Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security of Web Applications

Similar presentations


Presentation on theme: "Security of Web Applications"— Presentation transcript:

1 Security of Web Applications
Ladislav Hudec Faculty of Electrical Engineering and Information Technology Slovak University of Technology, Bratislava prepared for SOFSEM 2001, November 26, 2001, Piešťany Doc. Ing. Ladislav Hudec, CSc., CISA

2 Agenda 1. Security services and technologies
2. Web security considerations 3. Network security 4. IPSec - IP Secure protocol 5. SSL - Secure Socket Layer Protocol 6. Firewalls 7. References Doc. Ing. Ladislav Hudec, CSc., CISA

3 security is not built into IT security is always an afterbought
An organization faces numerous challenges in implementing appropriate security controls to secure its systems and information. The basic challenges are as : security is not built into IT security is always an afterbought lack of management commitment immaturity of software processes. Doc. Ing. Ladislav Hudec, CSc., CISA

4 Security services and technologies
New IT systems have incorporated a defined set of controls to ensure their security. Web applications (e.g. e-commerce) are no different in that regard and require the same set of security controls. The primary security controls are: Confidentiality Access control (autentication and authorization) Integrity Availability Nonrepudiation. Doc. Ing. Ladislav Hudec, CSc., CISA

5 Confidentiality refers to the protection of information from unauthorized disclosure to a person or computing entity. Cryptography enables confidentiality and protects data. Access control (autentication and authorization) autenticates the identity of the entity trying to access a computing resource, and controls the use of computing resource per predetermined levels of entitlement. Authentication by static password, token, one time password, biometrics autentication, public and private key autentication. Integrity controls protect the data/or computing resource from any intentional or unintentional tampering. It is ensured by cryptography, hash function and proper access control. (antivirus software, signing the mobile code). Doc. Ing. Ladislav Hudec, CSc., CISA

6 Availability refers to the continuity of IT processing and the availability of information. Adequate configuration of the system and controlled processes and procedures guards against denial of services attack. Nonrepudiation controls ensure that users cannot deny actions they undertook. Other organizations require their users to read and agree to business agreements that hold users aaccountable to their authentication tokens. Transactions entered through those passwords are thus a user‘s sole responsibility. Doc. Ing. Ladislav Hudec, CSc., CISA

7 Web security considerations
Web presents new challenges (not generally appreciated) in the context of computer and network security: the Internet is two way the web is increasingly serving as a highly visible outlet although web browsers are very easy to use, web servers are relatively easy to configure and manage, the web content is increasingly easy to develop, the underlying software is extraordinarily complex a web server can be exploited as a launching pad for attack on corporation’s internal network causual and untrained (in security matters) users are common clients for web based services. Doc. Ing. Ladislav Hudec, CSc., CISA

8 Web security threats Integrity: Doc. Ing. Ladislav Hudec, CSc., CISA

9 Web security threats Confidentiality:
Doc. Ing. Ladislav Hudec, CSc., CISA

10 Web security threats Denial of services:
Doc. Ing. Ladislav Hudec, CSc., CISA

11 Web security threats Authentication:
Doc. Ing. Ladislav Hudec, CSc., CISA

12 Network security Another way to classify web security threats is in terms of the location of the threat: web server web browser network traffic between browser and server. Issues of server and browser security fall into the category of computer system security. Issues of network traffic between server and browser fall into the category network security. Doc. Ing. Ladislav Hudec, CSc., CISA

13 TCP/IP model of network architecture
Application layer - offers services to users, provides network management (TELNET, HTTP, SMTP, .. protocols) Transport layer - provides data flow between two end nodes of network. TCP protocol (reliable, with connection) a UDP (connectionless, unreliable) Network layer - provides packet transmission over network. IP protocol (connectionless, unreliable), ICMP protocol. Network interface layer - provides the same services as link and physical layer in RM OSI. Doc. Ing. Ladislav Hudec, CSc., CISA

14 IPSec - IP Secure protocol
IP/IPSec TCP HTTP FTP SMTP Ensures authentication, confidentiality and integrity of IP packets between two nodes (extensions of IP protocol) AH and EPS headers key and algorithm management according IKE (Internet Key Exchange) - combination of ISAKMP and Oakley creates a tunnel at the network layer Doc. Ing. Ladislav Hudec, CSc., CISA

15 IPSec - IP secure protocol
IPSec services Doc. Ing. Ladislav Hudec, CSc., CISA

16 SSL Change Cip. Spec Protocol SSL Handshake Protocol
SSL - Secure Socket Layer Protocol IP TCP SSL Record Protocol SSL Change Cip. Spec Protocol SSL Alert Protocol HTTP SSL Handshake Protocol SSL connection - is a transport (RM OSI) that provides suitable type of services. Every connection is associated with one session. SSL session - is an association between a client and a server. Sessions are created by the Handshake protocol (defines set of cryptographic security parameters, that can be shared among multiple connections). Doc. Ing. Ladislav Hudec, CSc., CISA

17 SSL - Secure Socket Layer Protocol
SSL Record Protocol - provides two services for SSL connections confidentiality - handshake protocol defines shared secret key for encryption of SSL payloads integrity - handshake protocol defines shared secret key to form message authentication code MAC Operations of SSL Record Protocol fragment compress add MAC encryption Doc. Ing. Ladislav Hudec, CSc., CISA

18 SSL - Secure Socket Layer Protocol
Change Cipher Spec Protocol uses the SSL Record protocol is the simplest of SSL protocols only single byte message with value 1 and causes the pending state to be copied into the current state (updates cipher suite to be used in this connection). Doc. Ing. Ladislav Hudec, CSc., CISA

19 SSL - Secure Socket Layer Protocol
Alert Protocol used to convey SSL-related alerts to the peer entity two types of alerts: warning and fatal in the case of fatal alert SSL immediately terminates the connection (the other connections of the session can continue but no new one is established) Doc. Ing. Ladislav Hudec, CSc., CISA

20 SSL - Secure Socket Layer Protocol
Handshake Protocol the most complex part of SSL allows server and client to authenticate each other negotiates an encryption and MAC algorithm and cryptographic keys to be used to protect data sent in an SSL is used before any application data are transmitted consists of four phases Doc. Ing. Ladislav Hudec, CSc., CISA

21 SSL - Secure Socket Layer Protocol
Handshake Protocol, Phase 1- Establish Security Capabilities Client Server client_hello Establishes security capabilities, including protocol version, session ID, cipher suite, compression method, and initial random numbers server_hello Time Doc. Ing. Ladislav Hudec, CSc., CISA

22 SSL - Secure Socket Layer Protocol
Handshake Protocol, Phase 2-Server Authentication and Key Exchange Client Server certificate Server may send certificate, key exchange and request certificate. Server signals end of hello message phase. Dotted transfers are optional or situation-dependent messages that are not always sent server_key_exchange certificate_request server_hello_done Time Doc. Ing. Ladislav Hudec, CSc., CISA

23 SSL - Secure Socket Layer Protocol
Handshake Protocol, Phase 3-Client Authentication and Key Exchange Client Server certificate Client sends certificate, if requested. Client sends key exchange. Client may send certificate verification. Dotted transfers are optional or situation-dependent messages that are not always sent client_key_exchange certificate_verify Time Doc. Ing. Ladislav Hudec, CSc., CISA

24 SSL - Secure Socket Layer Protocol
Handshake Protocol, Phase 4-Finish Client Server change_cipher_spec Changes cipher suite and finishes handshake protocol. finished change_cipher_spec finished Time Doc. Ing. Ladislav Hudec, CSc., CISA

25 SSL - Secure Socket Layer Protocol
Supported key exchange methods: RSA - secret key is encrypted with the receiver’s RSA public key (receiver’s certificate available) fixed Diffie-Hellman - server’s certificate contains the D-H public parameters ephemeral Diffie-Hellman - the D-H public keys are exchanged, signed using the sender’s private RSA or DSS key anonymous Diffie-Hellman - base D-H algorithm is used with no authentication Fortezza Doc. Ing. Ladislav Hudec, CSc., CISA

26 SSL - Secure Socket Layer Protocol
Supported cipher algorithms: RC4, RC2, DES, 3DES, DES40, IDEA, Fortezza Supported MAC algorithms: MD5, SHA-1 Transport Layer Security (TLS) is an IETF standardisation initiative for producing an Internet standard version of SSL. (Current version of TLS is very similar to SSLv3.) Doc. Ing. Ladislav Hudec, CSc., CISA

27 Outer untrusted network (Internet, other LAN) Inner protected network
Firewalls Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Firewall Doc. Ing. Ladislav Hudec, CSc., CISA

28 Definition of firewall
Firewall is a collection of components placed between two networks that collectively have the following properties: all traffic from inside to outside, and vice versa, must pass through the firewall only authorised traffic, as defined by the local security policy, will be allowed to pass the firewall itself is immune to penetration. Doc. Ing. Ladislav Hudec, CSc., CISA

29 Level of firewall operation
Application specific proxy In circuit proxy Packet filter Doc. Ing. Ladislav Hudec, CSc., CISA

30 Packet filter is a multiported internetworking device applying a set of rules to each incoming IP packet for deciding whether it will be forwarded or dropped filtering is based on information found in packet headers (protocol numbers, source and destination IP addresses, source and destination port numbers, TCP connection flags, other options) routers supporting packet filtering - screening routers static packet filtering - stateless inspection (FTP session) dynamic packet filtering - stateful inspection implementation of high level security policy to filtering rules? Doc. Ing. Ladislav Hudec, CSc., CISA

31 Circuit level gateways
the idea of circuit level gateway is fundamentally different from packet filtering it takes a TCP connection request from the client, authenticates and authorises the client, and establishes a second TCP connection to the origin server on the client’s behalf after having successfully established this second TCP connection, gateway simply relays data forth and back between the two connections implementation by SOCKS SOCKS follows a customised client approach (it requires customisation and modification to client software, no change is usually required to user procedures) Doc. Ing. Ladislav Hudec, CSc., CISA

32 Circuit level gateway (in circuit proxy) firewall
http server Outer untrusted network (Internet, other LAN) http client Inner protected network (LAN) Telnet server Telnet client SOCKS Other application Other application Doc. Ing. Ladislav Hudec, CSc., CISA

33 Application level gateways
is conceptually similar to a circuit level gateway (application level gateway understands the application protocol being relayed, whereas the second is generic and not application specific) when a client contacts gateway using some application protocol (Telnet, FTP, HTTP,..), the gateway asks for some valid user authentication and authorisation information for valid users gateway either connects itself to a preconfigured remote system (SMTP server) or asks the user to enter the name of a remote system to be accessed on the user’s behalf after having established the second TCP connection, gateway fully controls data stream that is relayed between the two connections Doc. Ing. Ladislav Hudec, CSc., CISA

34 Application level gateways (Application specific proxy) firewall
Outer untrusted network (Internet, other LAN) http server http client Inner protected network (LAN) Telnet server Telnet client Http proxy Telnet proxy Other proxy Other clients Other servers Doc. Ing. Ladislav Hudec, CSc., CISA

35 Firewalls configurations
firewall system consists of packet filters and application gateways (circuit or application level) There are many possibilities to combine these components in firewall configurations. The most commonly used configurations in practise today dual homed firewalls screened subnet firewalls. Doc. Ing. Ladislav Hudec, CSc., CISA

36 Dual homed firewalls bastion host with two network interfaces
IP forwarding and routing capabilities are disabled, IP packets can no longer be routed between the two networks segments screening router is typically placed between bastion host and Internet (ensuring that any IP packets arriving from Internet is correctly addressed to the bastion host) outer network segment can host specialised systems (information and network access servers) this configuration can be replicated for performance reason - parallel dual homed firewall simple and secure configuration Doc. Ing. Ladislav Hudec, CSc., CISA

37 The architecture of dual homed firewall configuration
Bastion host (Application gateway) Outer untrusted network (Internet, other LAN) Inner protected network (LAN) Screening router Router Outer network segment Inner network segment Doc. Ing. Ladislav Hudec, CSc., CISA

38 Screened subnet firewalls
bastion host with one network interfaces on outer network segment two screening routers used to create outer network segment called screened subnet or demilitarised zone outer network segment can host application gateways running on one or more bastion hosts, as well as some additional servers that require carefully controlled Internet access two screening routers provide redundancy (attacker should subvert two routers in order to reach internal machines) Doc. Ing. Ladislav Hudec, CSc., CISA

39 Screened subnet firewalls
servers on the outer network segment could be the only systems seen from the Internet (no other system name would be known to DNS database) some services could passed around the bastion host and the corresponding application gateways Doc. Ing. Ladislav Hudec, CSc., CISA

40 The architecture of a screened subnet firewall configuration
Bastion host (Application gateway) Inner protected network (LAN) Screening router Outer untrusted network (Internet, other LAN) Demilitarised zone Screening router Outer network segment Doc. Ing. Ladislav Hudec, CSc., CISA

41 OPPLIGER, R.: Internet and Intranet Security. Artech House, 1998
References OPPLIGER, R.: Security Technologies for the World Wide Web. Artech House, 2000, ISBN OPPLIGER, R.: Internet and Intranet Security. Artech House, 1998 STEIN, L.D.: Web Security: A Step by Step Reference. Addison-Wesley, Reading, MA, 1998 TANENBAUM, A.S.: Computer Networks. 3rd Edition, Prentice Hall, 1996 CHESWICK, W.R., BELLOWIN, S.M.: Firewalls and Internet Security: Repelling the Wili Hacker, Addison-Wesley, Reading, MA, 1994, 2000 SCHUBA, C.L.: On The Modeling, Design, and Implementation of Firewall Technology. PhD Thesis, Purdue University, December 1997 Doc. Ing. Ladislav Hudec, CSc., CISA

42 Request For Comments – RFC
References Request For Comments – RFC RFC2316, Report of the IAB Security Architecture Workshop, April 1998 RFC2068, Hypertext Transfer Protocol – HTTP/1.1, January 1997 RFC2069, Extension to HTTP: Digest Access Authentication, January 1997 RFC1929, Username/Password Authentication for SOCKS V5, June 1996 RFC2138, Remote Authentication Dial In User Service (RADIUS), April 1997 RFC2401, Security Architecture for the Internet Protocol, November 1998 RFC2402, IP Authentication Header, November 1998 RFC2406, IP Encapsulating Security Payload (ESP), November 1998 RFC2408, Internet Security Association and Key Management Protocol (ISAKMP), November 1998 RFC2409, The Internet Key Exchange (IKE), November 1998 RFC2246, The TLS Protocol Version 1.0, January 1999 Doc. Ing. Ladislav Hudec, CSc., CISA

43 THANK YOU FOR YOUR ATTENTION
Doc. Ing. Ladislav Hudec, CSc., CISA


Download ppt "Security of Web Applications"

Similar presentations


Ads by Google