Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc. Ing. Ladislav Hudec, CSc., CISA Security of Web Applications Ladislav Hudec Faculty of Electrical Engineering and Information Technology Slovak University.

Similar presentations


Presentation on theme: "Doc. Ing. Ladislav Hudec, CSc., CISA Security of Web Applications Ladislav Hudec Faculty of Electrical Engineering and Information Technology Slovak University."— Presentation transcript:

1 Doc. Ing. Ladislav Hudec, CSc., CISA Security of Web Applications Ladislav Hudec Faculty of Electrical Engineering and Information Technology Slovak University of Technology, Bratislava prepared for SOFSEM 2001, November 26, 2001, Piešťany

2 Doc. Ing. Ladislav Hudec, CSc., CISA Agenda 1. Security services and technologies 2. Web security considerations 3. Network security 4. IPSec - IP Secure protocol 5. SSL - Secure Socket Layer Protocol 6. Firewalls 7. References

3 Doc. Ing. Ladislav Hudec, CSc., CISA An organization faces numerous challenges in implementing appropriate security controls to secure its systems and information. The basic challenges are as : security is not built into IT security is always an afterbought lack of management commitment immaturity of software processes.

4 Doc. Ing. Ladislav Hudec, CSc., CISA Security services and technologies New IT systems have incorporated a defined set of controls to ensure their security. Web applications (e.g. e-commerce) are no different in that regard and require the same set of security controls. The primary security controls are: Confidentiality Access control (autentication and authorization) Integrity Availability Nonrepudiation.

5 Doc. Ing. Ladislav Hudec, CSc., CISA Confidentiality refers to the protection of information from unauthorized disclosure to a person or computing entity. Cryptography enables confidentiality and protects data. Access control (autentication and authorization) autenticates the identity of the entity trying to access a computing resource, and controls the use of computing resource per predetermined levels of entitlement. Authentication by static password, token, one time password, biometrics autentication, public and private key autentication. Integrity controls protect the data/or computing resource from any intentional or unintentional tampering. It is ensured by cryptography, hash function and proper access control. (antivirus software, signing the mobile code).

6 Doc. Ing. Ladislav Hudec, CSc., CISA Availability refers to the continuity of IT processing and the availability of information. Adequate configuration of the system and controlled processes and procedures guards against denial of services attack. Nonrepudiation controls ensure that users cannot deny actions they undertook. Other organizations require their users to read and agree to business agreements that hold users aaccountable to their authentication tokens. Transactions entered through those passwords are thus a user‘s sole responsibility.

7 Doc. Ing. Ladislav Hudec, CSc., CISA Web security considerations Web presents new challenges (not generally appreciated) in the context of computer and network security: the Internet is two way the web is increasingly serving as a highly visible outlet although web browsers are very easy to use, web servers are relatively easy to configure and manage, the web content is increasingly easy to develop, the underlying software is extraordinarily complex a web server can be exploited as a launching pad for attack on corporation’s internal network causual and untrained (in security matters) users are common clients for web based services.

8 Doc. Ing. Ladislav Hudec, CSc., CISA Web security threats Integrity:

9 Doc. Ing. Ladislav Hudec, CSc., CISA Web security threats Confidentiality:

10 Doc. Ing. Ladislav Hudec, CSc., CISA Web security threats Denial of services:

11 Doc. Ing. Ladislav Hudec, CSc., CISA Web security threats Authentication:

12 Doc. Ing. Ladislav Hudec, CSc., CISA Network security Another way to classify web security threats is in terms of the location of the threat: web server web browser network traffic between browser and server. Issues of server and browser security fall into the category of computer system security. Issues of network traffic between server and browser fall into the category network security.

13 Doc. Ing. Ladislav Hudec, CSc., CISA TCP/IP model of network architecture Application layer - offers services to users, provides network management (TELNET, HTTP, SMTP,.. protocols) Transport layer - provides data flow between two end nodes of network. TCP protocol (reliable, with connection) a UDP (connectionless, unreliable) Network layer - provides packet transmission over network. IP protocol (connectionless, unreliable), ICMP protocol. Network interface layer - provides the same services as link and physical layer in RM OSI.

14 Doc. Ing. Ladislav Hudec, CSc., CISA IP/IPSec TCP HTTPFTPSMTP IPSec - IP Secure protocol Ensures authentication, confidentiality and integrity of IP packets between two nodes (extensions of IP protocol) AH and EPS headers key and algorithm management according IKE (Internet Key Exchange) - combination of ISAKMP and Oakley creates a tunnel at the network layer

15 Doc. Ing. Ladislav Hudec, CSc., CISA IPSec - IP secure protocol IPSec services

16 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol IP TCP SSL Record Protocol SSL Change Cip. Spec Protocol SSL Alert Protocol HTTP SSL Handshake Protocol SSL connection - is a transport (RM OSI) that provides suitable type of services. Every connection is associated with one session. SSL session - is an association between a client and a server. Sessions are created by the Handshake protocol (defines set of cryptographic security parameters, that can be shared among multiple connections).

17 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol SSL Record Protocol - provides two services for SSL connections confidentiality - handshake protocol defines shared secret key for encryption of SSL payloads integrity - handshake protocol defines shared secret key to form message authentication code MAC Operations of SSL Record Protocol fragment compress add MAC encryption

18 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Change Cipher Spec Protocol uses the SSL Record protocol is the simplest of SSL protocols only single byte message with value 1 and causes the pending state to be copied into the current state (updates cipher suite to be used in this connection).

19 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Alert Protocol used to convey SSL-related alerts to the peer entity two types of alerts: warning and fatal in the case of fatal alert SSL immediately terminates the connection (the other connections of the session can continue but no new one is established)

20 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Handshake Protocol the most complex part of SSL allows server and client to authenticate each other negotiates an encryption and MAC algorithm and cryptographic keys to be used to protect data sent in an SSL is used before any application data are transmitted consists of four phases

21 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Handshake Protocol, Phase 1- Establish Security Capabilities server_hello client_hello ClientServer Time Establishes security capabilities, including protocol version, session ID, cipher suite, compression method, and initial random numbers

22 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Handshake Protocol, Phase 2-Server Authentication and Key Exchange certificate_request ClientServer Time Server may send certificate, key exchange and request certificate. Server signals end of hello message phase. Dotted transfers are optional or situation-dependent messages that are not always sent certificate server_key_exchange server_hello_done

23 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Handshake Protocol, Phase 3-Client Authentication and Key Exchange certificate_verify ClientServer Time Client sends certificate, if requested. Client sends key exchange. Client may send certificate verification. Dotted transfers are optional or situation-dependent messages that are not always sent certificate client_key_exchange

24 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Handshake Protocol, Phase 4-Finish ClientServer Time Changes cipher suite and finishes handshake protocol. change_cipher_spec finished change_cipher_spec

25 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Supported key exchange methods: RSA - secret key is encrypted with the receiver’s RSA public key (receiver’s certificate available) fixed Diffie-Hellman - server’s certificate contains the D-H public parameters ephemeral Diffie-Hellman - the D-H public keys are exchanged, signed using the sender’s private RSA or DSS key anonymous Diffie-Hellman - base D-H algorithm is used with no authentication Fortezza

26 Doc. Ing. Ladislav Hudec, CSc., CISA SSL - Secure Socket Layer Protocol Supported cipher algorithms: RC4, RC2, DES, 3DES, DES40, IDEA, Fortezza Supported MAC algorithms: MD5, SHA-1 Transport Layer Security (TLS) is an IETF standardisation initiative for producing an Internet standard version of SSL. (Current version of TLS is very similar to SSLv3.)

27 Doc. Ing. Ladislav Hudec, CSc., CISA Firewalls Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Firewall

28 Doc. Ing. Ladislav Hudec, CSc., CISA Definition of firewall Firewall is a collection of components placed between two networks that collectively have the following properties: all traffic from inside to outside, and vice versa, must pass through the firewall only authorised traffic, as defined by the local security policy, will be allowed to pass the firewall itself is immune to penetration.

29 Doc. Ing. Ladislav Hudec, CSc., CISA Level of firewall operation Packet filter Application specific proxy In circuit proxy

30 Doc. Ing. Ladislav Hudec, CSc., CISA Packet filter is a multiported internetworking device applying a set of rules to each incoming IP packet for deciding whether it will be forwarded or dropped filtering is based on information found in packet headers (protocol numbers, source and destination IP addresses, source and destination port numbers, TCP connection flags, other options) routers supporting packet filtering - screening routers static packet filtering - stateless inspection (FTP session) dynamic packet filtering - stateful inspection implementation of high level security policy to filtering rules?

31 Doc. Ing. Ladislav Hudec, CSc., CISA Circuit level gateways the idea of circuit level gateway is fundamentally different from packet filtering it takes a TCP connection request from the client, authenticates and authorises the client, and establishes a second TCP connection to the origin server on the client’s behalf after having successfully established this second TCP connection, gateway simply relays data forth and back between the two connections implementation by SOCKS SOCKS follows a customised client approach (it requires customisation and modification to client software, no change is usually required to user procedures)

32 Doc. Ing. Ladislav Hudec, CSc., CISA Circuit level gateway (in circuit proxy) firewall Outer untrusted network (Internet, other LAN) Inner protected network (LAN) In circuit proxy SOCKS http server Telnet client Other application http client Other application Telnet server

33 Doc. Ing. Ladislav Hudec, CSc., CISA Application level gateways is conceptually similar to a circuit level gateway (application level gateway understands the application protocol being relayed, whereas the second is generic and not application specific) when a client contacts gateway using some application protocol (Telnet, FTP, HTTP,..), the gateway asks for some valid user authentication and authorisation information for valid users gateway either connects itself to a preconfigured remote system (SMTP server) or asks the user to enter the name of a remote system to be accessed on the user’s behalf after having established the second TCP connection, gateway fully controls data stream that is relayed between the two connections

34 Doc. Ing. Ladislav Hudec, CSc., CISA Application level gateways (Application specific proxy) firewall Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Application specific proxy http client Telnet server Other servers Telnet client Other clients http server Http proxy Telnet proxy Other proxy

35 Doc. Ing. Ladislav Hudec, CSc., CISA Firewalls configurations firewall system consists of packet filters and application gateways (circuit or application level) There are many possibilities to combine these components in firewall configurations. The most commonly used configurations in practise today dual homed firewalls screened subnet firewalls.

36 Doc. Ing. Ladislav Hudec, CSc., CISA Dual homed firewalls bastion host with two network interfaces IP forwarding and routing capabilities are disabled, IP packets can no longer be routed between the two networks segments screening router is typically placed between bastion host and Internet (ensuring that any IP packets arriving from Internet is correctly addressed to the bastion host) outer network segment can host specialised systems (information and network access servers) this configuration can be replicated for performance reason - parallel dual homed firewall simple and secure configuration

37 Doc. Ing. Ladislav Hudec, CSc., CISA The architecture of dual homed firewall configuration Bastion host (Application gateway) Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Router Screening router Inner network segment Outer network segment

38 Doc. Ing. Ladislav Hudec, CSc., CISA Screened subnet firewalls bastion host with one network interfaces on outer network segment two screening routers used to create outer network segment called screened subnet or demilitarised zone outer network segment can host application gateways running on one or more bastion hosts, as well as some additional servers that require carefully controlled Internet access two screening routers provide redundancy (attacker should subvert two routers in order to reach internal machines)

39 Doc. Ing. Ladislav Hudec, CSc., CISA Screened subnet firewalls servers on the outer network segment could be the only systems seen from the Internet (no other system name would be known to DNS database) some services could passed around the bastion host and the corresponding application gateways

40 Doc. Ing. Ladislav Hudec, CSc., CISA The architecture of a screened subnet firewall configuration Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Screening router Demilitarised zone Bastion host (Application gateway) Outer network segment

41 Doc. Ing. Ladislav Hudec, CSc., CISA References OPPLIGER, R.: Security Technologies for the World Wide Web. Artech House, 2000, ISBN OPPLIGER, R.: Internet and Intranet Security. Artech House, 1998 STEIN, L.D.: Web Security: A Step by Step Reference. Addison-Wesley, Reading, MA, 1998 TANENBAUM, A.S.: Computer Networks. 3 rd Edition, Prentice Hall, 1996 CHESWICK, W.R., BELLOWIN, S.M.: Firewalls and Internet Security: Repelling the Wili Hacker, Addison-Wesley, Reading, MA, 1994, 2000 SCHUBA, C.L.: On The Modeling, Design, and Implementation of Firewall Technology. PhD Thesis, Purdue University, December 1997

42 Doc. Ing. Ladislav Hudec, CSc., CISA References Request For Comments – RFC RFC2316, Report of the IAB Security Architecture Workshop, April 1998 RFC2068, Hypertext Transfer Protocol – HTTP/1.1, January 1997 RFC2069, Extension to HTTP: Digest Access Authentication, January 1997 RFC1929, Username/Password Authentication for SOCKS V5, June 1996 RFC2138, Remote Authentication Dial In User Service (RADIUS), April 1997 RFC2401, Security Architecture for the Internet Protocol, November 1998 RFC2402, IP Authentication Header, November 1998 RFC2406, IP Encapsulating Security Payload (ESP), November 1998 RFC2408, Internet Security Association and Key Management Protocol (ISAKMP), November 1998 RFC2409, The Internet Key Exchange (IKE), November 1998 RFC2246, The TLS Protocol Version 1.0, January 1999

43 Doc. Ing. Ladislav Hudec, CSc., CISA THANK YOU FOR YOUR ATTENTION


Download ppt "Doc. Ing. Ladislav Hudec, CSc., CISA Security of Web Applications Ladislav Hudec Faculty of Electrical Engineering and Information Technology Slovak University."

Similar presentations


Ads by Google