Presentation is loading. Please wait.

Presentation is loading. Please wait.

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

Published byPenelope Hampton Modified over 8 years ago

Similar presentations

Presentation on theme: "Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen."— Presentation transcript:

1 Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen

2 Cherubim Security System Java based security system for secure communication over networks Java based security system for secure communication over networks Developed at the UIUC Developed at the UIUC

3 Core Security Services Encryption: process to encode data to protect it from attacks in the network Encryption: process to encode data to protect it from attacks in the network Can be done with a variety of algorithms (such as IDEA or DES), modes (such as ECB- Electgronic Code Book, CFB-Cipher Feedback, or CBC-Cipher Block Chaining) and padding schemes (such as PKCS#5 or PKCS#7). Can be done with a variety of algorithms (such as IDEA or DES), modes (such as ECB- Electgronic Code Book, CFB-Cipher Feedback, or CBC-Cipher Block Chaining) and padding schemes (such as PKCS#5 or PKCS#7). Decryption: The opposite of encryption. Can be done with any of the above algorithms. Decryption: The opposite of encryption. Can be done with any of the above algorithms.

4 Core Security Services Digital Signature Digital Signature Electronic equivalent of a person’s signature Electronic equivalent of a person’s signature Used to verify that a document or a message really comes from a specific person Used to verify that a document or a message really comes from a specific person Can be done with algorithms such as RSA, DSA or El Gamal Can be done with algorithms such as RSA, DSA or El Gamal

5 Core Security Services Digital Signature Verification Digital Signature Verification Equivalent to comparing one’s signature to a reference copy Equivalent to comparing one’s signature to a reference copy If the signature verifies, the document or the message is assumed to be coming from the specified person If the signature verifies, the document or the message is assumed to be coming from the specified person Any of the above algorithms can be used Any of the above algorithms can be used

6 Core Security Services Secret Hashing Secret Hashing Process of transforming a document into a unique code that is relatively small, typically 128-256 bits Process of transforming a document into a unique code that is relatively small, typically 128-256 bits It is desirable to have unique codes for each document It is desirable to have unique codes for each document Cherubim supports several hashing algorithms such as SHA-1 and MD5 Cherubim supports several hashing algorithms such as SHA-1 and MD5

7 Core Security Services Secret Key Generation from a PassPhrase Secret Key Generation from a PassPhrase A secret key from a phrase that the user enters is generated using a hash algorithm A secret key from a phrase that the user enters is generated using a hash algorithm Used to store private keys and such private information on disk Used to store private keys and such private information on disk If the hashed secret is short, it is repeated to increase the size If the hashed secret is short, it is repeated to increase the size If it is long, the last blocks are xored with the first blocks If it is long, the last blocks are xored with the first blocks

8 Authentication and Key Negotiation Key negotiation is accomplished using Diffie-Hellman protocol. Key negotiation is accomplished using Diffie-Hellman protocol. Client sends a SignedDHMessage to the server. Client sends a SignedDHMessage to the server. The message contains: client’s part of the key exchange, destination of the message, a timestamp, the algorithm to generate the key and the length of the key The message contains: client’s part of the key exchange, destination of the message, a timestamp, the algorithm to generate the key and the length of the key The message is signed by the user’s private key The message is signed by the user’s private key Server verifies the signature, timestamp and destination. The timestamp gives a duration of 5 minutes of validity for each message Server verifies the signature, timestamp and destination. The timestamp gives a duration of 5 minutes of validity for each message Server sends a SignedDHMessage with the similar information Server sends a SignedDHMessage with the similar information Client verifies the signature, timestamp and destination Client verifies the signature, timestamp and destination Client and server generate a shared secret as described in the protocol Client and server generate a shared secret as described in the protocol Client and Server hash the secret into a secret session key Client and Server hash the secret into a secret session key Session key expires after 1 hour and the whole process repeated Session key expires after 1 hour and the whole process repeated

9 Diffie-Hellman Authentication Protocol Client a Session Key HASH g ab signature Server b Session Key g ab signature

10 Diffie Hellman Exchange Parameters Parameters g and p are hard coded into the system in order to prevent an attack using weak keys Parameters g and p are hard coded into the system in order to prevent an attack using weak keys p is a 2048 bit prime number p is a 2048 bit prime number g is another smaller prime number g is another smaller prime number

11 Classloader Hierarchy Primordial Classes: Java core classes and necessary cryptographic code Primordial Classes: Java core classes and necessary cryptographic code Jurassic Classes: The classes present on the user’s home machine. Jurassic Classes: The classes present on the user’s home machine. Active Capability Classes: Classes loaded by active capability loader. No more info in paper Active Capability Classes: Classes loaded by active capability loader. No more info in paper

12 Initial Booting of the System Client boots its OS and Java Virtual Machine Client boots its OS and Java Virtual Machine Cherubim does not consider security at this level Cherubim does not consider security at this level Focuses on network security Focuses on network security Local system should be careful about trojan horse OS or JVM and the authenticity of the java core classes Local system should be careful about trojan horse OS or JVM and the authenticity of the java core classes User runs the boot program form the smart card User runs the boot program form the smart card Boot program prompts for passphrase Boot program prompts for passphrase The channel between keyboard and JVM must be secure The channel between keyboard and JVM must be secure Passphrase is hashed into key Passphrase is hashed into key Key is used to decrypt the data on smart card Key is used to decrypt the data on smart card The memory access must be secure on local machine The memory access must be secure on local machine Client machine connects to user’s home machine Client machine connects to user’s home machine Client begins key negotiations with the home machine Client begins key negotiations with the home machine

13 Requesting Classes JurassicClassloader receives request for a class JurassicClassloader receives request for a class JurassicClassloader checks to see if the class is in cache JurassicClassloader checks to see if the class is in cache If so, return it If so, return it Else check if primordialClassloader can load it (i.e. is it in classpath?). If so, return it Else check if primordialClassloader can load it (i.e. is it in classpath?). If so, return it Else check if the session key expired. If so, negotiate and get new key Else check if the session key expired. If so, negotiate and get new key JurassicClassloader sends a SEClassRequest (signed, encrypted request) to the home server over existing socket JurassicClassloader sends a SEClassRequest (signed, encrypted request) to the home server over existing socket Server verifies the signature, timestamp, description and sequence number on the request message Server verifies the signature, timestamp, description and sequence number on the request message

14 Class Response Server loads the class from the disk to memory Server loads the class from the disk to memory Server sends the class to client (in encrypted form) Server sends the class to client (in encrypted form) JurassicClassloader verifies the signature, timestamp, destination and sequence number JurassicClassloader verifies the signature, timestamp, destination and sequence number JurassicClassloader adds the class to the cache JurassicClassloader adds the class to the cache Returns the class to the process Returns the class to the process

15 System Specific Message Digesting Message Digesting Default: SHA-1 Default: SHA-1 Alternatives: MD4, MD5, RIPE-MD 160 Alternatives: MD4, MD5, RIPE-MD 160 Digital Signatures Digital Signatures Default: SHA-1/RSA Default: SHA-1/RSA Alternatives: DSA, El Gamal Alternatives: DSA, El Gamal Session Keys Session Keys Default: IDEA Default: IDEA Alternatives: DES, Triple DES (3DES), Blowfish or SPEED Alternatives: DES, Triple DES (3DES), Blowfish or SPEED Passphrase Hashing Passphrase Hashing Default: SHA-1 Default: SHA-1

16 System Specific Character Encoding Character Encoding Default: UTF8 Default: UTF8 Symmetric Key for Writing to Storage Symmetric Key for Writing to Storage Default: IDEA Default: IDEA Diffie-Hellman Key Exchange Params Diffie-Hellman Key Exchange Params Hardcoded into system Hardcoded into system

17 Antigone: A Flexible Framework for Secure Group Communication by P.McDaniel, A.Prakash, P.Honeyman

18 What is Antigone? Middleware layer Middleware layer Provides flexible interfaces for defining policy in group applications Provides flexible interfaces for defining policy in group applications Applications can define and implement a wide range of policies Applications can define and implement a wide range of policies

19 Group Security Policies Session rekeying policy Session rekeying policy Application Message policy Application Message policy Membership policy Membership policy Process failure policy Process failure policy

20 Session rekeying policy Changes in group membership require the session to be rekeyed Changes in group membership require the session to be rekeyed Time-sensitive rekeying Time-sensitive rekeying Leave-sensitive rekeying Leave-sensitive rekeying Join-sensitive rekeying Join-sensitive rekeying Membership-sensitive rekeying Membership-sensitive rekeying

21 Application message (Data security) policy States the types of security guarantees required for application messages States the types of security guarantees required for application messages Types: integrity, confidentiality, group authenticity, sender authenticity Types: integrity, confidentiality, group authenticity, sender authenticity Vary from message to message Vary from message to message

22 Membership Policy What information about the membership is delivered to the group members What information about the membership is delivered to the group members Antigone does not support confidentiality of group membership because of the difficulties about hiding group membership from members and non-members Antigone does not support confidentiality of group membership because of the difficulties about hiding group membership from members and non-members

23 Process Failure Policy States a set of failures to be detected and the security to be applied to the failure detection mechanism States a set of failures to be detected and the security to be applied to the failure detection mechanism Need for secure failure detection to protect the group from the masking of process failures by an adversary Need for secure failure detection to protect the group from the masking of process failures by an adversary

24 Antigone Architecture

Download ppt "Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Web security: SSL and TLS

Web security: SSL and TLS
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Chapter 8 Web Security.

Chapter 8 Web Security.

Similar presentations

Ads by Google