Introduction to Computer SecurityAuthentication and Access Control
Pavel LaskovWilhelm Schickard Institute for Computer Science
Resource access: a big picture
1. Identification
2. Authentication
3. Authorization
4. Accountability
Which object O requests access to resource R?
Is O indeed what it claims to be?
Is O authorized to access R?
Log the transaction access(O,R)
Simple identification/authentication
Ask for an identity (e.g. user name)Check if an identity is knownAsk for a shared secret (e.g. apassword)Check if the secret matches the identityPassword is stored in an encrypted formusing a one-way hash function:root:!:14118:0:
laskov:$1$/et/grJh$xssVNwpdA35TwsSt7Yjvb/:14118:0:
Password encryption on UNIX
DESprepend password with 2-bit salttake 7 lowest bits from first 8 charactersencrypt a fixed 64-bit string with DES using 56 bits as a keyconvert the resulting 64 bits into 11 ASCII characters using 6bits for character (2 bits padded with zeros)
MD5originally written for FreeBSD to avoid export restrictionsno limit on password sizeis indicated by the starting $1$ in the shadow file
Identity management
A digital identity is a set of properties assigned to a givenobject (e.g. access rights)
Identity management:Creation and deletion of identitiesManagement of properties assigned to identitiesSecure storage of identitiesSecure handling of queries regarding identities and theirproperties.
Lightweight directory access protocol (LDAP)
A directory is a specialized database optimized for searchingand browsing.LDAP entries are collections of attributes identified by aunique distinguished name (dn).Entries are characterized by types that determine theirformat and syntax (e.g. ou = “Organisational Unit”).Entries are stored in a hierarchy. A relative distinguishedname defines a search path to an entry.
LDAP directory example
Authentication modes
User authentication Entity authenticationObject human being non-human beingApplications login
remote accessremote accesscommunication securityprogram securitykey distribution
Speed low highSecret only no yes
User authentication
Something you know: passwords, passphrases, sharedsecrets (e.g. mother’s maiden name), puzzlesSomething you have: smart cards, security tokensSomething you are: biometrics, signature dynamics,keyboard dynamics, voice print
What is a good password?
Long passwords are harder to break but tedious to type.Random passwords are hard to break but next to impossibleto memorize.Writing down a password on a sticky note doesn’t help.Password expiration reduces the damage but increases therisk of forgetting.Automatic password generation
easily memorizable wordspassphrases: sentences hashed into passwords
Passwords are only usable for services that are often used.
Password generation examples
Password generation examples
Smart cards
Physical tamper-proof credentialsMemory cards: simple storage of information(e.g. medical insurance)Microprocessor cards:
advanced functionality (e.g. transactions)cryptographic operations (e.g. key validationand key-pair generation)
Java cards: a mini-JVM on a chip (e.g. forcode update).Main problem: theft and loss risk
Biometric identification
“Unforgeable” features of a person:fingerprintshand geometryhand topographyiris scanretina scan
...or behavioral characteristics:signature dynamicskeyboard dynamicsvoice print
Disadvantages of biometric authentication
Non-zero probability of erroneousclassificationHigh cost and time consumptionImpossibility to revokePrivacy issues and social acceptanceCan be potentially falcified
Two-factor authentication
A combination of any two authenticationmodesExample: SecurID
PIN assigned to usertoken automatically generated inhardware every 30 seconds
Clock synchronization between a tokengenerator and an authentication serverrequired
Single sign-on
Motivation:Reduce the need to memorize passwordsReduce the time spent on typing passwordsReducing password maintenance effort
Solutions:Local password containers (e.g. KDE Wallet)Physical authentication devicesClient-server architectures (Kerberos, Active Directory)
Kerberos: a brief history
Development at MIT in the project Athena inthe 1980s, versions 1 – 3 for internal use,version 4 released in 1988.Version 5 released in 1993 fixed somesecurity flaws of the previous version;version 4 withdrawn in 2006.Banned for export by US government until2000 (due to the use of DES);re-implemented in Sweden at KTH.Currently, both implementations – MIT(Athena) and KTH (Heimdal) – support AESas the main encryption instrument.Supported by all major OS (Windows 2000up, Mac OS X, Solaris, Red Hat Enterprize)
Kerberos authentication protocol
Client
Application Server
Key Distribution Center (KDC)
Authentication Server(AS)
Ticket Granting Server(TGS)
Database
AS_REQ
AS_REP
TGS_REQ
TGS_REP
AP_REQ
AP_REP
Kerberos details: user login
User enters his user name U and password P at a clientworkstation.The hash value of his password Ku = h(P) becomes asecret key of the client/user.
Kerberos details: user authentication
The client sends his user ID U and the requested service Sto the authentication server AS:
C→ AS : (U, S)
If the user ID is found in a database, AS generates a TGSsession key kTGS and a ticket-generating ticket TGT:
TGT : (U, S, kTGS)
AS sends TGT encrypted to C:
C← AS : {S, kTGS}Ku{TGT}KTGS
Kerberos details: ticket request
The client generates an authenticator:
A : {U}kTGS
The client sends a ticket granting request to a ticket grantingserver:
C→ TGS : (S, A){TGT}KTGS
TGS verifies that U in A matches U in TGT, generates aservice session key kS and puts it into a service ticket:
TS : (U, S, kS)
TGS sends TS encrypted with the service key KS to C:
C← TGS : {S, kS}kTGS{TS}KS
Kerberos details: service authentication
The client generates an authenticator:
A : {U}kS
The client sends a request to a service:
C→ S : (A){TS}KS
The service checks if U in A matches U in TS and if soaccepts the request.
Kerberos resume
Provides secure authentication in an insecure network.A de-facto standard (at least open-source) in distributedauthentication services.Relatively complex in installation.Single point of failure.
Access control overview
Given a subject, which objects can it access and how?Given an object, which subjects can access it and how?
User process ? Resource
Subject Reference monitor Object
Policy
Access request
Main concepts of access control
Subject is an entity that initiates an access request.⇒ active entries, usually processes
Object is an entity an access to which is requested.⇒ passive entries, processes or resources
Principal is an identifiable entity, e.g., a user.⇒ each subject mapped to one principal⇒ multiple subjects per principal
Rights represent different types of access.Reference monitor makes authorization decisions.
Access control structures
Access control structures are mechanisms for implementingaccess policies:
access control matrixcapabilitiesaccess control listsintermediate controls (groups, negative permissions, roles,protection rings etc.)
Requirements for access control structures:an ability to express control policiesverifiability of correctness.scalability and manageability
Access control matrix
Access control matrix is a basic control structure.
bill.doc edit.exe fun.comAlice – {execute} {execute,read}Bob {read} {execute} {execute,read,write}
Advantages:clarity of definitioneasy to verify
Disadvantages:poor scalabilitypoor handling of changes
Capabilities
Capability is a subject-centered description of access rights:Alice: {edit.exe: execute}, {fun.com: execute, read}Bob: {bill.doc: read,write}, {edit.exe: execute}, {fun.com:execute, read,write}
Advantages:easy ownership transfereasy inheritance ofaccess rights
Disadvantages:poor overview of accessrights per objectdifficulty of revocationneed for extra integrityprotection
Access control lists (ACL)
ACL is an object-centered description of access rights:bill.doc: {Bob: read,write}exit.exe: {Alice: execute}, {Bob: execute}fun.com: {Alice: execute, read}, {Bob: execute, read,write}
Advantages:easy access to objectaccess rightsrelative easiness ofmanagement usingabstractions
Disadvantages:poor overview of accessrights per subjectdifficulty of revocationdifficulty of sharing
Access control abstractions
Group: an collection of related subjectseasy sharingeasy addition and removal of users
Negative permission: explicit revocation of access rightsPrivilege: a mapping of users to access rights
concise definition of access rights{admin: read,write,execute}, /etc/passwd: {Alice, admin}
Protection ring: a hierarchy of access right levels0 – operating system kernel1 – operating system2 – services3 – user processes
Mandatory access control (MAC)
Centralized access control by means of system-wide policy.Access control rights are fixed by an administrators.A limited number of implementations, e.g. SELinux,Systrace.
Advantages:strict control overinformation flowstrong exploitcontainment
Disadvantages:major usability problemscumbersomeadministration
Discretionary access control (DAC)
Access control is carried out by a resource owner.By associating ownership with principals, access rights areeasily transferred to other subjects.Deployed in a majority of common systems.
Advantages:simple and efficientaccess rightsmanagementscalability
Disadvantages:intentional abuse of accessrightsunintentional abuse ofaccess rightsno control over informationflow
Role based access control (RBAC)
RBAC attempt to handle the complexity of access control byextensive used of abstractions:
Data types are defined for all objects.Procedures are high level access control methods with amore complex semantics than elementary access controlrights. Procedures can be only applied to certain data types.Procedures are grouped into roles assigned to users. A usercan have more than one role and more than one user canhave the same role.Role hierarchies can be used to match natural relationsbetween roles.
Example: A Lecturer can create a role Student and give it aprivilege “read course material”.
Summary
Passwords and shared secrets are the most common toolsfor user authentication.⇒ limited security (cracking) and usability (forgetting,
management)⇒ alternatives: biometrics and smart cards
Single sign-on methods such as Kerberos provide means forautomating authentication in large distributed environments.⇒ single point of failure
Access control is based on the notion of the access matrixand its approximations (ACS, capabilities) and abstraction(groups, roles).