more coding)
Security policy
• Gives the organization– A fixed set of rules to secure
• Passwords, data base access• Backups and data integrity
• Policy– Can be analysed and amended to look
for weaknesses– Guards against adhoc security
decisions
Security policy examples• Password strength• Procedures for password retrieval (email, post or
phone)• Media
– Document, USB stick shredding and destruction– Removal from site– Bringing on to site
• Backups– Encryption
• Firewall – Configuration policy
Bell–LaPadula security model• Each user is given security clearance (top secret,
secret, public)– All documents they develop are automatically set at that
clearance
• Each user can– Must not read any document above their clearance (no
read up)– Must not write any document below their clearance (no
write down)
• Trusted subjects– Are allowed to write down, to lower the clearance
of secured information
Summary
• To secure your system you need to– Secure the network transport– Secure all persistent data– Have a proper security policy– Protect against physical failure