Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody
What do we want to protect? Services and data offered by the computer systems.
Types of Threats Interception Interruption Modification Fabrication
Security Mechanisms Encryption Authentication Authorization Auditing
Security Policy To properly use security mechanisms a security policy is needed A security policy helps in understanding what exactly needs to be protected and what the assumptions are with respect to security e.g. Operations between entities in different domains require mutual authentication Controlling access to resources in multiple administrative domains is subject to local security only
Layering of Security Mechanisms (1) The layer in which security mechanisms are placed depends on the trust a client has in how secure the services are in a particular layer
Layering of Security Mechanisms (2) Several sites connected through a wide-area backbone service.
Cryptography Cryptography functions –Secret key (e.g., DES) –Public key (e.g., RSA) –Message digest (e.g., MD5) Security services –Privacy: preventing unauthorized release of information –Authentication: verifying identity of the remote participant –Integrity: making sure message has not been altered Security Cryptography algorithms Public key (e.g., RSA) Secret key (e.g., DES) Message digest (e.g., MD5) Security services AuthenticationPrivacyMessage integrity
Secret Key (DES) Plaintext Encrypt with secret key Ciphertext Plaintext Decrypt with secret key
Public Key (RSA) Plaintext Encrypt with public key Ciphertext Plaintext Decrypt with private key
Message Digest Cryptographic checksum –just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message. One-way function –given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Relevance –if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given.
Intruders and eavesdroppers in communication.
Notation Description K A, B Secret key shared by A and B Public key of A Private key of A
Authentication Authentication based on a shared secret key.
Authentication Using a Key Distribution Center (1) The principle of using a KDC.
Authentication Using a Key Distribution Center (2) Using a ticket and letting Alice set up a connection to Bob.
Authentication Using Public-Key Cryptography Mutual authentication in a public-key cryptosystem.
Message Integrity Messages are protected against modification e.g. sale Non Repudiation
Digital Signatures (1) Digital signing a message using public-key cryptography.
Digital Signatures (2) Digitally signing a message using a message digest.
Key Distribution Certificate –special type of digitally signed document: “I certify that the public key in this document belongs to the entity named in this document, signed X.” –the name of the entity being certified –the public key of the entity –the name of the certified authority –a digital signature Certified Authority (CA) –administrative entity that issues certificates –useful only to someone that already holds the CA’s public key.
Key Distribution (cont) Chain of Trust –if X certifies that a certain public key belongs to Y, and Y certifies that another public key belongs to Z, then there exists a chain of certificates from X to Z –someone that wants to verify Z’s public key has to know X’s public key and follow the chain
Example Systems:SSL Secure Sockets layer
Protection Domains The hierarchical organization of protection domains as groups of users.
Firewalls A common implementation of a firewall.