introduction to computer and network securitymsakr/15129-f10/docs...is there a silver bullet?...
TRANSCRIPT
Still want to play?
➢ What about this one?
Computer Security, it's all about curiosity and imagination
Let me hack the discussion ...
Computer security is all about hacking. So learning about computer security, it's learning how to do attacks!
Yes, we are going to study some attacksBut NO, security is not about hacking ....
... it's more than that!
Yes but ....
But, I really really want to be a hacker,tell me what should I learn?
To be a hacker, you should learn what is in15-21315-21215-25115-34915-44115-45115-447and so on ...
and spend your free time at the library!
Lucky you of being Carnegie Mellon Students!!
So what is hacking?
Doing an attack that you learned IS NOT hacking ...... it's knowing how to use Google!
Hacking is
- knowing and understanding all the details about a system, its about been curious
- using the system in a way that nobody have thought,it's about been imaginative
Learning computer and network security
➢ What we learn in 15-349Introduction to computer and network security
• We show you that some people think outside of the box: hackers and security experts
• We show you where is the risk and how to be “security aware”
• We show you attacks and explain how and why they works• We show you how to protect your system and lower the risk
of attacks➢ ... and we have fun during recitations
• Movies, games and real hacking :)
Check out the webpage: www.qatar.cmu.edu/cs/15349/
What is security?
Computer Security
Cryptography
Law
Operatingsystems
Mathematics
Networking
Programminglanguages
Economics
Psychology
Humancomputer
interaction
➢ Lowering the risk or preventing that something bad can happen
Let's play a game
➢ Threat• “Someone can break into my apartment and
steal or destroy my stuff”
➢ Attacks and Counter-measures• I have a basic protection, but worse things can
happen, help me to fnd what and how to mitigate them
My apartment and its basic protection
Classic Wooden door with a 3 points lock
On the balcony (2nd floor), PVC windows with a single
point lock
What do we learn from the game
➢ You never prevent a threat• .... you lower the risk!
➢ Performing an attack is more or less diffcult• It's a balance between
• the assets that you want to protect• the efforts an attacker will make
➢ Deploying a counter-measures has a cost• It's a balance between
• the cost of recovering from the attack • the cost of a deploying a protection mechanism
Do your own risk analysis
➢ How important are the data in your laptop?• What if someone accesses, copies, distributes
modifes, deletes my data?• What if the system is down or not working well?
➢ But your information is larger than just your laptop, what about ...• the other machines you are using? Your (i)phone
and other digital devices? • your CMU account, your Gmail address, your MSN,
your Facebook?
Now, let's talk about us
Iliano Cervesato
Thierry Sans
● Verifcation of security protocols● Foundations of Programming Languages
● Access Control and Information Flow● Managing Digital Rights
● Web Application Security
Security issues on the Web
source “Web Application Security Statistics 2008”from The Web Application Security Consortium
Cross-Site Scripting Attacks (XSS)
“Twitter has put a stop to a worm that posted obscene messages to victims' Twitter feeds. It's the second worm attack the site has suffered in a week.”
“Twitter has been hit with an attack as the result of a flaw in the site's coding. Last week it closed a cross-site scripting (XSS) flaw that could allow an attacker to steal data.”
source PC World - September 27 2010
Information Leakage
“AT&T Inc. apologized to Apple Inc. iPad 3G tablet computer users whose e-mail addresses were exposed during a security breach disclosed last week.”
“There’s no hack, no infiltration, and no breach, just a really poorly designed web application that returns e-mail address when ICCID is passed to it.”
source Business Week - June 14 2010
source Praetorian Prefect - June 9 2010
Design Secure Programming Languages
Qwesst – A programming language to develop secure web applications• Strongly typed and homogene between the client
and server
✔Protects against XSS Attacks• Language primitives to control data dessimination
and information fow
✔Protects against information leakage
22
Computer Security is a Big Field!
➢ We are going to look at a tiny speck
➢ Security Protocols
Computersecurity
SecurityProtocols
23
Protocols
Expected behaviors when engaging in communication
• When 2 people want to talk• Buying something at the souq• Driving conventions• Calling up your friend, …
• When interacting with an organization• Bureaucracy• Offcial visits by head of states, …
• …• When computers want to talk
24
Computer Protocols
➢ What sets them apart?• No human involved!
• Automated• Infexible• No common-sense
➢ What protocols are there in a computer?• Hundreds!• Communication protocols
• Email, http, Ethernet, …• Security protocols
25
Security Protocols
➢ Communication protocols ensure that communication actually happens
➢ Security protocols ensure that communication is not abused• Protect contents• Protect communicating parties• Protect intent of communication• Protect possibility of communication
26
Common Security Goals
➢ Confdentiality• Message cannot be observed in transit
• Achieved using some form of encryption
Secret Channel
27
Authentication
➢ Ensure that we are talking with who we think• Much more subtle
than secrecy• How to establish a secret
channel in the frst place• Negotiate parameters of channel• Ensure channel remains trusted
➢ Authentication protocols
28
Example: Kerberos
➢ Log in to your computer➢ Access other computers without
logging in again• Email, “i-drive”, printers, directory, …
… for 1 day
➢ Goals• Repeatedly authenticate a client to multiple servers• Transparent to user
➢ Ubiquitous
29
How Kerberos works
UserU Kerberos
ServiceS
ClientC
KAS TGS Server
Authenticate C for U
Credentials (TGT)
Want to use S; here’s the TGT
Credentials to use S (ST)
Want to use S; here’s the ST
Ok
Application messages
Acc
ess
requ
est
1st time
othertimes
Log on
ClientC
KAS TGS Server
Authenticate C for U
Credentials (TGT)
Want to use S; here’s the TGT
Credentials to use S (ST)
Want to use S; here’s the ST
Ok
Application messages
Acc
ess
requ
est
1st time
othertimes
Log on
30
Other Popular Protocols
➢ SSL / TLS protocol• Authenticates client to server• Encrypts communication
• HTTPS (secures web page)• Secure email download (POP3S, IMAPS)
➢ SSH protocol• PuTTY (Log to remote computer, copy fles, …)
➢ PGP• Send encrypted/authenticated email
• Enigmail
31
The Problem
➢ Security protocols are extremely hard to get right• Minuscule programs• Extremely complex interactions
• Bugs can take years to discover
• Generally it’s not the crypto• It’s the piping
32
Correctness vs. Security
➢ Correctness: satisfy specifcations• For reasonable inputs,
get reasonable output
➢ Security: resist attacks• For unreasonable inputs,
output not completely disastrous
Difference:• Random events vs. active attacker
33
Attacks
➢Got the piping wrong
✗ Attacker can breakauthentication
✗ Attacker can breaksecrecy of thechannel
34
Example: Kerberos
➢ Discovered 10 years after exchange was designed ➢ Immediately fxed in all implementations
C KASAuthenticate C for U
Credentials (TGT)
C IAuthenticate C for U
Credentials for C
KAS
Authenticate I for U
Credentials for I
✗ C believes he is talking to KAS✗ KAS believes he is talking to I✗ I knows the key that C obtained
from KAS