Presentation on theme: "MMC Security Issues James A. Rome Oak Ridge National Laboratory"— Presentation transcript:
MMC Security Issues James A. Rome Oak Ridge National Laboratory
Elements of security zConfidentiality: Disclosure of information only to authorized entities zIntegrity: Prevention of unauthorized changes to data zAuthenticity: Confidence that a message was sent by a certain party and not an imposter zAvailability: Guarantee of access to resources
Security is vital on the Web zWe are putting valuable and complicated facilities online zThe data generated using these facilities may be proprietary If security “gets in the way” it will not be used If security is too weak, valuable assets at risk.
What sort of threats are there? zDirect attacks on facilities zTheft of data (often undetected) zSubtle changes to data (often undetected) zDenial of service Remove the ability of legitimate users to access the facility wFlooding the network with traffic wImpersonating the user wChanging routers w....
MMC Approach to security An X.509 certificate binds a user’s public key to his identity and is digitally signed by a (trusted) certificate authority. zStrong authentication via client and server X.509 certificates. wOne-time user login to activate user’s private key wKey can be exported and used for S/MIME encrypted and other applications wWe hope to use this security context (the user’s keys) to provide strong authorization
Entrust certificates zEntrust certificates contain two key pairs wsigning key wescrowed encrypting key zEntrust will have a plugin for Netscape that replaces Netscape’s certificate protocols with calls to the Entrust certificate server zThe Web’s SSL protocol will be used to encrypt all HTML traffic between the user and server. zThe same security context can be used for “Entrust aware applications”
Strong authorization Authority certificates bind a user’s public key to an authority to do something and are digitally signed by the owner of the resource. (LBNL) Collections of these certificates can be used (in programs) to describe very complicated policies. To use an online microscope, certificates might be: wtraining certification wpayment proof wreservation w...
MMC application zSecure a Web-based prototype Client and server certificates — authentication wSSL encryption wHost data protection via directory access zUse the Entrust security context to wEncrypt communication channels wCreate secure control applications wCreate certificate issuing programs zCreate a security services engine
Architecture requirements zApplications need to know who the user is at all times wmust keep track of the public key zUser must be able to access his private key to sign things zControl applications need to call security services before each new control is enabled zData must be encrypted in transmission, and maybe in storage