Robert A. Keller, III
IA Instructor/ Writer
ROBERT KELLER
INSTRUCTOR STUDY GUIDE/ NOTES
This is a DRAFT ONLY. Not intended to be distributed, copied, or placed into circulation by anyone other than said author.DRAFT ONLY. FOR EDUCATIONAL PURPOSES ONLY!!!!!
Robert A. Keller, III
IA Instructor/ Writer
1
21-SEP-15
INSTRUCTOR NOTES:
CISSP (2015) – DOMAIN 5:
IDENTITY AND ACCESS MANAGEMENT
SUBJECT: An active entity that receives information about or data from a passive object, e.g., users, programs, processes, computers …. Basically anything that can ACCESS a resource.
OBJECT: A passive entity that always provides or hosts the information or data, e.g., files, DBs, computers, programs, processes, printers, and HDDs
*****************************************************************************************************
Auditing = tracking and recording subject/ user activities by using LOGS. Logs record the WHO, WHAT, WHERE, and WHAT of actions that have occurred (up to real-time). One or more logs engender an AUDIT TRAIL that researchers can utilize to reconstruct events and identify security incidents. When investigators review the contents of audit trails, they can provide evidence to hold people accountable for their actions.
***ACCOUNTABIITY relies on effective IDENTIFICATION and AUTHENTICATION, but does NOT require effective AUTHORIZATION. How is this so, one may ask? Well, after identifying and authenticating subjects/ users, accountability mechanisms such as audit logs can track their activity, even when they try to access resources that they aren’t authorized to access. (Sybex, p. 562; 2015).
ACCESS CONTROL = HW, SW, or administrative policies or procedures that control access to resources.
***********************************************************************************************
PASSWORD-BASED KEY DERIVATION FUNCTION 2 (PBKDF2) = Hashing algorithm; PWs are never stored on a system in plain/ cleartext, but rather, always “encrypted.” For example, when a user enters the PW for authentication, the system hashes the password and compares it to the stored password’s hash. If they are the same, the system authenticates the user.
***********************************************************************************************
Organizations include a written password policy in the overall security policy; Information Technology (IT) professionals then enforce said policy with technical controls such as a technical PW policy that enforces the password restriction requirements, which are likely to include the following:
1) Maximum Age: Requires users to change their passwords every X number of days; e.g., 30 days
2) Password Complexity: The English language comprises 26 upper case and lower case letters, a set of 10 numbers – 0 through 9 (decimal system), and a set of special characters. The complexity of a given PW is directly related to the number of different types of alphanumeric characters used (4 total) – 3 out of 4 recommended for a strong PW
3) Password Length: The number of alphanumeric characters used in a PW; e.g., ABC123$%^ab9 = PW Length = 9
PW Cracker can discover a complex 5 character PW is less than one second – yes, 1 (one) second – however, it may take thousands of years for a PW Cracker to break a 15 character complex password.
The RULE is: The LONGER the Password, the STRONGER the Password.
Robert A. Keller, III
IA Instructor/ Writer
2
4) Password History: Remembers a given number of previous passwords and prevents users from re-using a password in the stored history. This is combined with a minimum password age setting, which effectively prevents users from changing a password repeatedly until they can set the password back to the original one. Minimum PW age is often set to one day.
*****************************************************************************************************
Composition Passwords: Automatic, system-generated PWs for user accounts; TWO or MORE random, unrelated words joined together with a number of symbol in between the TWO or MORE random, unrelated words, e.g., COMPOSITION$hello or this!who@REALLY
VULNERABILITY OF COMPOSITE PASSWORDS: PASSWORD-GUESSING ATTACKS
CONTROL/ COUNTERMEASURE: CHANGE ASAP TO A STRONG PW
*************************************************************************************************
HOW TO CREATE STRONG PASSWORDS:
DO NOT: Use any part of your name, logon name, e-mail address, employee number, national identification number or SSA Number, phone number, extension, or ther identifying name or code
DO NOT: Use any information available from social network profiles, e.g., Facebook.com or job search sites, e.g., LinkedIn
DO NOT: Use dictionary words, slang, or industrial acronyms, e.g. CISSP
DO: Use Non-standard capitalization and spelling, e.g., HeLLO
DO: Replace letters with special characters and numbers, e.g., H3!l0 – notice e=3 (three); l=!; and o=0 (zero)
****************************************************************************************************
Cognitive Password: A series of questions about facts or predefined responses that only the subject/ user should know, e.g.,
1) What is your birth date?
2) What is the name of your first boss?
3) What is your favorite sport?
VULNERABILITIES OF COGNITIVE PWs:
Often derived from the WWW via Social Media sites, and other networking sites – just b/c a networking site is “private,” does NOT mean that it cannot be broken into by a cracker. Also, one’s spouse or close family member will know most of these answers – 90% of the time.
CONTROL/ COUNTERMEASURE:
Give the wrong answer to the questions or spell the correct answers backwards – be consistent. Also, one may create one’s own unique questions, if the system allows this.
************************************************************************************************
BIOMETRICS:
FAR = FALSE ACCEPTANCE RATE = RATIO OF TYPE 2 (TWO) ERRORS TO VALID AUTHENTICATIONS = FALSE POSITIVE – Example: When an invalid subject IS authenticated; If Cracker Jack does not have a user account, but he uses his fingerprint to authenticate, and the system recognizes him, it is a false positive.
Robert A. Keller, III
IA Instructor/ Writer
3
FRR = FALSE REJECTION RATE = RATIO OF TYPE 1 (ONE) ERRORS TO VALID AUTHENTICATIONS = FALSE NEGATIVE – Example: When a valid subject is NOT authenticated; If Joe Snuffy uses her fingerprint to authenticate herself, but he system incorrectly rejects her, it is a false negative.
The most important aspect of a biometric device is ACCURACY.
INCREASE Sensitivity = INCREASE TYPE 1 ERRORS (FALSE NEGATIVES) – inverse relationship; Decrease Type 2 errors
DECREASE Sensitivity = INCREASE TYPE 2 ERRORS (FALSE POSITIVES) – inverse relationship; Decrease Type 1 errors
CER = Crossover Error Rate = the point where the FRR and FAR percentages (ratios) are equal on the graph.
EER = Equal Error Rate = aka Crossover Error Rate (see above)
Do not implement a biometric device, setting the sensitivity level exactly equal to the CER/ EER; rather consider the environment and organizational security policies for implementation purposes. The CER/ EER (%) is simply a metric to determine the overall quality and most importantly, accuracy of a biometric system. The lower the CER/ EER (expresses as a %), the more accurate the biometric device; the higher the CER/ EER (%), the less accurate the biometric device.
Enrollment Time: Time needed to scan and store a biometric factor – LESS THAN OR EQUAL TO TWO (2) MINUTES – NO MORE THAN 120 SECS.
Throughput Rate: Time needed to scan a subject and approve or deny access – SIX (6) SECONDS OR LESSS – NO MORE THAN 6 SECS.
Acceptance: Factors to consider such as spread of viruses (human), bodily fluids, etc. of subjects often impact the adoption of a given biometric system.
IDENTIFICATION/ AUTHENTICATION/ AUTHORIZATION/ ACCOUNTABILITY (AAA)
Identity Proofing: Verifying that people are who they CLAIM to be BEFORE providing them with credentials, e.g., CAC office requires DL and another form of Gov’t issued ID before you get a Common Access Card (CAC).
CAC is DoD specific; other Gov’t names for the same card are PIV – outside of DoD.
SSN, DOB, Mother’s Maiden Name = ALL TOO COMMON; DO NOT USE
*********************************************************************
DUAL-FACTOR AUTHENTICATION = COMBINE TWO (2) FACTORS ONLY
MULTI-FACTOR AUTHENTICATION=COMBINES TWO (2) OR MORE FACTORS
*********************************************************************
Robert A. Keller, III
IA Instructor/ Writer
4
5 AUTHENTICATION FACTORS:
TYPE I: Something you KNOW; e.g., Password or PIN (Personal Identification Number)
TYPE II: Something you HAVE; e.g., Smart Card, USB Token
TYPE III: Something you ARE; e.g., Fingerprint, biometrics
TYPE IV: SomeWHERE you are; e.g., Geolocation – CHECK w/ S. Harris Book Ref.
TYPE V: Something you do; e.g., gestures on a touch screen, behavior-based – CHECK w/ S.H. Book Ref.
********************************************************************************** *
TYPE I: SOMETHING YOU KNOW = PW = LEAST SECURE
Controls:
1) Use Long Passwords
2) Use Complex Passwords, e.g., 8 characters, Uppercase, Lowercase, Symbols (32 CHARACTERS ,e,g., !, $, AND *)
3) Change PWs frequently
4) Verify user’s identity bf resetting passwords
5) Do NOT reuse the same password (Reuse of Knowledge leads to Wisdom)
6) Account lockout policies
7) Change default PWs
8) NEVER write PWs down – SECURITY through OBSCURITY – NOT GOOD – IF WRITTEN DOWN, MUST BE STORED IN A SAFE
9) NEVER share PWs
**************************************************
COMPLEX PWs are NOT necessarily STRONG PWs. MUST combine COMPLEXITY with LENGTH of at least 8 or 15 characters – N.B. 7 and 14 with LM reason for this
*************************************************************************************
THE COMBINATION OF DIFFERENT CHARACTERS IN A PW (COMPLEXITY) CREATES THE KEY SPACE
C ^ N = KEY SPACE
WHERE C=NUMBER OF POSSIBLE CHARACTERS USED; N = LENGTH OF PW or Number of Characters
EXAMPLE: SIX (6) character, ONLY lower case PW = = acdhed = 26 ^ 6 = 308 Million Possibilities, i.e., combinations
26 X 26 X 26 X 26 X 26 X 26
1 2 3 4 5 6
************************************************* *
PW-cracking tools = rate = 20 Billion PW per second (PWps) = (Passwords/ One Second)
***************************************************
Robert A. Keller, III
IA Instructor/ Writer
5
TOTAL CHARACTERS IN ENGLISH = NINETY-FOUR (94) UPPER = 26
Lower = 26
Numbers = 10
Characters = 32
26+26+10+32 =TOTAL = 94 TOTAL
*******************************************************
********TOO COMPLEX = LESS SECURE; BETTER TO BE LONGER THAN MORE COMPLEX
Reason: Too complex, users WILL write down or store in computer
*****************************************************************
SOLUTION: USE PASSPHRASE
PASSPHRASE
PASSPHRASE – PW that has meaning to user, e.g., Iwi11P@$$ and IL0veThi$B00k
*****************************************************************
STRONG PWs never use key combinations, user’s name, words in a dictionary
**************************************
PASSWORD HISTORY = 3 = PREVENTS USERS FROM REUSING PASSWORDS UNTIL THEY’VE USED 3 NEW PASSWORDS
MAXIMUM PASSWORD AGE = 45 DAYS = FORCES USERS TO RESET THEIR PW TO A NEW PW ON THE 46TH DAY
MINIMUM PASSWORD AGE = 1 = HOW LONG USERS MUST WAIT BEFORE CHNANGING THEIR PW AGAIN; IF SET TO ONE, IT PREVENTS USERS FROM CHANGING TGHEIR PW UNTIL 1 DAY HAS PASSED; USED WITH PW HISTROY (ABOVE), e.g. if PW History = 24 and the minimum pw age is = 1 day, then it will take the user 25 days to get back to their original pw.
MINIMUM PW LENGTH = 8 OR 15 – NOT 7 OR 14
COMPLEXITY REQUIREMENTS: DEPENDS ON ORG – NORMALLY 3 OUT OF THE 4 CHARACTER TYPE
*******************************************************
IF THE NAME OF THE ADMIN ACCOUNT IS NOT CHANGED, IT CAN BE HACKED EASIER BECAUSE THE ADMIN ACCOUNT CAN NOT BE LOCKED OUT.
***********************************************************************************************
Robert A. Keller, III
IA Instructor/ Writer
6
ACCESS CONTROL TYPES:
1) PREVENTATIVE
2) DETECTIVE
3) CORRECTIVE
4) DETTERENT
5) RECOVERY
6) DIRECTIVE
7) COMPENSATION
CATEGORIZED BY HOW THEY ARE IMPLEMENTED:
1) ADMINISTRATIVE/ MANAGERIAL
2) TECHNICAL/ LOGICAL
3) PHYSICAL
*********************************************************************************************
RIGHTS:
PRIVILEGES:
PERMISSIONS:
*************************************************************************************************
ARP = IP TO MAC (PHYSICAL) – Ipv4
NDP=IP TO MAC – Ipv6
*******************************************************
CEMA = Connectivity protocols, Encryption protocols, eMail Protocols, Application Protocols
*******************************************************
SSH = TCP 22 = WHEN ENCRYPTING TRAFFIC, e.g., FTP as SFTP; SCP; ENCRYPTS TCP WRAPPERS IPV6
*******************************************************
FTP ACTIVE MODE USES TCP 21 FOR CONTROL SIGNALS AND TCP 20 FOR DATA.
FTP PASSIVE MODE USES TCP PORT 21 FOR CONTROL SIGNALS, BUT…BUT….BUT USES A RANDOM TCP PORT NUMBER FOR DATA.
********************************************************
FTPS = FILE TRANSFER PROTOCOL SECURE (SSL OR TLS) – TCP PORTS 989 AND 990
TFTP = TRIVIAL FILE TRANSFER PROTOCOL USES UDP 69 – USED TO TRANSMIT SMALLER AMOUNTS OF DATA
*****************************************************************************************************
NETBIOS = UDP 137, UDP 138, TCP 139; CAN USE TCP 137
************************************************?**************************************************
Robert A. Keller, III
IA Instructor/ Writer
7
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: MNEUMONICS ARE INTENDED TO BE READ BY CONSENTING ADULTS AT LEAST 21 (TWENTY-ONE) YEAR- OLD OR OLDER IN THE CITY OF FREDERICK, IN THE STATE OF MARYLAND, USA AND ARE FOR THE PURPOSES OF EDUCATIONAL PURPOSES ONLY; THE INFORMATION IS IN NO WAY, SHAPE, OR FORM ENDORSED BY THE AUTHOR(S)/ CONTRIBUTORS TO THE BELOW-NOTED PROTOCOL PORT NUMBERS CHART. BY READING THIS NOTICE, AND FURTHER, BY READING THE ATTACHED TWO PAGES BELOW, YOU WAIVE ANY AND ALL RIGHTS (FEDERAL, STATE, MUNICIPAL, TRIBAL) THAT MAY OR MAY NOT BE APPLICABLE UNDER ANY AND ALL JURISDICTIONS WITHIN THE UNITED STATES AND INDEMNIFY THE AUTHOR/ CONTIBUTOR(S)/ AND ANY AND ALL ENTIES FREE FROM ANY AND ALL.
http://www.iana.org/assignments/port-numbers
PROTOCOLS TO REMEMBER PROTOCOL TCP UDP DESCRIPTION MNEUMONIC
FTP data port (active)
20
File Transfer Protocol
First protocol you will use on the exam = 20 = FTP data port (active mode)
FTP control port (passive)
21
File Transfer Protocol
1 > 0, so 1 is a larger number than 0 ….obviously… since 1 is larger than 0, one is also more in control; it is larger; larger things tend to be more in control of smaller things – mother nature – no, your instructor is NOT controlling – FTP 21 – Passive – He/she would much rather be ACTIVE (FTP data Port) – FTP 20 …. OK, work with me….
SSH, SCP, SFTP
22
Secure Shell; Secure Copy Protocol; Secure File Transfer Protocol
SSH=SH*tty; old; not too secure
Telnet
23
Telnet – disable if not in use; part of the hardening process – disabling services/ protocols/ applications that are not necessary for one to do one’s job; This is necessary – hardening, that is, due to the fact that most OTS (Off-the-Shelf) products come with most services, protocols, and applications loaded for USER CONVENIENCE.
*** REMEMBER THAT CONVENIENCE AND SECURITY ARE AT OPPOSITE SIDES OF THE SPECTRUM.
SMTP
25
Simple Mail Transfer Protocol = TCP 25
KNOW THIS ONE!!!!!!!!
SMTP = TCP 25
SEND MAIL – DEC 25 -CHRISTMAS DAY IS WHEN MOST MAIL IS SENT -
TACACS+
TCP 49
THINK OF THE FOOTBALL TEAM – THE FOOTBALL TEAM: 49ERS – THEN THNK TANK/ TACKY AS$ES –
Robert A. Keller, III
IA Instructor/ Writer
8
SECURED BACK ENDS, SO TCP = CONNECTION-ORIENTED – PLUS = TAKE “+” FROM “+CP” TACACS+=TCP 49
DNS
53
53
Dynamic Name Service
HTTP
80
Hyper Text Transfer Protocol
TCP 80 – you guys better know this one
POP3
110
Post Office Protocol v3
Post = 1 = P
Office = 0 = O
Protocol = 1 = P
110 – POPv3
IMAP4
143
LDAP
389, 636
Lightweight Directory Access Protocol
89 something – you take it off the menu; 3 letters in this protocol are not “lightweight” and are therefore taken off the menu
HTTPS
443
Hyper Text Transfer Protocol Secure// HTTP OVER SSL OR TLS
HTTPS=443
HTTP OVER TLS
RDP
3389
Remote Desktop Protocol
LDAP W AM EXTRA #3 IN BEGINNING
DHCP
67, 68
Dynamic Host Configuration Protocol
TFTP
69 UDP
Trivial File Transfer Protocol
CAVEAT: Adults over the age of 18 only
Sex = 69 = there “ain’t” nothing trivial about the position “69” and transferring his/ her files into her/ his files
NTP
123
Network Time Protocol
CLOCK-COUNT = 1, 2, 3 = easy, just count the CLOCK (TIME) from 1 to 2 to 3
SNMP
161
Simple Network Management Protocol
N = 1 1
S = 6
Work with these numbers here – nothing simple about Simple Network Management Protocol
SNMP trap
162 UDP
RADIUS
1812, 1813
Remote Authentication Dial-In User SERVICE ----SERVICE…SERVICE
WAR OF 1812 – BICYCLE SPOKES-LASTED MORE THAN JUST 1 YEAR
NETBIOS
139, *(137)
137,138
KERBEROS
88 UDP
There are 8 (eight) letters in the word KERBEROS
1 2 3 4 56 78
MS SQL SERVER
1433 TCP
IPSec (for VPN w IKE)
500 UDP
LDAP
389 TCP
LDAP w/ SSL OR TLS
636 TCP
SMTP w/ SSL OR TLS
465 TCP
Robert A. Keller, III
IA Instructor/ Writer
9
POP3 w/ SSL OR TLS
995 TCP
IMAP4 w/ SSL OR TLS
993 TCP
DNS for ZONE TRANSFERS
53 TCP - ZONE TRANSFERS
53 UDP - QUERIES FOR NAME RESOLUTION
L2TP
1701 UDP
PPTP
1723 TCP
RDP
3389 TCP
3389 UDP
MS SQL SERVER
TCP 1433
HTTPS
443 TCP
*Can use, but very rarely; for informational purposes ONLY.
TABLE 1.1: PROTOCOLS – SEC+-401
ATTACKS:
SNIFFERS= Capture packets
PROTOCOL ANALYZER=Analyzes the packets caught by the sniffer; often the sniffer is incorporated into the Protocol Analyzer, e.g., WIRESHARK
***********************************************************
PRIVATE IP ADDRESSES:
10.0.0.1 – 10.255.255.255
172.16.0.1 – 172.31.255.255
192.168.0.1 – 192.168.255.255
************************************************************
PUBLIC IP ADDRESSES:
CLASS A = 0.0.0.0 – 127.255.255.255
CLASS B = 128.0.0.0 – 191.255.255.255
CLASS C = 192.0.0.0 - 223.255.255.255
**********************************************************
SUBNETTING:
*****************************************
Robert A. Keller, III
IA Instructor/ Writer
10
IPv4 vs. IPv6:
IPV6 = 340 UNDECILLION IP ADDRESSES
THOUSAND= 1,000 = (1 set of 3 zeros)
MILLION = 1,000,000 = (2 sets of 3 zeros)
BILLION = 1,000,000,000 = (3 sets of 3 zeros)
TRILLION = 1,000,000,000,000
QUADRILLION= 1,000,000,000,000,000
QUINTILLION= 1,000,000,000,000,000,000
SEXTILLION= 1,000,000,000,000,000,000,000
SEPTILLION= 1,000,000,000,000,000,000,000,000
OCTILLION= 1,000,000,000,000,000,000,000,000,000
NONILLION= 1,000,000,000,000,000,000,000,000,000,000 = (10 sets of 3 zeros)
DECILLION= 1,000,000,000,000,000,000,000,000,000,000,000 = (11 sets of 3 zeros)
UNDECILLION= 1,000,000,000,000,000,000,000,000,000,000,000,000 = (12 sets of 3 zeros)
***********************************************************
**********************************************************
BROADCAST: ONE TO ALL TRAFFI C – ONE HOST TO ALL OTHER NODES ON THE SUBNET = 255.255.255.255 = DROPPED BY ROUTERS = ROUTERS DO NOT PROCESS BROADCAST ADDRESSES
*********************************************************************
PHYSICAL PORTS VS LOGICAL PORTS –
*******************************************************
SOME HUMOR, YET INSIGHT…………………….
MINUTE (60 SECONDS) VS. MINUTE (TINY)
WHAT DOES “SECURE” MEAN TO YOU?
“THE SECRETARY OF DEFENSE DIRECTED MEMBERS OF DIFFERENT SERVICES TO “SECURE THAT BUILDING.” NAVY PERSONNEL TURNED OFF THE LIGHTS AND LOCKED THE DOORS SO NO ONE COULD EXIT. THE ARMY OCCUPIED THE BUILDING AND ENSURED NO ONE COULD ENTER. THE MARINES ATTACKED IT, CAPTURED IT, AND SET UP DEFENSES TO HOLD IT. THE AIR FORCE SECURED A TWO-YEAR LEASE WITH AN OPTION TO BUY!”
NAMA= NAVY, ARMY, MARINES, AIRFORCE
Robert A. Keller, III
IA Instructor/ Writer
11
***************************************************************************
CRYPTOGRAPHY:
SYMMETRIC – PRIVATE KEY CRYPTOGRAPHIC ALGORITHMS – ONE KEY ONLY
C32BRAIDS
C=CAST
3=TRIPLE DES (TDES)
2=TWO FISH
B=BLOW FISH
R=RC4, RC5 (Ron’s Code 4, Ron’s Code 5)
A=AES (ADVANCED ENCRYPTION ALGORITHM) -RIJNDAEL
I=IDEA (INTERNATIONAL DATA ENCRYPTION ALGORITH)
D=DES (DATA ENCRYPTION STANDARD)/ DEA (DATA ENCRYPTION ALGORITHM
S=Skipjack (NSA) OR SAFER (European)
ASYMMETRIC – PRIVATE AND PUBLIC KEY – TWO KEYS USED
REEDD
R=RSA
E= EL-GAMAL
E=ECC
D=DIFFE-HELMAN
D=DSS/DSA
**********************************************************************
Robert A. Keller, III
IA Instructor/ Writer
12
DEMONSTRATION:
HTTP: CLEAR PIPE W/ RED, YELLOW, BLUE, AND GREEN BALLS
SHTTP: CLEAR PIPE W/ BLACK BALLS
HTTPS: BLACK PIPE W/ RED, YELLOW, BLUE, AND GREEN BALLS
__________________________________________________
IN CRYPTOGRAPHY, THERE IS NO AVAILABILITY – TAKE IT OUT OF THE TRIAD -----TURN THE TRIAD/ TRIANGLE INTO A SQUARE, REPRESENTING THE 4 (FOUR) SERVICES THAT CRYPTOGRAPHY PROVIDES:
1) CONFIDENTIALITY;
2) INTEGRITY;
3) AUTHENTICATION; AND
4) NON-REPUDIATION
*********************************************************************
INTEGRITY + AUTHENTICATION = NON-REPUDIATION
Robert A. Keller, III
IA Instructor/ Writer
13
DIGITAL SIGNATURES PROVIDE NON-REPUDIATION, but NO CONFIDENTIALITY
************************************************************************
RISK and TVA_________________________
NOTICE THE COLOR CODING SCHEME: RAG = RED, AMBER, GREEN
RED = PROBLEM
AMBER = NEEDS ATTENTION
Robert A. Keller, III
IA Instructor/ Writer
14
GREEEN = NOT A PRIORITY
***************************************************************************
PRIORITY = URGENCY x IMPACT
Probability and Impact Matrix is a tool to aid in prioritizing risks. There may be several risks in any given project. Both the size and complexity of a given project contribute to the risks, and may vary somewhere from double digits to triple digits.
Quick Question?: Do we have the TIME and MONEY to look into all these risks, let alone the response action(s). The answer is simply NO; we do not have such luxury of time. So, it is necessary to find a way to identify those critical risks which needs the most attention from the project team.
Probability and Impact Matrix uses the combination of probability and impact scores of individual risks and ranks/ prioritizes them for easy handling of the risks. In other words, the probability and impact matrix helps to determine which risks need detailed risk response plans. It is vital to understand the priority for each risk as it allows the project team to appreciate the relative importance of each risk.
For example, a risk with a high probability/ likelihood of occurring and which will have a high impact on the project objectives will likely need a response plan.
The matrix generally used is a 3x3 matrix (with Low, Medium, High rating for Probability and Impact) or 5x5 Matrix (with Very Low, Low, Medium, High and Very High ratings for probability and impact).
------------------------------------ -----------------------------------------------------------------------------------------
Robert A. Keller, III
IA Instructor/ Writer
15
EXPOSURE: IMPACT X PROBABILITY
The risk/control matrix provides guidance for priorities based on impact, likelihood and control effectiveness.
------------------------------------------------------------------------------------------------------------ -
Robert A. Keller, III
IA Instructor/ Writer
16
Risk management process flow aligns continuity risk management with proven and accepted risk management processes
*******************************************************************************
Robert A. Keller, III
IA Instructor/ Writer
17
Access Control
Access control protects the systems and resources from unauthorized access, and, usually determines the level of authorization.
Access control consists of the following primary areas:
Identification
Authentication
Authorization
Accountability
************ The last three of these are largely comprised of ‘logical access controls’.
Identification
Biometrics: Very sophisticated and accurate, but expensive.
Type 1 error: false rejection rate
Type 2 error: false acceptance rate
Other barriers to widespread adoption of biometrics include user acceptance, enrollment time and throughput (and money)
Robert A. Keller, III
IA Instructor/ Writer
18
Collected biometric images are stored in a corpus.
**The (descending) order of effectiveness and acceptance for biometric devices:
Order of Effectiveness Order of Acceptance
Palm scan Iris scan
Hand geometry Keystroke dynamics
Iris scan Signature dynamics
Retina pattern Voice verification
Fingerprint Facial recognition
Voice verification Fingerprint
Facial Recognition Palm scan
Signature Dynamics Hand Geometry
Keystroke Dynamics Retina Pattern
Authentication
Three factors (types) of authentication are something you know, have, or are.
Strong authentication requires two of these (two-factor authentication).
Passwords are the most commonly used, but also considered one of the weakest.
Key terms: password, pass phrase, virtual password, cognitive password.
There are two types of one-time passwords – synchronous and asynchronous.
Synchronous – Token device synchronizes (shares same secret key) with authentication server via a time-based or event-based synchronization.
Asynchronous – Uses a challenge-response scheme to communication with the authentication server.
Other authentication mechanisms:
Private Key – digitally signing a message.
Pass phrase – transformed into a virtual password.
Memory card – holds information but does not process it. Example ATM card.
Smart card – capabilities of memory card plus it can actually process information.
Robert A. Keller, III
IA Instructor/ Writer
19
Authorization
The system knows who you are (authentication) and must now decide if you are permitted to carry out the requested actions (authorization).
Access criteria types can be broken up into:
Roles
Groups
Physical or logical (network) location
Time of day
Transaction type
All access criteria should default to “no access”.
Need to know principle:
Management’s job is to determine the need-to-know.
Administrator job is to configure access control and security mechanisms to fulfill the need-to-know requirements.
Single Sign-on Mechanisms:
Scripting: Batch files automate authentication process, but may contain logon credentials (userID and password). Insecure. High maintenance maintaining scripts.
Kerberos:
Robert A. Keller, III
IA Instructor/ Writer
20
Kerberos is a single sign-on system that uses symmetric key cryptography (DES) and end-to-end encryption. Kerberos eliminates the need for transmitting passwords over the network. In order to implement Kerberos, all software in use me be Kerberos compatible or, “kerberized”. The components of Kerberos are:
KDC: Key distribution center. Holds user’s and services’ keys. The foundation of Kerberos is the client and server’s trust in the KDC. The KDC actually consists of a ticket granting service and authentication server.
Principals: Entities requiring KDC services – users, apps or services. The KDC and each principal share a secret key.
Ticket: Tickets are created by the KDC and given to a principle when that principle needs to authenticate to another principle.
Realm: A “realm” is the set of components and principles that the KDC provides services for.
AS: Authentication service – this is part of the KDC.
Kerberos Authentication Process:
The client trusts the KDC and the services trust the KDC due to their secret keys. An overview of the process when a client wants to use a service via Kerberos is:
1. The client sends its user id and the name of the requested service to the KDC.
2. The KDC provides a session key for the client and service to use. One is encrypted with the user secret key and the other with the service secret key.
3. The KDC generates a service ticket containing both session keys. This ticket is sent back to the client. The user enters their password and if the password is correct, the client converts it into the necessary key to decrypt the client session key in the ticket.
4. The client decrypts the client portion of the ticket to get the session key and sends the ticket on to the service. The service uses its own private key to decrypt the session key.
5. The user and service are now authenticated to each other and communicate with encrypted data via the session key.
Secret key: Shared between KDC and a principle.
Session key: Shared between two principles.
Kerberos weakness:
Kerberos has a number of weaknesses that make it vulnerable to attack. Some of these are:
The KDC is a single point of failure.
The secret keys are temporarily stored on user’s workstations, in memory, etc.
Session keys are decrypted and reside on user’s workstations.
Vulnerable to password guessing.
Does not protect network traffic unless encryption is enabled.
When a user changes password, the KDC database needs to be updated with a new corresponding secret key.
Replay attacks can be used against Kerberos.
Robert A. Keller, III
IA Instructor/ Writer
21
SESAME:
Secure European System for Applications in a Multi-user Environment. Sesame is a single sign-on system designed to address some of the weaknesses in Kerberos. It uses public key cryptography for the distribution of secret keys and supports MD5 and CRC32 hashing. SESAME is also vulnerable to password guessing. Sesame uses the Needham-Schroeder protocol.
Thin Clients:
No local processing. User must authenticate to the network just to be able to use the computer/terminal.
KryptoKnight:
KryptoKnight is another single sign-on (SSO) protocol similar to Kerberos.
Provides the following security services:
Authentication
Key Distribution
Data Privacy
Data Integrity
Single Sign-On
Administration
Although the services provided are essentially the same as Kerberos, some differences are:
KryptoKnight uses a hash function for authentication.
KryptoKnight uses nonces for challenges instead of timestamps.
Any network entity may initiate the protocol.
ACCESS CONTROL MODELS
An access control model is a framework that dictates how subjects access objects. There are three main types of access control model: mandatory access control, discretionary access control and role-based access control.
Discretionary (DAC): The creator of a file is the ‘owner’ and can grant ownership to others. Access control is at the discretion of the owner. Most common implementation is through access control lists. Discretionary access control is required for the Orange Book “C” Level.
Mandatory (MAC): Much more structured. Based on security labels and categories. Access decisions are based on clearance level of the data and clearance level of the user, and, classification of the object. Rules are made by management, configured by the administrators and enforced by the operating system. Mandatory access control is required for the Orange Book “B” Level.
Role-Based (RBAC): (nondiscretionary access control) continually administered set of controls by role within organization. Roles are tighter controlled than groups. A user can only have one role. RBAC is best suited for companies with a high turnover rate.
Three step process for administering RBAC access control:
1. System/information owners make decisions about rights and permissions (not the systems administrators).
Robert A. Keller, III
IA Instructor/ Writer
22
2. System/Network administrator (data custodian) actually creates the roles and functions on behalf of owners.
3. Security administrator assigns rights to the roles.
Can use different types of RBAC:
Role-based: User’s role within organization.
Task-based: Specific task assigned to the user.
Lattice-based: Determined by the sensitivity level assigned to the role. Provides an upper and lower bound of access capabilities for every subject and object relationship.
Access Control Techniques and Technologies:
Once a company decides on the access control model to use, the technologies and techniques to implement that model need to be determined:
Role-based: Can be used with DAC – NT Groups.
Can be used with MAC – Labels assigned to roles.
Rule-based: Router or firewall rules – user cannot change.
Restricted interfaces:
Menus and shells
Database views
Physically constrained interfaces.
Access Control Matrix:
Table of subjects and objects indicating ACCESS.
Capability Tables:
Specifies the access a certain subject has to specific objects. Corresponds to a row in the access control matrix. Bound to subject.
Access Control Lists:
Bound to object. List of subjects authorized to access a specific object, and, the level of access/authorization.
Content-dependant:
Database views are a good example – access is based on the data content itself.
Context-dependant:
Access is based on location, time of day, previous access history, etc.
Robert A. Keller, III
IA Instructor/ Writer
23
Access Control Administration:
Access control administration is either centralized, decentralized or a hybrid of the two.
Examples of centralized access control technologies include:
RADIUS: Remote Authentication Dial-In User Service. Usually used for dialup. Access server requests user login credentials and forwards to a backend RADIUS server. Can add callback function for additional security.
TACACS: Terminal Access Controller Access Control System. There are several types of TACACS:
TACACS: Combines its authentication and authorization processes. Passwords are static.
XTACACS: Separates authentication, authorization and accounting processes.
TACACS+: XTACACS with two-factor user authentication. Supports token authentication.
Security Domain: A security domain is defined as a “realm of trust”. Subjects and objects share common security policies and procedures and are managed by the same system. Also used within operating systems and applications to protect system files or processes.
Access Control Methods:
There are three broad categories of access control layers:
Administrative, Technical, and Physical
Administrative controls:
Policies and procedures: Guidelines + standards + baselines
Personnel controls: Hiring, firing, promotions, transfers, separation of duties, rotation of duties, forced vacation.
Supervisory structures: Clear lines of reporting.
Awareness Training
Security Testing: Drills, penetration testing, queries to employees, interviews, reviews.
Physical controls:
Network segregation.
Perimeter security.
Robert A. Keller, III
IA Instructor/ Writer
24
Computer controls.
Work area separation.
Data backups.
Cabling.
Logical (Technical) Controls:
System Access – See previous access control mechanisms.
Network architecture – Logical controls can provide segregation and protection of an environment. I/P address ranges, subnets, routing between networks, etc
Network Access – Logical network access controls – routers, switches, NICs, bridges.
Encryption and Protocols
Control Zone – Technical and physical control. Surrounds and protects network devices that emit electrical signals. TEMPEST related.
Auditing
Access Control Types
Each control method can also perform different functionality. The functionality types are:
Preventative
Detective
Corrective
Deterrent
Recovery
Compensating
For example:
Preventative-Administrative:
Policies and procedures, effective hiring practices, background checks, data classification, security awareness training.
Preventative-Physical:
Biometrics, badges, swipe cards, guards, dogs, motion detectors, fences, mantraps, locks and alarms.
Preventative-Technical:
Passwords, biometrics, smart cards, encryption, call-back systems, database views, antivirus software, ACLs, firewalls, IDS
Accountability: Auditing capabilities ensure that users are held accountable for their actions, verify that policies are enforced, deter improper actions and are an investigative tool.
There are 3 main types of audit tools:
Robert A. Keller, III
IA Instructor/ Writer
25
Audit reduction
Variance detection
Attack-signature detection
Audit data must be protected from unauthorized viewing and modification.
Access Control Practices:
The following tasks should be carried out regularly:
Deny access to undefined or anonymous accounts
Limit and monitor administration accounts
Suspect access after a number of failed logins
Remove accounts as soon as someone leaves an organization.
Format Access Control Models:
Bell LaPadula: The Bell LaPadula model is built on state machine concepts and focuses on confidentiality. The objective of this model is to ensure that the initial state is always secure and that transitions always result in a secure state. Bell LaPadula defines a secure state through 3 multilevel properties:
Simple Security Policy: No read up – a lower level subject cannot read a higher level object (protects confidentiality).
Security * (star) property: No write down – do not allow confidential information to be written to a local level, where a lower level subject can view it.
Discretionary Security Property: Uses a discretionary access control matrix to manage exceptions.
Biba Model: The Biba model is lattice-based and focuses on integrity more than confidentiality. Biba specifies the following three axioms:
Simple Integrity Axiom: No read down. A higher level subject cannot read information from a lower level. This prevents higher level reports and data being corrupted by lower level (and less trustworthy) information.
Integration * (Star) Axiom: No write up. A subject cannot write data above its security level – higher level data might be compromised by lower level, less trustworthy data.
A subject at one integrity level cannot invoke a subject at a higher integrity level.
Clark-Wilson Model: This model has emphasis on integrity – both internal and external consistency. Clark-Wilson uses well formed transactions, separation of duties and the labeling of subjects and objects with programs to maintain integrity. Security properties are partly defined through five certification rules, suggesting the check that should be conducted so that the security policy is consistent with the application requirements.
CDI – Constrained Data Item: A data item whose integrity must be preserved.
IVPS – Initial Verification Procedures: Confirm that all CDIs are in a valid integrity state when the IVP is run.
TP – Transformation Procedure: Manipulates the CDIs through a well-formed transaction, which transforms a CDI from one valid integrity state to another.
Robert A. Keller, III
IA Instructor/ Writer
26
UDI – Unconstrained Data Item: Data items outside of the control area such as input information.
Any TP that takes a UDI as input must either convert the UDI into a CDI or reject the UDI and perform no transaction at all.
Unauthorized disclosure of information:
There are several ways in which information can be inadvertently disclosed. The follow items are related to information disclosure:
Object Reuse: Reassigning media to a subject when media might still contain some residual information. Make sure media is cleaned. Degaussing works best. Object reuse controls are required for TCSEC B2 and above.
Emanation: Picking up radiation emitted by devices. TEMPEST is very expensive.
Some alternatives are:
White Noise – Uniform spectrum of random electrical signals used to disguise real data.
Zones – Control zones.
Access Control Monitoring
Keeping track of who attempts to access specific resources, access control monitoring is an important detective mechanism usually carried out by Intrusion Detection Systems:
Intrusion Detection Systems (IDS):
Network Based: Monitors network, or a segment of the network (passive). Placement of sensors is a critical part of configuring a network based IDS. Place a sensor on the outside firewall to detect attacks and inside the firewall to detect invasions. Another factor to consider is that the network traffic should never exceed the IDS threshold, or the IDS may just start to drop packets.
Host-Based: Monitors a specific system.
Intrusion detection systems have two main methods of operation:
Knowledge / Signature based: This type of IDS looks for known attacks and is therefore weak vs. new attacks. There are fewer false alarms. This type of IDS may also fail to detect “slow” attacks extended over a long period of time.
Behavior based / Statistical IDS: This type of IDS detects deviations from expected behavior of users and systems. May use expert systems. Detects new attacks and doesn’t rely on a database of signatures to be updated, but, can cause more false positives.
Relational Database Security:
The following are areas relating to database technology and security:
Schema: Description of the database and its tables. Written using a DDL.
Cardinality: Number of rows in a table.
Robert A. Keller, III
IA Instructor/ Writer
27
Degree: Number of columns in a table.
Domain: The set of all allowable values an attribute can take.
Entity Integrity & Referential Integrity:
View: Virtual table defined from other tables that are used to restrict access, hide attributes and provide content-dependant access. Views help implement least privilege and need to know principles.
To protect against “inference attacks”, databases may have a minimum query set size and prohibit query of “all but one” tuples. Highly secure systems may also employ context dependant access control where the tuples a user can read are based on those already read.
Threats
The main categories of threats to ACCESS control mechanisms are:
Dictionary attack
Brute force attack
Spoofing at login – fake login screen to capture details.
Man in the Middle Attacks (MITM)
A “trusted path” can mitigate login spoofing.
The following measures are used to compensate for internal and external access violations:
Backups
RAID
Fault tolerance
Business continuity planning
Insurance
TELECOMMUNICATIONS & NETWORK SECURITY
Open Systems Interconnect (OSI) Model:
Developed early 1980s and introduced in 1984:
OSI Model TCP/IP Model
Application | Presentation | Application
Robert A. Keller, III
IA Instructor/ Writer
28
Session |____________ Transport <–> Host to Host Network <–> Internet Layer Data Link | Physical | Network Access Layer.
“Each protocol at a specific OSI layer communicates with a protocol that operates at the same OSI layer on another computer. This happens through encapsulation”
The protocols, technologies and computers that operate within the OSI model are called open systems.
Application Layer:
The application layer works closest to the user and handled message exchanges, terminal sessions, etc. The application does not include the actual applications, but the protocols (APIs) that support the applications.
Examples of protocols running in the application layer include:
SMTP, HTTP, LPD, FTP, WWW, Telnet, TFTP
Presentation Layer:
The presentation layer received data from the application layer and puts it into a format that all computers using the OSI model can understand.
The presentation layer is not concerned with the meaning of data, but the correct syntax and format. The presentation layer can often be considered a “translator”.
This layer also handles encryption and compression.
ASCII, JPEG, TIF, GIF, Encryption, Compression, MIDI, MPEG
Session Layer:
When two computers need to communication, or transfer information, a connection session needs to be set up between them. The session layer is responsible for establishing a connection, maintaining it during data transfer and releasing it when done.
The session layer works in 3 phases:
Connection establishment
Data Transfer
Connection release
Common protocols at the session layer are:
SSL, NFS, SQL, RPC
Transport Layer:
When two computers are going to communicate, they must first agree on how much information each will send at a time, how to determine if data was lost in order to retransmit and other parameters. The computers agree on these parameters through a process at the transport layer, OSI layer 4.
Robert A. Keller, III
IA Instructor/ Writer
29
The transport layer helps provide more reliable data transfer, error correction and flow control. It assembles data into a stream for transmitting over the network, and handled multiplexing if necessary. The transport layer also handles the teardown of virtual circuits and the multiplexing of upper layer applications.
TCP, UDP, SPX
Network Layer:
The main responsibility of the network layer is to insert information into the packet’s header so that it can be properly routed. Routing protocols build and maintain their tables at this layer.
The protocols at this layer do not ensure packet delivery – they rely on the transport layer for that.
Protocols operating at this level include:
IP, ICMP, RIP (Routing information protocol), OSPF (Open shortest path first), BGP (Border gateway protocol) and Internet group management protocol (IGMP)
Most routers also run in the network layer.
Data Link Layer:
As data travels down the ISO stack it comes to a point where it needs to be translated into LAN or WAN binary format for line transmission. This happens at the data link layer.
The data link layer is where the operating system knows what format the data frame must be in to transmit over Token Ring, Ethernet, FDDI, ATM, etc.
Network cards bridge the data link and physical layer. The data link layer actually consists of two sub layers:
1. Media Access Control (MAC)
2. Logical Link Control (LLC)
Protocols operating in the data link layer include:
SLIP, PPP, RARP, L2F, L2TP, ISDN ARP
Bridges operate in the data link layer.
Physical Layer:
The physical layer converts bits into voltage for transmission. This layer controls synchronization, data rates, line noise and phsyical medium access.
Protocols operating in the physical layer include:
RS232, SONET, HSSI, X.21
Repeaters operating in the physical layer.
OSI Security Services and Mechanisms:
Robert A. Keller, III
IA Instructor/ Writer
30
OSI defines 6 basic security services to secure OSI communications:
1. Authentication
2. Access Control
3. Data confidentiality
4. Data integrity
5. Non-repudiation
6. Logging and Monitoring
In addition, the OSI model defines 8 security mechanisms. A security mechanism is a control that is implemented in order to provide the 6 basic security services:
1. Encipherment
2. Digital Signatures
3. Access Control
4. Data Integrity
5. Authentication
6. Traffic Padding
7. Routing Control
8. Notarization
TCP/IP
I/P is a network layer protocol and provides datagram routine services.
Two main protocols work at the transport layer, TCP and UDP.
TCP Handshake:
1. Host ——– SYN ———> Host B 2. <—– SYN/ACK —– 3. ——— ACK ——–>
The TCP/IP model has 4 layers:
Application Host to host Internet Network Access
The TCP/IP model layers correspond to the ISO model layers as follows:
Application Application, presentation, session. Host to Host Transport Internet Network Network Access Data Link, Physical
The Host-to-host layer handles:
TCP – Virtual Circuit, sequenced, slower, more reliable UDP – “Best effort”, connectionless.
Robert A. Keller, III
IA Instructor/ Writer
31
Internet layer:
IP – No guarantee of delivery, delivery in sequence or only once. ARP – I/P to MAC RARP – MAC to I/P ICMP
Protocol Numbers:
The IP header contains a protocol field. Some common protocols are: 1 – ICMP 2 – IGMP 6 – TCP 17 – UDP
Data Structures:
– Within the IP protocol suite, when an application formats data for sending over the network, it is a message. – At the transport layer, TCP works on the data and it is now a segment. The segment is passed to the network layer. – The network layer adds addressing and routine and the bundle is now called a datagram. – The datagram is passed off to the data link layer which frames the datagram with a header & trailer. It is now called a frame.
TCP UDP
Application Layer Message Message Transport Layer Segment Packet Network Layer Datagram Datagram Data Link Layer Frame Frame
General Classes of Network Abuse:
Class A: Unauthorized access of restricted network services. Also called “login abuse”. Refers to legitimate users accessing network services that should be restricted to them.
Class B: Unauthorized use of a network for non-business purposes.
Class C: Eavesdropping
Class D: DOS and other disruptions
Class E: Network Intrusion. Refers to the use of unauthorized access to break into the network from the outside. Classic cases are spoofing, piggybacking and backdoor exploitation.
Class F: Probing. An active variation of eavesdropping.
Additional Attacks: SYN attacks, Buffer Overflow, Teardrop attack and Smurf:
Common Session hi-jacking attacks:
IP Spoofing attacks.
TCP sequence number attacks.
Other fragmentation attacks – using fragmented packets to hide true contact.
Robert A. Keller, III
IA Instructor/ Writer
32
NETWORKING
LAN Media Access Technologies
Most of the differences between LAN and WAN take place at the data link layer
“Two LANs connected by a router is an internetwork, not a bigger LAN. Each LAN has its own addressing scheme and broadcast and communication mechanisms. If they are connected by different data link technologies such as frame relay of X.25 then we are looking at a WAN”
Ethernet
Usually a bus or star topology
IEEE 802.3 standard
Shared media – all devices take turns and detect collisions
Uses broadcast and collision domains
CSMA/CD access method (Carrier Sense Multiple Access with Collision Detection)
Uses coaxial or twisted pair.
Common Implementations:
10base2: ThinNet. Uses coaxial cable. Max length of 185 meters and provides up to 10mbs throughput. Uses BNC connectors.
10base5: ThickNet. Uses thicket coaxial cable. Longer cable segments and less interference.
10baseT: Twisted-pair copper wiring. RJ45 connectors, usually in a star topology with a hub or switch.
Fast Ethernet: Regular Ethernet running at 100mbps over twister pair wiring.
Ethernet Types Table:
Type Cabling Speed
10base2, ThinNet Co-Axial 10mbps 10base5, ThickNet Co-Axial 10mbps 10base-T UTP 10mbps 100base-FX, Fast UTP 100mbps 1000base-T UTP 1,000mbps
Token Ring
802.5 standard, originally developed by IBM
Signal travels in a logical ring
Each computer is connected to a hub called a Multistation Access Unit (MAU)
16mbps capacity
Active Monitor – removes frames that are continually circulating
Beaconing – attempts to work around errors.
FDDI – 802.8
Robert A. Keller, III
IA Instructor/ Writer
33
Fiber Distributed Data Interface
Developed by ANSI
High speed token-passing media access technology
Speed of 100mbvps – usually used as a backbone network using fiber optics.
Fault tolerance – second counter rotating ring.
Can be used up to 100kms, so popular in MANs
CDDI (copper distributed data interface) is a version that can be used locally.
802.8 standard.
CABLING
LAN Media
Standard
Characteristics
Ethernet
802.3
* Shared media
* Broadcast & Collision Domains * CSMA/CD * Coaxial or twisted cable * 10mbps – 10 Gbps Token Ring802.5* Devices connect to center MAU * Token-passing access method * Transmission speeds of 4-16mpbs * Active monitor and beaconing
FDDI802.8* Token-passing access method * Dual counter rotating ring – fault tolerance * 100mbps over fiber-optic * Long distance at high speed * CDDI works over UTP
Bandwidth : Size of pipe
Data Rate : Amount of data
Coaxial
Copper core surrounded by shielding layer
More resistant to EMI
10base2 = ThinNet (RG58), 10base5 = ThickNet (RG11/RG8)
10base2 segments can be up to 185 meters
10base5 segments can be up to 500 meters
Can use baseband method (one channel) or broadband (multiple channel)
50ohms cable used for digital signaling and 75ohms for analog signaling and high speed data.
Twister Paid Cable
STP = Shielded Twisted Pair
UTP = Unshielded Twisted Pair
UTP Category
Characteristics
Usage
Robert A. Keller, III
IA Instructor/ Writer
34
CAT 1
Voice Grade
Not recommended for network use.
CAT 2
Up to 4mbps
Mainframe and mini connections.
CAT 3
10 mbps Ethernet
4mbps token10 base-T networksCAT 416 mpbsToken ring networksCAT 5100 mbps for
100-base TX and FDDIFDDI & ATM installations. New LANSCAT 6155mbpsNet network installationsCAT 71gbpsNet network installations
Fiber Optics
Uses a type of glass carrying light waves
Glass core surrounded by protective cladding, encased in outer jacket
Not affected by EMI, no attenuation
Very hard to tap into, so more secure.
Common Cable problems:
Noise: Caused by surrounding devices or characteristics of the environment
Attenuation: Loss of signal as it travels. The affect of attenuation increases at higher frequencies.
Crosstalk: UTP is susceptible to crosstalk which is caused when electrical signals on one wire spill over to another wire.
Plenum space is the space between the ceiling and the next floor. Often used for wiring and cabling.
TYPES OF TRANSMISSION
Data transmission can happen in different ways (analog or digital), use different controlling schemes (synchronous or asynchronous) and can only use one channel on a wire (baseband) or several channels (broadband).
Analog Signals: Continually varying.
Modulation: Combining with carrier signal of a specific frequency.
Digital Signals: Discrete binary pulses.
Asynchronous
Two devices not synchronized in any way.
Usually used for smaller amounts of data
Usually includes start and stop delineation
Synchronous
Transfers data as a stream of bits instead of framing it in start and stop bits.
Synchronization can be via clocking mechanisms, or a signal in the data.
Usually used for higher volumes of data.
Baseband
Robert A. Keller, III
IA Instructor/ Writer
35
Transmission accomplished by applying direct current to a cable. Uses full cable for its transmission. Ethernet is baseband.
Broadband
Divides cable into channels so that different types of data can be transmitted at the same time. CATV is broadband. Other broadband types include T1, T3, ISDN, ATM, DSL and wireless.
Unicast: From source to one computer.
Multicast: From source to a specific set of systems. NIC pics up packets with a specific multicast address.
Broadcast: From source to all computers on a subnet.
Network Topology:
The physical arrangement of computers and devices is the “Network Topology”
Ring Topology
Series of devices connected by unidirectional transmission links.
Form a closed loop, no central hub
Must provide redundancy or risk single points of failure
Bus Topology
In a simple bus topology, a single cable runs the entire length of the network.
Each packet is looked at by all nodes.
Traditional Ethernet uses bus topologies.
Star Topology
All nodes connect to a dedicated central hub or switch
Hub is a potential single point of failure
Less cabling used and no termination issues
Most LANs are in a physical star topology
Mesh Topology
All systems and resources are connected to each other in some way
Greater degree of complexity
Greater degree of redundancy
The Internet is a good example of a partial mesh.
LAN Media Access Technologies:
Token Passing:
Only the computer has the token can put frames onto the wire. This media access technology is used by Token Ring & FDDI and is defined in the 802.5 standard.
Robert A. Keller, III
IA Instructor/ Writer
36
Token passing networks are deterministic meaning it is possible to calculate the maximum time that will pass before a station can transmit. This makes token ring networks ideal for applications where delay must be predictable, such as factory automation.
CSMA (Carrier Sense Multiple Access):
There are two flavors are CSMA, CSMA/CA (Collision avoidance) and CSMA/CD (Collision detection).
A transmission is called a “carrier”. If a computer is transmitting frames, it is performing a carrier activity.
With CSMA/CD, computers listen to the wire for the absence of a carrier tone. If two computers sense this absence and transmit at the same time, contention and a collision can take place. All stations will execute a “back off” algorithm (Random retry timer).
With CSMA/CA, each computer signals the intent to transmit before they actually do so.
Collision Domains
“The more devices there are on a contention based network, the more likely collisions are which increases latency. A collision domain is a group of resources that are competing for the same shared communication medium”.
One subnet will be on the same broadcast and collision domain if it is not separated by routers or bridges.
PROTOCOLS:
Address Resolution Protocol: ARP
The data link layer works with MAC addresses, not IP addresses. ARP resolves IP addresses to MAC addresses. ARP broadcasts a frame requesting the MAC address that corresponds to the destination IP address. The computer that has that IP address responds with its MAC address.
“ARP table poisoning” is altering the ARP cache so that an attacker receives packets intended for another destination.
Reverse Address Resolution Protocol: RARP
Diskless workstations know their hardware address, but not the IP address. It broadcasts the MAC address information and the RARP server responds with an I/P address.
BOOTP is similar to RARP but provides more functionality including name server and gateway address.
Internet Control Message Protocol: ICMP
ICMP delivers messages, reports errors, reports routing information and tests connectivity.
PING is the most common – sends out ICMP ECHO frames and receives ICMP REPLY frames back.
Robert A. Keller, III
IA Instructor/ Writer
37
NETWORKING DEVICES:
Repeaters
Repeats and amplifies signal between cable segments
Works at the physical layer
Also known as line conditioners
Bridges
Uses to connect different LAN segments
Works at the data link layer and therefore works with MAC addresses.
Divides overburdened networks into smaller segments for better use of bandwidth and traffic control
Beware of “broadcast storms” – using bridges to echo broadcast packets.
A bridge forwards data to all other network segments if the MAC address of the destination computer is not on the local network segment.
There are three types of bridge:
Local: Connects two or more LAN segments.
Remote: Can connect two or more LANS over a long distance with telecommunications between them.
Translator: Connects LANs of different types and protocols.
Summary of the functions of bridges:
Segment a large network into smaller, more controllable pieces
Use filtering based on MAC address
Join different types of network while retaining same broadcast domain
Isolate collision domains within the same broadcast domain
Some bridges translate between protocol types.
Routers vs. Bridges:
Routers work at the network layer and are based on IP address. Bridges work at the data link layer and filter frames based on MAC addresses.
Routers will not usually pass broadcast information.
Bridges will pass broadcast information.
Spanning tree algorithm is a bridge algorithm.
If source routing is used, the packets themselves have the information within them to tell the bridge where they should go.
Hubs:
Hubs are used to connect multiple LAN devices into a concentrator. Hubs can be considered as multiport repeaters and operate at the physical layer.
Robert A. Keller, III
IA Instructor/ Writer
38
Routers:
Routers work at the network layer. A router has two or more interfaces and a routing table to get packets to their destination. Routers can filter traffic based on access control lists (ACLs) and fragment packets when necessary.
Routers discover information about routers and changes that take place in a network through its routing protocols (RIP, BGP and OSPF).
The following outlines the stages that take place when a router receives a packet:
1. A frame is received on one of the router’s interfaces.
2. Destination i/p address is retrieved from the datagram
3. The router looks at the routing table to see which port matches the destination
4. If the router has no information on the destination, it sends an ICMP error to the sending computer.
5. The router decrements the TTL. If the MTU is different than the destination requires, it fragments the packet.
6. Router changes the header information on the frame so that it can go to the next correct router.
7. Frame is sent to the router’s output queue.
Routing environments are based on autonomous systems. The autonomous systems are connected to each other through routers and routing protocols.
Routing takes place within an autonomous system through internal protocols like OSPF and RIP.
Routing takes place between autonomous systems through exterior protocols like BGP.
Switches:
Switches combine the functionality of a repeater and the functionality of a bridge. Any device connected to one port communicates to any device on another port with it’s own virtual private link.
“A switch is a multiport bridging device and each port provides dedicated bandwidth to the device attached to it”
Basic switches work at layer 2 and forward traffic based on MAC address. Today, there are layer 3 and layer 4 switches with more enhanced functionality. There are referred to as “multilayered switches”.
Virtual LANS (VLANS) are also an important part of switching networks. A switch only sends a packet to the port where the destination MAC address is located, so offer more protection against network sniffers.
VLAN:
VLANs (Virtual LANs) allow administrators to logically separate and group users. VLANs also allow administrators to apply different security practices to different groups.
Brouter:
Hybrid device combining the functionality of a bridge and a router. A brouter can bridge multiple protocols and route packets based on some of these protocols.
Gateways:
Almost all gateways work at the application layer because they need to see a majority of the information within a frame and not just the address and routing information that a router or bridge requires.
Robert A. Keller, III
IA Instructor/ Writer
39
A popular type of gateway is an email gateway. The mail gateway will usually convert email into standard X.400 and pass it on to the destination mail server.
A network connecting to a backbone (Ethernet –> FDDI for example) would need a LAN gateway.
Summary of Main Devices:
Device
Layer
Functionality
Repeater
Physical
Amplifies signal and extends networks
Bridge
Data Link
Forwards packets. Filters packets based on MAC address. Forwards broadcast but not collision traffic.
Router
Network
Filters based on IP address. Separates or connects LANs, creating internetworks.
Brouter
Network & Data Link
Bridges multiple protocols and routes some of them.
Switch
Data Link & Higher
Private virtual link between devices. Allows for VLANs. Impedes sniffing and reduces contention.
Gateway
Application
Connects different types of network. Protocol and format translation.
PBX:
A Private Branch Exchange (PBX) is a telephone switch located on the company’s property. A PBX can interface with several types of device and provides a number of telephone services. Data is multiplexed onto a dedicated line connected to the telephone company’s central office.
PBXs have the following issues:
Often have modems attached for vendor maintenance.
Come shipped with default system passwords.
Vulnerable to brute force attacks.
ATM Switches:
Most commonly used in WANs but started to be seen in LANs. Use a cell-relay technology.
FIREWALLS
Firewalls are used to restrict access from one network to another network. A firewall is a device that supports and enforces the company’s network security policy.
Many times companies will set up firewalls to construct a “DMZ” or “buffer zone” which is a network segment located between protected and unprotected networks. Usually, two firewalls are used to construct a DMZ:
LAN <– firewall <— DMZ <—- firewall <—– router <—– .o(Internet)o.
Packet Filtering:
Packet filtering firewalls use Access Control Lists to determine which packets can and cannot pass through. The filtering is based on network layer information; the device cannot look further into the packet itself. A packet filtering router is also called a screening router. Packet filtering usually takes place at the network or transport layer.
Robert A. Keller, III
IA Instructor/ Writer
40
Pros Cons
Scalable Does not look into packet past the header info
High Performance Lower security relative to other options
Application Independent Does not keep track of connection state
Used in first generation firewalls.
Packet filtering firewalls are often called “first generation firewalls”.
Application Control Capable Firewalls are often Called “Next Generation Firewalls”
Stateful Packer Filtering:
Stateful filtering keeps track of which packets went where until the connection is closed. To accomplish this, the firewall maintains a state table.
A packet filtering firewall may have the rule to deny UPD on port 25, while a stateful packet filtering firewall can say “allow those packets through if they are in response to an outgoing request”.
Frames are analyzed at all communication layers.
High degree of security without the performance hit of proxy firewalls.
Scalable and transparent to users.
Provides data for tracking connectionless protocols like UDP and RPC
Used in third generation firewall applications.
Proxy Firewalls:
A “proxy” is a middleman. A proxy firewall accepts messages entering or leaving the network and checks it for malicious information and if ok, passes it on to the destination. A proxy firewall breaks the communication channel – there is no direct communication to internal computers.
Outside scanners will only see the proxy server. Packets are repackaged as they pass through the proxy firewall. Outbound packets will only have the IP address of the firewall which means that a proxy server will be the only one with a valid IP address- the servers behind it can all use private address ranges.
A dual homed firewall has two NICs and forwarding turned off. There are two types of proxies:
Application and circuit proxies.
Proxy firewalls are considered second-generation firewalls and are usually used with a dual-homed host.
Application Level: Inspects entire packets and makes access decisions based on actual content. Understands the different protocols and usually works for just one service or protocol.
Circuit-Level: Creates a circuit between client computer and server. Makes access decisions based on source and destination.
Pros:
Robert A. Keller, III
IA Instructor/ Writer
41
Looks at information within the packet, right up to the application layer.
Better security than packet filtering
Aware of protocols, services and commands being used.
Cons:
Limited to what applications it can support
Can degrade network performance
Poor scalability
Breaks client/server model.
Dual-Homed Host Firewalls:
Single computer with separate NICs to each network
Used to divide internal trusted network and external untrusted network
Must disable forwarding
Usually used with proxy software
Users can easily and accidentally enable forwarding.
Application level vs. Circuit Level proxy firewalls:
Application Level:
Transfers a copy of each approved packet from one network to another.
Different proxy required for each service.
Hides network information from external attackers.
Hides internal computer information and addresses.
More intricate control than circuit level proxy firewalls
Reduces network performance
Circuit-Level:
Provides a circuit between the source and destination
Does not require a proxy for each service
Does not provide the detailed control that the application level proxy does.
Security for a wider range of protocols.
SOCKS proxy server characteristics:
Circuit-level proxy
Requires clients to be integrated with SOCKS client software.
Mainly used for outbound internet access and VPN
Can be resource intensive
Authentication and encryption are similar to VPN, but is not considered a bidirectional VPN.
1st generation: Packet filtering firewalls.
2nd generation: application (proxy) firewalls
Robert A. Keller, III
IA Instructor/ Writer
42
3rd generation: stateful packet firewalls
4th generation: dynamic filtering
5th generation: kernel proxy
6th generation: Chip based Flow inspection with Application Control (NGFW)
FIREWALL ARCHITECTURE:
Bastion Host:
A bastion host can be thought of as the foundation for the firewall software to operate on. It is the machine that will be accessed by all entities trying to access or leave the network.
Screened Host:
Many times a screened host is a bastion host that communicates with a border router and the internal network. Inbound traffic is filtered by packet filtering on the router and then sent to the screened host firewall.
Screened Subnet:
Adds another layer of security over the screened host firewall – the bastion host housing the firewall is screened between two routers. This architecture sets up a DMZ between the two routers.
Purposes of firewalls:
Firewalls should:
Default to deny
Block external packets inbound with internal addresses (Spoofing)
Block outbound packets with external source addresses (Zombies)
High security firewalls should reassemble packet fragments before sending them on to their destination.
Many firewalls will deny packets with source routing information.
Networking Services
Network Operating Systems (NOS):
Short list of some of the services that NOS systems (NT, W2K, Linux) provide that most single user (W95, W98) systems do not:
Directory services
Internetworking, routing and WAN support
Support for dial-up users
Clustering functionality
File & print services
Management and administration tools
Fault tolerance
Robert A. Keller, III
IA Instructor/ Writer
43
A redirector connects local computer to resources of the network – the local computer may not even be aware of this.
DNS:
Networks are split up into “zones”
DNS server is said to be authoritative for the zone it serves.
Directory Services:
A directory service is a database containing a hierarchy of users, computers, printers and attributes of each. The directory is used mainly for lookup purposes – to allow users to break down resources. Most directory services are built on the X.500 model or use LDAP to access the directory database.
Intranets and Extranets:
Private I/P address ranges (Non-routed) are:
10.0.0.0 – 10.255.255.255 Class A
172.16.0.0 – 172.31.255.255 16 * Class B
192.168.0.0 – 192.168.255.255 256 * Class C
Network Address Translation:
Network address translation forms a gateway between a network and the internet or another network. The gateway performs transparent routing and address translation. Some attributes of this process are:
Hides true internal IP address information from the outside world.
The NAT device needs to remember the internal IP address and port to send the messages back to.
Metropolitan Area Network (MAN):
A MAN is usually a backbone that connects businesses to WANS, the Internet and other businesses. A majority of today’s MANs are Synchronous Optical Network (SONET) or FDDI rings provided by local telephone companies.
Wide Area Network (WAN):
WAN technologies are used when communication needs to take place over a larger geographical area.
There are several technologies in the WAN arena, several of which are discussed below.
The SONET (Synchronous Optical Network) gives all the world’s carriers the ability to interconnect.
ATM encapsulates data in fixed cells and can be used to deliver data over SONET. The fixed size provides better performance and reduced overhead.
A quick snapshot at telecom history:
Copper lines carrying analog information
T1 lines carrying up to 24 conversations
T3 lines carrying up to 28 T1 lines
Robert A. Keller, III
IA Instructor/ Writer
44
Fiber optics and the SONET network
ATM over SONET
Types and speed of standard leased lines:
DS0: Single 64k channel on a T1 facilities
DS1: 1.544mbps on a T1 (2.108 on a E1 in Europe)
DS3: 44.756mbps on a T3 facility.
Dedicated Links:
Leased line or “point to point” link.
Expensive, but secure
T-Carriers:
Dedicated lines that carry voice or data over trunk lines.
Most common are T1 @ 1.544mbps and T3 @ 45mbps
Multiplexing through TDM (Time division multiplexing)
S/WAN:
Secure WAN, initiative of RSA security who worked with firewall and protocol vendors to build secure firewall-to-firewall connections through the internet.
S/WAN is based on VPNs that are created with IPSEC.
xDSL types
ADSL: More bandwidth down than up.
SDSL: 1.544mbps down and up. Limited to 10,000 feet from exchange.
HDSL: High-rate digital subscriber line. 1.544mbps each way.
VDSL: Very high data rate DSL – 13 to 52mbs downstream and 1.5 to 2.3 upstream. Limited to 1,000 – 4,500 feet from exchange.
Packet Switching vs Circuit Switching:
Circuit Switching Packet Switching
Constant Traffic Bursty Traffic
Fixed delays Variable delays
Connection-oriented Connectionless
Robert A. Keller, III
IA Instructor/ Writer
45
Sensitive to loss of connection Sensitive to loss of data
Voice oriented Data Oriented
WAN Technologies
CSU/DSU:
Channel service unit / data service unit: required when digital equipment will be used to connect a LAN network to a WAN network
Necessary because the frames are so different between LAN and WAN equipment.
DSU converts signals from routers, bridges, etc into signals that can be transmitted over the telephone company’s digital lines
CSU connects the network directly to the telephone company lines.
Provides an interface for DTE and DCE devices such as the router and the carrier’s switch.
Switching:
There are two main types of switching, circuit switching and packet switching:
Circuit Switching:
Connection oriented virtual links (ISDN, telephone call)
Traffic travels in a predictable and constant manner
Fixed delays
Usually carries voice oriented data
Packet Switching:
Packets can use many different dynamic paths to get to the same destination
Supports traffic that is bursty
Variable delays
Usually carries data-oriented information.
Internet, X.25 and Frame Relay are all packet switching networks.
Frame Relay:
Frame relay is a WAN protocol that operates at the data link layer. Frame Relay uses packet switching technology as an alternative to expensive dedicated lines.
Companies that pay more to ensure a higher level of bandwidth availability pay a “committed information rate” or CIR.
Virtual Circuits:
Frame relay forwards frames across virtual circuits. These can be permanent meaning they are programming in advance, or switching means it is built when needed an then torn down.
The PVC (Permanent Virtual Circuit) works like a private line for a customer with a CIR. A PVC is programmed to ensure bandwidth availability.
Robert A. Keller, III
IA Instructor/ Writer
46
X.25
X.25 is an older WAN technology that defined how networks and devices establish and maintain connections. X.25 is a switching technology.
Data is divided into 128 bytes and encapsulated in HDLC frames (High-level Data Link Control).
X.25 is slower than frame relay or ATM due to heavy error checking and correction that is not necessary on more modern networks.
ATM – Asynchronous Transfer Mode:
ATM is another switching technology that uses a cell-switching method instead of packet switching. Like frame relay, ATM is connection-oriented. Cell switching means that data is segmented into fixed size cells (53 bytes).
Like Frame Relay, ATM can set up PVCs and SVCs.
SMDS – Switched Multimegabit Data Service:
High-speed packet switched technology used to enable customers to extend their LANs across MANs and WANs. Protocol is connectionless and can provide bandwidth on demand.
SDLC – Synchronous Data Link Control:
Base on networks that use leased lines with permanent physical connections. SDLC is used mainly for communication to IBM hosts within the SNA architecture.
HDLC – High Level Data Link Control:
Bit-oriented link layer protocol used for transmission over synchronous lines, HDLC is an extension of SDLC. HDLC provides high throughput because it supports full duplex.
HSSI – High Speed Serial Interface:
Interface used to connect multiplexers and routers to high-speed services like ATM and Frame Relay.
These interfaces define the electrical and physical interfaces to be used by DTE/DCE devices, thus it works at the physical layer. Developed by CISCO and T3Plus Networking.
Multi-Service Access:
Multi-service access technologies combine different types of communication categories (voice, data and video) over one transmission line.
VOIP can be affected by latency due to Internet being packet oriented switching technology vs. circuit switching. This is referred to as “jittering”.
H.323
Robert A. Keller, III
IA Instructor/ Writer
47
Standard that deals with video, audio and data packet-based transmissions where multiple users can be involved with the data exchange. H.323 terminals are connected to gateways or the gateways are connected to PSTN.
Packet switching technologies include X.25, LAPB, FRAME RELAY, ATM and SMDS.
REMOTE ACCESS
Remote access covers technologies that enable remove and home users to access networks.
Dial-up and RAS:
Remote access is usually gained by connecting to a network access server (NAS). NAS acts as a gateway and end point for a PPP connection.
ISDN:
Integrated services digital network. ISDN breaks the telephone line into different channels and transmits data in a digital form vs. the old analog method. There are 3 types of ISDN implementation:
BRI: Basic Rate Interface: Operates over existing copper lines in the local loop and provides digital voice and data channels. Uses two B channels and 1 D channel.
PRI: Primary Rate Interface: 23 B channels and one D channel operating at 64k. Equivalent to a T1 circuit.
BISDN: Broadband ISDN. Mainly used with backbones over ATM/SONET.
B channels enable data to be transferred.
D channel provides for call setup, error control, caller id and more.
ISDN is a circuit switching point-to-point protocol.
DSL – Digital Subscriber Line:
Uses existing phone lines
Have to be within a 2.5 mail radius of the provider’s equipment.
Cable Modems:
High speed Internet access through coaxial and fiber lines.
Bandwidth shares between users in a local area.
Security concerns: Network sniffers on shared medium.
VPN – VIRTUAL PRIVATE NETWORKS
Robert A. Keller, III
IA Instructor/ Writer
48
A virtual private network is a secure private connection through a public network or otherwise insecure environment. VPNs are often used to provide a connection between two routers.
Tunneling Protocols:
VPNs use tunneling protocols to create a virtual path across a network. There are three main tunneling protocols used in VPN connections: PPTP, L2TP and IPSEC
PPTP:
Point to point tunneling protocol. Encapsulation protocol based on PPP. PPTP works at the data link layer and encrypts and encapsulates packets.
There are a few weaknesses with PPTP. Negotiation information is exchanged in clear text and can be easily snooped. PPTP is a Microsoft developed protocol.
Designed for client/server connectivity
Sets up a single point-to-point connection between two computers
Works at the data link layer
Transmits only over I/P networks
L2F:
Layer 2 Forwarding:
Created before L2TP by Cisco
Merged with PPTP to create L2TP
Provides mutual authentication, but no encryption.
L2TP:
Layer 2 Tunneling Protocol. L2TP combines L2F with PPTP.
PPTP can only run on top if I/P. L2TP can use other protocols such as IPX and SNA
PPTP is an encryption protocol, L2TP is not. L2TP is often used in conjunction with IPSEC for security.
L2TP supports TACACS+ and RADIUS, PPTP does not.
IPSEC:
Handles multiple connections at the same time
Provides secure authentication and encryption
Supports only IP networks
Focuses on LAN-LAN communication
Works at network layer –> Security on top of I/P
Can work in tunnel mode where both header and payload are encrypted, or transport mode where only the payload is encrypted.
PPP:
PPP encapsulates messages and transmits them through an IP network ove a serial line. PPP supports different authentication methods such as Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP) and Extensible Authentication Protocol (EAP).
Robert A. Keller, III
IA Instructor/ Writer
49
PAP, CHAP, EAP:
PAP: Least secure of the three options as credentials are sent in clear text. Also vulnerable to reply attacks.
CHAP: Uses a challenge/response mechanism instead of sending a username and password. Client sends host a logon request and the host returns a random “challenge” value. The challenge is encrypted with the user password and returned to the host. The server performs the same encryption and determines whether or not there was a match.
CHAP is not vulnerable to “man in the middle” attacks because it continues this challenge/response activity throughout the connection.
EAP: Extensible Authentication Protocol. EAP is not a specific mechanism like PAP or CHAP but is more of a framework to allow many different types of authentication mechanism. EAP extends the authentication possibilities to other methods like one-time passwords, token cards, biometrics and future mechanisms.
Network and Resource Availability:
Some general guidelines are:
Watch out for single points of failure
Use ISDN or modem backup for WANs
Use UPS’ and RAID (striping and/or mirroring)
Clustering provides for fault tolerance, load balancing and failover.
RAID types:
Raid#
Name
Description
Level 0
Striping
Data is striped over several drives, but there is no redundant drive. Used for performance enhancement. If one drive fails, the whole volume is unusable.
Level 1
Mirroring
Data is written to two drives at once. If one fails, the other has the same data. This is an expensive option as each drive has another whole drive with the same information.
Level 2
Hamming Code Parity
Data is striped over all drives at bit level. This array uses 39 drives, 32 for data and 7 for parity. Not used in practice.
Level 3
Byte Level Parity
Data is striped over all drives, parity is held on just one drive. If a drive fails, it can be reconstructed from the parity drive.
Level 4
Block Level Parity
Same as level 3 except data is striped in disk sector units rather than blocks of bits or bytes.
Level 5
Interleave Parity
Data is written to disk sector units across all drives. Parity is written to all drives. There is no single point of failure because parity is written to all drives. Uses XOR algorithm.
Level 6
Second Parity Data
Similar to level 5 but with added fault tolerance – second set of parity data written to all drives.
Level 7
Variation of RAID 5 where the array functions as a single virtual disk in the hardware.
Level 10
Level 1 + Level 0
Data is striped across multiple RAID1 pairs.
Level 15
Level 5 + Level 1
Two complete RAID5 systems are mirrored for additional fault tolerance.
WIRELESS TECHNOLOGIES
Broadband wireless occupies band 2 to 24ghz
Robert A. Keller, III
IA Instructor/ Writer
50
IEEE 802.16 deals with wireless MANs
IEEE 802.11 deals with wireless LANs
Higher frequency can carry more data, but a shorter distance
WLANS work in the 2.4 & 5ghz unlicensed bands and there are two IEEE standards, 802.11a and 802.11b:
802.11a is the latest standard, works in the 5ghz range and provides up to 54mbps
802.11b is in the 2.4ghz range and providers up to 11mbps
801.11 uses Wireless Application Protocol (WAP). WAP uses WML (Wireless Markup Language) and WMLScript to present web based material. WAP has its own session and transaction protocols and a transport layer security protocol called WTLS (Wireless Transport Layer Security).
A WAP gateway is required to translate WAP protocols to the internet. Encrypted data from a wireless device comes in with WTLS but must be converted into SSL or TLS by the gateway. For a second or two, the WTLS data will be decrypted for conversion into SSL – this is referred to as the gap in the WAP.
Wireless Technology (Prep Guide):
IEEE 802.11 refers to a family of specifications for wireless LANs. The current 802.11 standard all use CSMA/CD.
802.11: Original wireless LAN standard. 1 or 2mpbs speed in the 2.4ghz band using DSS or FHSS.
802.11b: 11mpbs (autoslows to 5.5, 2 or 1mpbs based on signal strength). Uses only DSSS. Also known as wi-fi.
802.11a: Up to 54mbs in the 5ghz range. Uses orthogonal FDM.
802.l11g: 20mbps to 54mpbs in the 5ghz range.
802.11e: Draft standard to provide QOS features and multimedia support.
Spread Spectrum Technology:
Spread Spectrum Technology broadcasts signals over a range of frequencies. Receiving device must know the correct frequency of the spread spectrum signal being broadcast. Two spread spectrum technologies currently exist:
Direct-Sequence Spread Spectrum (DSSS): Redundant bit pattern for each bit to be transmitted – spread over a wide frequency. Because it is spread over the spectrum, the number of discrete channels in the 2.4ghz band is small.
Frequency-Hopping Spread Spectrum (FHSS): Uses a narrow band carrier that continually changes frequency in a known pattern. Source and destination devices must be synchronized to be on the same frequency at the same time.
Both of the above appear as line noise to a non spread-spectrum device.
AD-HOC mode: Access is Peer to peer.
Infrastructure mode: Access is via an access point (wireless hub).
Wireless Application Protocol (WAP):
Robert A. Keller, III
IA Instructor/ Writer
51
Wireless application protocol is a set of technologies related to HTML but tailored to small screens. The most noticeable is HDML: Handheld device markup language.
WAP has 5 layers: Application, session, transaction, security and transport
Application Layer:
Microbrowser, WML (Wireless Markup Language), WMLScript and Wireless Telephony Applications (WTA)
Session Layer:
Contains the Wireless Session Protocol (WSP), which is similar to HTTP. WSP facilitates transfer of content between WAP clients and gateway. WSP provides a connection-oriented mode and a connectionless mode.
Transaction Layer:
Providers the Wireless Transaction Protocol (WTP). Similar functionality to TCP/TP. Reliable request and response transactions and supports unguaranteed and guaranteed psuh
The transaction layer provides transaction services to WAP and handled acknowledgements.
Security Layer:
The security layer contains WTLS (Wireless Transport Layer Security). WTLS is based on TLS (similar to SSL) and can be invoked in a manner similar to HTTPS. WTLS provides data integrity, privacy, authentication and DOS protection.
Transport Layer:
The transport layer supports the Wireless Datagram Protocol (WDP) which provides an interface to bearers of transportation. The transport layer supports CDPD, GSM, CDMA, TDMA, SMS and Flex.
Wired Equivalent Privacy (WEP) Encryption:
WEP is an option in 802.11b. It uses a 40-bit shared key, RC4 pseudorandom number generator and a 24 bit initialization vector. WEP works in the following manner:
1. Checksum of message computed and appended to the message.
2. Shared secret key and initialization vector are fed to the RC4 algorithm to produce a keystream.
3. The keystream is XORed with the msg and checksum and produces ciphertext.
4. The initialization vector is appended to the ciphertext message and the message is sent to the recipient.
5. The recipient who has the same secret key generates the same keystream with the IV.
6. The generated keystream is XORed with the ciphertext to yield the original message.
WEP is not considered secure due to the 40-bit encryption.
CISSP Domain 4 – Application and System Development
DOMAIN 4 – Application and System Development
Robert A. Keller, III
IA Instructor/ Writer
52
“The division between software security and device security deals with providing security at the beginning stages of software development versus providing devices that protect the perimeter of networks”.
“If an application fails for any reason, it should resume to a safe state”
Database Management:
“Database access control can be restricted by only allowing roles”
Database Models:
Relational Database Model: Uses attributes (columns) and tuples (rows) to contain and organize information. Presents information in the form of tables.
Hierarchical Data Model: Combines records and fields that are related in a logical tree structure. Used for mapping one-to-many relationships.
Distributed Data Model: Data stored in more than one database, but logically connected.
Relational Database Components:
Most databases contain the following core functions:
Data Definition Language (DDL)
Data Manipulation Language (DML)
Query Language (QL)
Report Generator.
DDL defines the structure and schema of a database.
Data Dictionary: The data dictionary is a central repository of data elements and their relationships. The Data Dictionary includes definitions of views, data sources, relationships, tables, indexes, etc. When new tables, new views or new schema are added, the data dictionary is updated to reflect this.
Integrity:
Can run into concurrency problems. Record locking prevents this.
Database software performs to main types of integrity services:
Semantic Integrity: Makes sure that structural and semantic rules are enforced.
Robert A. Keller, III
IA Instructor/ Writer
53
Referential Integrity: No record can contain a reference to a primary key of a non-existing record or NULL value. Database must also not contain unmatched foreign key values.
Database Security Issues:
Two main database security issues are aggregation and inference:
Aggregation:
Aggregation is figuring out complete information you don’t have access to by using components of that information you do have access to. The combined information has a sensitivity that is greater than the sum of the parts.
Queries could be tracked and restricted based on context-dependant classification used to check what data the users has already accessed.
Inference:
Inference is similar to aggregation and involves the ability to derive information that is not explicitly available from information that is available. For example, a clerk does not have access to troop movements but does have access to food and tent deployment.
Again, context-dependant classification rules can help prevent anything that looks like inference.
Database security looks at the contents of the file rather than the file itself as an operating system could. This is content-dependant access control which increases processing overhead but provides more granular control.
Polyinstantiation:
Polyinstantiation enables a relation to contain multiple tuples with the same primary key but at different security classifications.
System Development
Security management is an important aspect of project management.
The following is a typical list of lifecycle phases:
Project initiation
Functional design, analysis and planning
System design specifications
Robert A. Keller, III
IA Instructor/ Writer
54
Software development
Installation / Implementation
Operational Maintenance
Disposal.
System Design Specifications:
Informational, functional and behavioral model information goes into the software design as requirements. What comes out of the design is data, architectural and procedural design.
Installation / Implementation:
Certification is the process of reviewing and evaluating security controls and is usually a task assigned to an outside independent reviewer.
Accreditation is the formal acceptance of the system by key management and in implicit acceptance of risk. Once management accepts the residual risk, they should issue a formal accreditation statement.
Verification – does the product match the specification?
Validation – Fitness or worth of a software product for its operational mission.
”Verification is doing the job right, Validation is doing the right job”
System Life Cycle Phases:
Project Initiation:
Concept of project definition
Proposal and initial study
Functional design analysis and planning
Robert A. Keller, III
IA Instructor/ Writer
55
Requirements uncovered and defined
System environment specifications determined
System design specifications:
Functionality design review
Functionality broken down
Detailed planning put into place
Code design
Software development:
Developing and programming software
Installation
Product installation and implementation
Testing and Auditing
Maintenance Support
Product changes, fixes and minor modifications
Revision and Replacement
Modifying the product with revisions, or, replacing it completely.
Waterfall Model:
The steps of a typical waterfall model are:
Robert A. Keller, III
IA Instructor/ Writer
56
System feasibility
Software plans and requirements
Product design
Detailed design
Code
Integration
Implementation
Operations and Maintenance
Spiral Model:
Angular dimensions represent progress made in completing the phases.
Radial dimension represents cumulative project costs.
The model states that each cycle of the spiral involves the same series of steps for each part of the project.
Cost Estimation Models:
Basic COCOMO model estimates development effort and cost as a function of the number of source instructions:
MM = 2.4KDSI (MM = Man months, KDSI = K developed source instructions)
TDEV = 2.5mm
Maintenance:
Maintenance phases can be divided into 3 sub-phases:
1. Request control
2. Change control
Robert A. Keller, III
IA Instructor/ Writer
57
3. Release control
Change Control:
Configuration management is the process of controlling the life cycle of an application and documenting the necessary change control activities. Configuration management is used to manage changes and new versions of software products. BS7799 addresses configuration management.
The following definitions are associated with Configuration Management:
Configuration Item (CI): Component whose state is to be recorded.
Version: A recorded specific state of a configuration item.
Configuration: Collection of component configuration items that comprise a configuration item in some stage of its evolution. Can be recursive.
Building: Assembling a version of a configuration item from component configuration items.
Build List:
Software Library:
Software Capability Maturity Model (CMM):
Robert A. Keller, III
IA Instructor/ Writer
58
The Software CMM is based on the premise that the quality of a software product is a direct function of the quality of its associated development and maintenance processors.
5 maturity levels are:
Level 1: Initiating : Good people in place. Processes performed ad-hoc.
Level 2: Repeatable : Project management processes in place.
Level 3: Defined : Engineering processes and organizational support.
Level 4: Managed : Product and process quantitatively controlled.
Level 5: Optimizing : Continued process improvements. Institutionalized.
The software CMM is a component that supports the concept of continuous process improvement. This concept is embodied in the SEI process improvement IDEAL model:
Initiate |
Diagnose |
Establish | = IDEAL!
Action |
Leverage |
Application Development Methodology
Object-Oriented Concepts:
Robert A. Keller, III
IA Instructor/ Writer
59
A shared potion of an object is the interface. The private portion of an object facilitates data hiding.
Abstraction is the capability to suppress unnecessary details so that the important, inherent properties can be examined and reviewed.
Polymorphism: An object’s response to a message is defined by the class to which the object belongs. Different objects can respond to the same input in different ways.
Encapsulation: Hides internal data and operations not exposed via the interface.
Polyinstantiation: Multiple distinct differences between data within objects to discourage lower level subjects from learning information at a higher level of security.
Inheritance: Shares properties and attributes with subclasses.
Cohesion and Coupling:
Modules should be self-contained and perform a single logical function with as little external help as possible. This is cohesion and the goal for a module is to have high cohesion.
Modules should not drastically affect the behavior of each other. This is low coupling.
ORBs and CORBAs:
The OMA is the Object Management Architecture. ORB manages all communication between components and enables them to interact an a heterogeneous and distributed environment.
ORB is the middleware that established the client/server relationship between objects.
Robert A. Keller, III
IA Instructor/ Writer
60
CORBA provides standard interface definitions between OMG compliant objects.
COM and DCOM:
The component object model (COM) defines how components interact and provides an architecture for simple IPC. DCOM is a distributed model based on COM. DCOM has a library that takes care of session handling, synchronization, buffering, fault identification and handling, and data format translation.
OLE – Object Linking and Embedding:
OLE uses COM as its base and allows objects to be embedded within documents and for linking different resources and objects.
The capability for one program to call another is called linking.
The capability to put a piece of data inside a foreign program or document is called embedding.
DDE – Dynamic Data Exchange:
DDE enables different applications to share data by providing IPC. DDE is a communication mechanism that enables direct connection between two applications.
Distributed Computing Environment (DCE):
DCE is a standard developed by the OSF – Open Software Foundation (also called “the open group”). DCE is middleware providing RPC service, security services, directory service, time service and distributed file support.
DCE is a layer of software that sits on top of the network layer.
Robert A. Keller, III
IA Instructor/ Writer
61
** DCOM uses a globally unique identifier (GUID).
** DCE uses a universal unique identifier (UUID).
Expert Systems and Knowledge Based Systems:
Expert systems usually consist of two parts, an inference engine and a knowledge base. The inference engine handles the user interface, external files, scheduling and program-accessing capabilities.
The knowledge engine contains data pertaining to a specific problem or domain.
ANN = Artificial Neural Network.
Malicious Code (MALWARE):
Virus: Infects applications. Main function is to reproduce. Macro viruses are easy to write and office products are in wide use.
Worms: Reproduce on their own with no need for a host application.
Logic Bomb: Will execute certain code when a specific event happens.
Trojan Horse: Program disguised as another program.
Attacks:
Robert A. Keller, III
IA Instructor/ Writer
62
SMURF: Requires an attacker, a victim and an amplifying network. ICMP ECHO packets are sent to the broadcast address of a large network with the return address spoofed to be that of the victim. The target network will drown the victim with responses. A counter against the smurf attack is to disable broadcast packets at the border router.
Fraggle: Similar to SMURF but uses UDP instead of ICMP.
SYN Flood: Repeated SYN packets that will not respond to the SYN/ACK packets.
Teardrop: Send very small packets with invalid fragment offset causing the computer to freeze or crash.
Cryptography
A “substitution cipher” is where one character is replaced with another. “Monoalphabetic” substitution uses only one alphabet.
The papyrus around the staff is a “scytale” cipher.
Enigma Machine: The crucial and secret part of the process (the key) was how the operators advanced the rotors when encrypting and decrypting a message.
Cryptography Definitions:
Cryptosytem: A system that provides encryption and decryption
Key: The secret piece of a well-known encryption algorithm
Keyspace: Range of values that can be used to construct a key.
Cryptography: The science of encrypting written communication.
Cryptanalaysis: The process of trying to decrypt encrypted data without the key.
Work Factor: Estimate of the effort it would take an attacker to penetrate an encryption method.
Robert A. Keller, III
IA Instructor/ Writer
63
Cryptology: Study of both cryptography and cryptanalysis.
Key Clustering: When two (or more) different keys generate the same ciphertext from the same plain text, this is known as “key clustering”.
Goals of CryptoSystems:
Confidentiality – Unauthorized parties cannot access the information.
Authenticity – Validating the source of a message.
Integrity – Assurance that a message was not modified during transmission.
Non-Repudiation – Sender cannot layer deny sending the message and the receiver cannot deny receiving it.
Types of Ciphers:
Substitution: Uses a key to know how substitution should be carried out.
Transposition: Permutation is used. Does not replace original text with different text – text is moved around.
Simple substitution and transposition methods are vulnerable to “frequency analysis”
Running and Concealment Ciphers:
Running Key Cipher: Does not require a key or algorithms, but steps in the physical world. For example, references to a book. The “key” in this situation is “which book?”
Concealment Cipher: A cipher that hides the message among garbage. For example, have each word appear every 5th word in a sentence. “Buy gold” might become “Product is a good buy, it has ten percent gold content”.
Robert A. Keller, III
IA Instructor/ Writer
64
Government Involvement with Cryptography:
v Harry Truman created the NSA in 1952.
v In 1993, government introduced the Clipper chip, based on the Skipjack algorithms. Each chip unit has a key, which encrypts a copy of each user’s session key. Each chip also has a unique serial number and a copy of the unit key is stored in a database under this serial number. The transmitted message contains a Law Enforcement Access Field (LEAF), which contains the serial number of the chip that encrypted the message. The unit key can be retrieved from the database, used to decrypt the session key, which in turn can be used to decrypt the message.
Weaknesses in the Clipper Chip include:
SkipJack algorithm was never publicly scrutinized and tested
80 bit key is weak by current standards.
16 bit checksum can be defeated
The clipper chip ID tagged and identified every communication session.
Key Escrow:
Unit key split in two and given to two different agencies to maintain. Officer needs a court order to request the unit key.
Methods of Encryption
Cryptographic algorithms can use either symmetric keys (secret keys) or asymmetric keys (public keys).
Symmetric Cryptography:
Robert A. Keller, III
IA Instructor/ Writer
65
Both parties use the same key for encryption and decryption
Each pair of users exchanging messages needs their own set of keys – key management becomes a pain.
Initial key exchange needs to be out of band
Because the same keys are used for encryption and decryption, it does not provide authentication and non-repudiation.
Fast and hard to break when a large key size is used.
The following algorithms all use Symmetric (Secret) Key Cryptography:
Data Encryption Standard (DES)
Triple DES (3DES)
Blowfish
IDEA
RC4, RC5 and RC6
Asymmetric Cryptography:
Each entity has different keys, a private key and a public key. The two keys are mathematically related, but cannot be derived from one another
A message can only be decrypted with the public key if it was encrypted with the private key – provides authentication
If confidentiality is most important, the sender encrypts with the receiver’s public key and the message can now only be read with the receiver’s private key. This is called a secure message format.
If authentication is most important, the sender encrypts with his own private key. The receiver knows it came from the sender because it can be decrypted with the sender’s public key. This is known as open message format because anyone with the sender’s public key can read it.
For a message to be A secure and signed format, the sender should encrypt with his own private key and then again with the receiver’s public key.
Strengths of Asymmetric cryptography:
Better key distribution than with symmetric systems.
Better scalability than symmetric systems
Can provide confidentiality, authentication and non-repudiation.
Weaknesses
Works much slower than symmetric systems.
The following are asymmetric key algorithms:
RSA
Elliptical Curve Cryptosystem (EC)
Diffe-Hellman
El-Gamal
Digital Signature Standard (DSS)
Robert A. Keller, III
IA Instructor/ Writer
66
Stream and Block Ciphers:
There are two main types of symmetric algorithms: stream and block ciphers:
Block Cipher: The message is divided into blocks and bits and the blocks are then put through transposition, substitution and other functions. Block ciphers use confusion and diffusion in their methods. The key dictates what S-boxes are used and in what order.
Stream Cipher: Entire message is treated as a stream of bits or bytes. Some stream ciphers use a “keystream generator”. The key provides randomness to the keystream that is applied to the plaintext.
A strong stream cipher algorithm has the following characteristics:
Long periods of non-repeating patterns within keystreams.
Statistically unpredictable
Keystreams are not linearly related to the key.
Statistically unbiased – as many 0s as 1s.
Stream ciphers are more suited to hardware encryption because they operate a bit at a time. Block ciphers are better suited to software-based encryption.
Types of Symmetric Encryption Systems
Data Encryption Standard:
DES is a block encryption algorithm using 64-bit blocks. It uses a 64-bit key: 56 bits of true key and 8 for parity. Characters are put through 16 rounds of transposition and substitution.
Devised in 1972 as a derivation of the “Lucifer” system
DES Describes the DEA (Data Encryption Algorithm)
FIPS PUB 46-1 (1977) and ANSI X3.92 (1981)
64bit blocks, 56 bit key and 16 rounds of transformation
Uses confusion and diffusion for encrypting plain text.
Confusion: Conceals statistical connection between ciphertext and plain text. Uses non-linear substitution boxes (S-Boxes)
Diffusion: Spreads the influence of a plain text character over many ciphertext characters.
DES has 4 distinct modes of operation:
Electronic Code Book (ECB): Native encryption method for DES. Electronic codebook literally operates like a codebook. For a given block of plaintext and a given key, the same set of ciphertext is always produced. ECB uses padding to round up to a 64-bit block boundary. ECB is used for small amounts of data such as challenge-response or key management. Not good for large amounts of data as patterns would eventually show.
Robert A. Keller, III
IA Instructor/ Writer
67
Cipher Block Chaining (CBC): In Cipher Block Chaining, the value of the previous block processed is a part of the algorithm and key for the next block, so, patterns are not revealed. This chaining effect means that a particular ciphertext block is dependant on all the blocks that came before it, not just the current block.
Cipher Feedback Mode (CFB): Previously generated ciphertext from the last block is input to the algorithm to generate random values. Another way of chaining blocks together, but instead of using a value from the previous block, CFB uses the previous block in the ciphertext and combines it with the next block. This mode is used when encrypting individual characters is required.
Output Feedback Mode (OFB): Similar to CFB but functions like a stream cipher by generating a random stream of bits to be combined with the plaintext to create ciphertext.
Simulates a one-time pad. Ciphertext is fed back to the algorithm to form a portion of the next input to encrypt the stream of bits.
Triple DES (3DES)
Encrypting plaintext with one DES key and then encrypting it with a second DES key is no more secure than using a single DES key, therefore, Triple DES is used to obtain stronger encryption:
DES-EDE2: 2 keys are used. Encrypt with 1, decrypt with 2 and then encrypt with 1 again.
DES-EEE2: 2 keys used. Encrypt with 1, encrypt with 2, encrypt with 1.
DES-EEE3: 3 keys used. Encrypt with 1, encrypt with 2, encrypt with 3. Most secure, but requires 3 keys.
Advanced Encryption Standard (AES):
Uses Rjindael block cipher, which can use 128, 192 or 256 bit keys. AES itself specifies fixed block size of 128 bits. AES is the government standard for encrypting SBU information.
The number of rounds of transformation is a function of the key size used:
256 bit – 14 rounds.
192 bit – 12 rounds.
128 bit – 10 rounds.
TwoFish
128 bit blocks in 16 rounds. Key lengths can be up to 256 bits.
BlowFish:
A block cipher operating on 64 bit blocks with a key length of up to 448 bits. The blocks go through 16 rounds of crypto functions.
IDEA
Robert A. Keller, III
IA Instructor/ Writer
68
Ideas stands for International Data Encryption Algorithm. It operates on 64 bit blocks and uses a 128 bit key. Performs 8 rounds on 16 bit sub-blocks. Each 64 bit block is divided into 16 smaller blocks and each block has 8 rounds of mathematical functions performed on it. IDEA is harder to crack than DES for the same keysize and is used in PGP.
RC5:
Block cipher of variable block length. Key can be 0-2048 bits, blocks can be 32, 64 or 128 bits and the number of rounds can be 0 – 255. Created by Ron Rivest and patented by RSA data
RSA:
Defactor standard for public encryption. Invented by Ron Rivest, Adi Shamir and Leonard Adleman. Developed at MIT. Security comes from the difficulty of factoring large numbers. Public and private key are functions of a pair of large prime numbers. RSA is used in many web browsers with SSL.
El-Gamal
Based on calculating discrete logarithms in a finite field. El-gamal extended Diffie-Hellman to apply to encryption and digital signatures.
Elliptical Curve Cryptosystem (ECC):
Provides much of the same functionality as RSA: Digital signatures, secure key distribution and encryption. ECC is very resource efficient – ideal for smaller devices. ECC providers higher protection with smaller keys than RSA. An ECC key of 160 bits is equivalent to a 1024-bit RSA key.
Public Key Cryptography:
Public key cryptography uses an asymmetric encryption for key encryption and secret key encryption for data. We use an asymmetric algorithm to encrypt the secret key.
Diffie-Hellman: Used for key distribution, NOT encryption and decryption. Subjects can exchange session keys over a non-secure medium without exposing the keys.
Session-Key: “Secret” key used for one data exchange only. Usually randomly generated then encrypted using public cryptography.
Public Key Infrastructure (PKI):
PKI is an ISO authentication framework that uses public key cryptography and X.509 standard protocols.
PKI provides authentication, confidentiality, non-repudiation and message integrity.
The PKI infrastructure contains the pieces that will identify the user, distribute and maintain keys, distribute and maintain certificates and allow certificate revocation.
Robert A. Keller, III
IA Instructor/ Writer
69
Each individual taking part in PKI needs a digital signature signed by a CA. Some well-known Certification Authorities are Entrust and VeriSign. Revocation is handled by the certification revocation list (CRL).
PKI is made up of the following entities and functions:
Certification Authorities
Registration Authorities
Certificate Repository
Certificate Revocation System
Key backup and recovery system
Automatic key update
Management of key histories
Cross-certification with other Cas
Time stamping
Client side software
LDAP is the standard format for accessing certification repositories. Availability and Integrity of LDAP servers is a concern.
ISAKMP: Internet Security Association and Key Management Protocol.
IKE: ISAKMP, Secure Key Exchange Mechanism (SKEME) and Oakley, combined.
In general:
ISAKMP defined the phases for establishing a secure relationship
SKEME describes a secure exchange mechanism
Oakley defined the modes of operation needed to establish a secure connection.
One-Way Hash:
A one-way hash takes a variable length input and produces a fixed-length output, or hash value. A hash value is also known as a message digest. If a sender only wants a specific person to view the hash value sent with the message, the value would be encrypted with a key. This is referred to as the message authentication code. Basically, the MAC is a one-way hash value that is encrypted with a symmetric key.
Robert A. Keller, III
IA Instructor/ Writer
70
Digital Signature:
A digital signature is an encrypted hash value. A digital signature provides authentication because the message digest is encrypted with the sender’s private key.
Overview/review:
A message can be encrypted, providing confidentiality.
A message can be hashed, providing integrity.
A message can be digitally signed, providing authentication and integrity.
A message can be encrypted and signed, providing confidentiality, authentication and integrity.
Digital Signature Standard – DSS:
The Federal Government requires its departments to use the DSA & SHA. SHA creates a 160-bit output which is then input to DSA which signs the message.
The DSA (Digital Signature Algorithm) can only be used for signatures, not encryption.
Different Hashing Algorithms
Good hash functions should have the following characteristics:
Computed on the entire message, not a part of it.
One-way function so that messages are not disclosed by their signatures.
Should be impossible, given a message and its hash value, to compute another message with the same hash value.
Should be resistant to birthday attacks – should not be able to find two messages with the same hash value (collision free).
Some common hashing algorithms include:
Robert A. Keller, III
IA Instructor/ Writer
71
MD2: 128 bit hash, slower than MD4 and MD5
MD4: 128 bit hash.
MD5: 128 bit hash. More complex than MD4. Processes text in 512 bit blocks.
HAVAL: Variable length hash. Haval is a modification of the MD5 algorithm with more protection from common attacks against MD5. Processes text in 1024 bit blocks.
SHA: 160-bit hash value. Used with DSA.
SHA-1: Updated version of SHA.
Attacks against one-way hash functions:
Birthday Attack: Using collusions to reverse engineer hash values. Finding two messages that produce the same hash value.
One-Time Pad:
A one time pad, implemented correctly, is unbreakable as each pad is used only once. A non-repeating set of bits are XORed with the message to produce ciphertext. The key is the same size at the message and the sender and receiver must be perfectly in synch. This encryption method is not practically used much.
Key Management
Key management causes one of the biggest headaches in encryption implementation. RSA and Diffie-Hellman are key exchange protocols.
General rules for keys and key management include:
Robert A. Keller, III
IA Instructor/ Writer
72
Key length should be enough to provide the necessary level of protection.
Keys should be stored and transmitted by secure means.
Keys should be extremely random and use full spectrum of the keyspace
Key lifetime should correspond with the sensitivity of the data it is protecting.
The more the key is used, the shorter its lifetime should be.
The key should be backed up or escrowed in case of emergencies.
The key should be properly destroyed once its lifetime comes to an end.
Link Vs End to End Encryption
Advantages of end-to-end encryption:
Protects information from start to finish
More flexibility for the user in choosing what gets encrypted and how
Higher granularity of encryption is available because each application or user can choose a different key.
Each hop on the network does not need to have a key to decrypt each packet.
Disadvantages of end-to-end encryption:
Headers, addresses and router information is not encrypted and therefore not protected.
Destination needs to have same encryption mechanisms to properly decrypt the message.
Advantages of link (lower layer) encryption:
All data is encrypted, including headers, addresses and routing information.
Users do not need to do anything to initiate it.
Disadvantages of link encryption:
Robert A. Keller, III
IA Instructor/ Writer
73
Each hop must have a key, making key distribution and management more complex.
Messages are decrypted at each hop, thus more points of vulnerability.
Email Standards
Privacy Enhanced Email (PEM):
PEM is a series of message authentication and encryption procedures developed by several governing groups. Primary features are:
Messages are encrypted with DES in CBC mode.
Authentication is provided by MD2 or MD5
Public key management using RSA
X.509 standard for certification structure and format.
Message Security Protocol (MSP):
MSP is the military’s PEM. It was developed by the NSA and is an X.400 compatible application layer protocol.
Pretty Good Privacy (PGP):
PGP uses RSA public key encryption for key management, IDEA for bulk encryption of data and MD5 for authenticity. PGP does not use Certification Authorities but relies instead on a “web of trust”.
Internet Security
“The web is not the internet. The web runs on top of the internet.”
Robert A. Keller, III
IA Instructor/ Writer
74
S-HTTP:
Secure Hypertext Transport Protocol. In this protocol, the client and server agree on a protection method and then the client sends the server its public key. The server generates a session key, encrypts it with the client public key and sends it back. S-HTTP maintains an option connection for the duration of the session.
SSL:
SSL is similar to S-HTTP but protect the communication channel itself instead of individual messages. The server sends a message to the client that a secure session is required and the client sends its public key and security requirements back to the server. The server compares the security parameters with its own to find a match and then sends the client a digital certificate. If the client trusts the certificate, the process continues. SSL keeps the communication path open.
MIME: Multipurpose Internet Mail Extension:
If a message or document contains a multimedia attachment, MIME dictates how that portion of the message should be handled.
S/MIME:
S/MIME is a standard for encrypting and digitally signing mail that contains attachments.
SET – Secure Electronic Transaction:
Security technology proposed by Visa and Mastercard for more secure online credit card transactions. Suppliers never see the credit card information.
Cookies:
Robert A. Keller, III
IA Instructor/ Writer
75
Sometimes cookies can contain login and password information that is either not encrypted or encrypted weakly. This is a vulnerability.
Secure Shell (SSH):
SSH functions as a type of tunneling mechanism that provides terminal like access to remote computers.
IPSEC (Internet Protocol Security):
The IPSEC protocol is a method of setting up a secure channel for protected data exchange between two devices. IPSEC is a widely accepted standard for secure network layer transport. It is usually used to establish VPNs.
IPSEC uses two basic protocols: Authentication Header (AH) and Encapsulating security Payload (ESP).
IPSEC works on one of two modes:
Tunnel Model: only the payload is encrypted.
Transport Mode: payload, routing and header information are all encrypted.
Each device has one security association (SA) for each session connection, one for inbound and one for outbound. The SA contains the configuration that the device needs to know about. Each device has a security parameter index that keeps track of each SA.
When a packet is received, the steps are:
1. Identify appropriate SA, secret key and algorithm.
2. Calculate hash value of the packet to authenticate source and verify data integrity.
3. Authenticate the source.
4. Identify correct cryptographic algorithm (DES or 3DES) and secret key.
5. Decrypt the message.
Robert A. Keller, III
IA Instructor/ Writer
76
ISAKMP: Internet Security Associated and Key Management Protocol.
Cryptography Attacks
The following sections go over active attacks that can relate to cryptography:
Ciphertext Only Attack: Attacker has the ciphertext of several messages encrypted using the same algorithm.
Known Plaintext Attack: Attacker has plaintext and ciphertext of one or more messages. The goal is to discover the key used to encrypt the messages.
Chosen Plaintext Attack: Attacker has plaintext and ciphertext and can choose the plaintext that gets encrypted.
Chosen Ciphertext Attack: Attacker can choose ciphertext to be decrypted and has access to the decrypted plaintext.
Man-in-the-middle attack:
Intercepting public key and replacing it with your own, and then intercepting subsequent messages intended for someone else. Using digital signatures during session-key exchange can circumvent man in the middle attacks.
Dictionary attack:
Running dictionaries of words through one-way HASH functions to see if the hash value matches what you have. Common method of cracking Unix passwords.
Robert A. Keller, III
IA Instructor/ Writer
77
Replay attacks:
When an attacker copies a ticket, breaks the encryption and tries to impersonate the client by resubmitting the ticket at a later time. Kerberos is particularly vulnerable to this type of attack.
Timestamps and sequence numbers are two common counter-measures to replay vulnerabilities.
Wireless Security
Wireless Application Security (WAP):
WAP is a set of protocols that cover layer 7 to layer 3 of the ISO model. The WAP protocol stack contains the following:
Wireless Markup Language (WML)
Wireless Application Environment (WAE)
Wireless Session Protocol (WSP)
Wireless Transport Protocol (WTP)
Wireless Transport Layer Security Protocol (WTLS)
Wireless Datagram Protocol (WDP)
WTLS provides 3 classes of security:
Class 1: Anonymous authentication. Neither client or server is certain of the identify of the other.
Class 2: Server authentication.
Robert A. Keller, III
IA Instructor/ Writer
78
Class 3: Two-way client and server authentication.
HDML: Handheld device markup language is a simple alternative to WML.
C-HTML: Compact HTML, widely used in Japan.
Wired Equivalent Privacy:
Secret key shared between clients and access points. Must have the shared key to associate with the access point.
WEP uses the RC4 variable key-size stream cipher encryption algorithm. RC4 was developed in 1987 by Ronald Rivest and operates in output feedback mode.
Security of the WEB algorithm is weak, in the native 40-bit and even the 128 bit versions.
CISSP Domain 6 – Security Architecture and Models
.
Domain 6 – Security Architecture and Models
A security model is a statement that outlines the requirements necessary to properly support a certain security policy.
“Security is best if it is built into the foundation of operating systems and applications”
Computer Architecture
CPU: Contains ALU, Control Unit and primary storage.
Robert A. Keller, III
IA Instructor/ Writer
79
Protection Rings: Operating system concept. Inner rings have most privileges. Inner rings can directly access outer rings, but not vice versa. A typical arrangement might be:
Ring 0 : Operating system & Kernel
Ring 1 : Remaining parts of operating system
Ring 2 : I/O drives and utilities
Ring 3 : Applications and programs.
MITs MULTICS is an example of an operating system using this concept.
Operating Systems
Operating systems can be in one of several states:
Ready : Ready to resume processing
Supervisory : Executing a highly privileged routine
ProblemState: Executing an application (working on a problem)
WaitState : Waiting for a specific event to complete or resource to become free.
An operating system implements security using many mechanisms, including:
Protection Rings
Mapping Memory
Implementing virtual machines
Working in different states
Assigning trust levels to each process
Process Vs Thread
Robert A. Keller, III
IA Instructor/ Writer
80
A process is a program in execution with its own address space. Threads are pieces of code executed within a process.
Memory Addressing Modes
Register: Addresses registers within the CPU.
Direct: Actual addresses. Usually limited to current memory page.
Absolute: Address of all primary memory space. Can hit any memory address directly.
Indexed: Adding contents of addresses in programs instruction to that of a memory (index) register.
Implied: Operations internal to the processor, such as clearing of a carry bit.
Indirect: The address specified in the instruction contains the address where the actual data can be found.
Processing Methods
Some methods to improve system performance at the hardware level are:
Pipelining: Overlapping the steps of different instructions to run close to concurrently.
CISC: Complex Instruction Set Computer. In earlier technologies, the “fetch” cycle was the slowest port. By packing instructions wtih several operations, number of fetches were reduced.
RISC: Reduced instruction set computer. Instructions are simple and require fewer clock cycles.
Scalar Processor: One instruction at a time.
Superscalar Processor: Enabled concurrent execute of multiple instructions in some pipeline stage.
Very Long Instruction Word (VLIW) Processor: A single instruction specifies more than one concurrent operation.
Robert A. Keller, III
IA Instructor/ Writer
81
System (Security) Architecture
Some of the biggest questions in systems security architecture are:
Where should the protection take place? User’s end? Where the data is stored? Restricting user activities?
At which layers should mechanisms be implemented? Hardware, kernel, o/s, services or program layers?
“The more complex a security mechanism becomes, the less assurance it provides” -> Functionality and Assurance Compromise.
What system mechanisms need to be trusted? How can these entities interact in a secure manner?
Some important terms and definitions relating to system architecture are:
Trusted Computer Base: Combination of protection mechanisms within a system, including hardware, software and firmware. Not every part of a system needs to be trusted and therefore do not fall under the TCB.
Reference Monitor: Abstract system concept that mediates all access the subjects have to objects. This is a concept, not a component.
Security Kernel: Hardware, firmware and software that fall under the TCB and implement the reference monitor concept. The security kernel is the core of the TCB. The security kernel must:
Mediate all access to objects in the system.
Be protected from modification
Be verified as correct.
Robert A. Keller, III
IA Instructor/ Writer
82
Domains: Set of objects that a subject can access. Domains have to be identified, separated and strictly enforced.
Resource Isolation: Enables each subject and object to be uniquely identified, permissions and rights to be assigned independently, accountability to be enforceable and activities to be tracked precisely.
“Security policies that prevent information from flowing from a high security level to a lower security level are multilevel security policies.”
“The execution and memory space assigned to each process is called a protection domain.”
Virtual Machine Monitor: Each “machine” runs at a different security level.
Security Models:
“A model is a symbolic representation of a policy. It maps the desires of the policy into a set of rules to be followed by a computer system.”
“Security policy provides the abstract goals, the security model defines the dos and donts to achieve those goals”
Bell-LaPadula Model:
Developed by the military in the 1970s to address leakage of classified information. Main goal is confidentiality. A system using the Bell-LaPadula model would be classified as a multi-level security system. The Bell-LaPadula is a state machine model, and could also be categorized as an information flow model.
Simple Security Rule : Cannot read data at a higher level.
Robert A. Keller, III
IA Instructor/ Writer
83
Star (*) Property: Cannot write data to a lower level.
Bell-LaPadula also uses a discretionary access control matrix to handle exceptions. This may allow a trusted subject to violate the *-property, but not its intent. IE, a low-sensitivity paragraph in a higher level document being moved to a low-sensitivity document is ok, but might require an override of the * property.
Criticisms of Bell-LaPadula:
Only deals with confidentiality, not integrity.
Does not address access control management.
Does not address covert channels.
Does not address file sharing in more modern systems.
Secure state transition is not explicitly defined.
Only addresses multi-level security policy type.
Biba Model:
The Biba model is also a state machine model and similar to Bell-LaPadula, except is addresses data integrity rather than data confidentiality. The data integrity is characterized by three goals:
1. Protection from modification by unauthorized users.
2. Protection from unauthorized modification by authorized users.
3. Internally and externally consistent.
The following rules of the Biba model implement these goals:
Simple Integrity Axiom: No read down.
Star (*) Integrity Axiom: No writing up.
Robert A. Keller, III
IA Instructor/ Writer
84
Subjects at one level of integrity cannot invoke an object or subject at a higher level of integrity.
Clark-Wilson Model:
The Clark-Wilson model takes a different approach to protecting integrity. Users cannot access objects directly, but must go through programs that control their access.
“Usually in an information flow model (Bell-LaPadula and Biba), information can flow from one level to another until a restricted operation is attempted. At this point, the system checks an access control matrix to see if the operation has been explicitly permitted”.
The Clark-Wilson model defines the following terms:
Constrained Data Item (CDI): Data item whose integrity is to be protected.
Integrity Verification Procedure (IVP): Program that verifies integrity of CDI.
Transformation Procedure (TP):
Unconstrained Data Item: Data outside of the control of the model. For example, input data.
Information Flow Models:
Each object is assigned a security class or value. Information is constrained to flow only in the directions permitted by the security policy.
Robert A. Keller, III
IA Instructor/ Writer
85
Security Modes of Operation
The “mode of operation” defines the security conditions under which the system actually functions:
Dedicated Security Mode: ALL users have the clearance and the “need to know” to all the data within the system.
System-High Security Mode: All users have clearance and authorization to access the information in the system, but not necessarily a need to know.
Compartmented Security Mode: All users have the clearance to all information on the system but might not have need to know and formal access approvial. Users can access a compartment of data only.
Multilevel Security Mode: Permits two or more classification levels of information to be processed at the same time. Users do not have clearance for all of the information being processed.
Limited Access: Minimum user clearance is “not cleared” and the maximum data classification is “sensitive but unclassified”.
Controlled Access: Limited amount of trust placed on system hardware and software.
Trust – assurance of trust implies a much deeper knowledge of the building process, etc.
Systems Evaluation Methods
The “Orange” Book:
Robert A. Keller, III
IA Instructor/ Writer
86
The US Department of Defense developed TCSEC (Trusted Computer Systems Evaluation Criteria) to provide a graded classification for computer system security. The graded classification hierarchy is:
A – Verified Protection
B – Mandatory Protection
C – Discretionary Protection
D – Minimal Security
The evaluation criterion involves 4 main areas: Security, Polciy, Accountabilty and Assustance and Testing, but these break down into 7 specific areas:
1. Security policy – explicit, well defined, enforced by mechanisms in the system itself.
2. Identification – individual subjects must be uniquely identified in the system.
3. Labels – labels must be associated with individual objects.
4. Documentation – test, design and specification documentation. User guides and manuals.
5. Accountability – audit data is captured and protected. Relies on identification.
6. Life Cycle Assurance – Software, hardware and firmware can be tested individually to ensure that each enforces security policy.
7. Continuous Protection – Ongoing review and maintenance of the security.
Products for evaluation under TCSEC are submitted to the National Computer Security Center (NCSC). The Trusted Products Evalation Program (TPEP) puts successfully evaluated products on the Evaluated Product List – EPL.
TCSEC Ratings:
Division D: Minimal Protection
All systems that fail to meet the requirements of the higher divisions fall under this category.
Division C: Discretionary Protection
C1: Discretionary Security Protection
Robert A. Keller, III
IA Instructor/ Writer
87
Based on individuals and/or groups.
Identification and authorization of individual entities.
Protected execution domain for privileges processes.
Design, test and user documentation.
C2: Controlled Access Protection
Security relevant events are audited.
Object reuse concept must be invoked (including memory)
Strict login procedures.
The C2 rating is the most reasonable class for commercial applications.
Division B : Mandatory Protection
Division B enforces mandatory protection by the use of security labels and the reference monitor concept.
B1 : Labeled Security
Each object must have a classification label and each user must have a clearance label.
Security labels are mandatory in class “B”
B2 : Structured Protection
System design and implementation are subject to a more thorough review and testing process.
Well-defined interfaces between system layers.
Covert storage channels are addressed.
Trusted path required for login and authentication.
Separation of operator and administrator functions.
Robert A. Keller, III
IA Instructor/ Writer
88
B3: Security Domains
More granularity in each protection mechanism
Code not necessary to support the security policy is excluded from the system.
Reference monitor component must be small enough to be isolated and tested fully.
System fails to a secure state.
Division A: Verified Protection
Formal methods are used to ensure that all subjects and objects are controlled.
A1: Verified Design
Feature and architectures are not much different than B3, the difference is in the development process.
Assurance is higher because the formality in the way the system was designed and built is much higher.
Stringent change and configuration management.
Summary of Ratings:
D – Minimal Protection
C – Discretionary protection
C1 : Discretionary Security Protection
C2 : Controlled Access Protection
B – Mandatory Protection
B1 : Labeled Security
B2 : Structured Protection
B3 : Structured Domains
A – Verified Protection
A1 : Verified Design
Robert A. Keller, III
IA Instructor/ Writer
89
The Red Book:
TNI (Trusted Network Interpretation). The red book is an interpretation of the Orango book for networks and network components. The Red Book TNI ratings are:
None
C1 – Minimum
C2 – Fair
B2 – Good
DITSCAP
Defense Information Technology Security Certification and Accreditation Process. Has 4 phases:
1. Definition
2. Verification
3. Validation
4. Post Accreditation
NIACAP
National Information Assurance Certification and Accreditation Process. Has several types of accreditation
Side Accreditation: Applications and systems at a self-contained location.
Type Accreditation: An application or system distributed to a number of different locations.
System Accreditation: Major application or general support system.
Robert A. Keller, III
IA Instructor/ Writer
90
CIAP
Commercial Information Security Assessment Process – in development.
ITSEC – Information Technology Security Evaluation Criteria
This accreditation system is used in Europe. Two main elements of a system are evaluated by ITSEC or TCSET: Functionality and Assurance.
Two systems with the same functionality can have different assurance levels. ITSEC separates these two elements and rates them separately. In ITSEC, F1 to F10 rate the functionality and E0 through E6 rate the assurance:
ITSEC TCS
E0 D0
F1 + E1 C1
F2 + E2 C2
F3 + E3 B1
F4 + E4 B2
Robert A. Keller, III
IA Instructor/ Writer
91
F5 + E5 B3
F5 + E6 A1
F6 High Integrity
F7 High Availability
F8 Data Integrity during communication
F9 High Confidentiality (encryption)
F10 Networks with high demands on confidentially and integrity.
Security products or systems are referred to as TOE – Target of Evaluation.
10 functionality classes – F
8 Assurance Levels – Q
7 correctness levels – E
CTCPEC
Canadian Trusted Computer Product Evaluation Criteria
COMMON CRITERIA
International standard evaluation criteria initiated by ISO in 1990 and started in 1993.
One specific set of classifications, internationally recognized. Evaluates a product against a “protection profile” which is structured to address specific security problems.
A product is assigned an EAL – Evaluation Insurance Level – EAL1 – EAL7.
Similar to other criteria, the common criteria answers two basic questions:
Robert A. Keller, III
IA Instructor/ Writer
92
1. What does it do? (functionality)
2. How sure are you? (assurance)
The protection profile contains:
Descriptive elements
Rationale
Functional Requirements
Development Assurance Requirements
Evaluation Assurance Requirements
Certification: Technical evaluation of security components and their compliants for the purpose of accreditation.
Accreditation: Formal acceptance of the system’s overall adequacy by management. Based partly on certification information.
SSE-CMM : System Security Engineering, Capability Maturity Model
Based on the premise “If you can guarantee the quality of the processes that are used by an organization, you can guarantee the quality of the products and services generated by those processes.”
Two dimensions are used to measure the capability of an organization to perform specific activities. The two dimensions are domain and capability.
Domain: All the practices that collectively define security engineering.
Base practices: Related base practices are grouped into Process Areas (PAs)
Capability: Practices that indicate process management and institutionalization capability. Generic Practices (GPs).
The GPs represent activities that should be performed as part of BPs
In the domain dimension, SSE-CMM defined 11 security engineering process areas and 11 administrative process areas.
Threats:
Some threats to security models and architectures are:
Covert Channels: Information flow not controlled by the security mechanism.
Covert timing channel
Covert storage channel.
Addresses in TCSEC B2 and higher.
Robert A. Keller, III
IA Instructor/ Writer
93
Back Doors: Also known as maintenance hooks / trapdoors.
Timing Issues: Also known as ‘asynchronous attack’. Deals with the timing different in the sequence of steps a system uses to complete a task.
Time of Check vs Time of Use (TOC/TOU) – Also known as “race conditions”
Buffer Overflows: “Smashing the stack”.
Each of these can lead to a violation of the system security policy.
Recovery Procedures:
The system must recover/restart from an error in a secure state – maintenance mode: access only by privileged users from privileged terminals.
Failsafe: Program execution terminated, system protected from compromise.
Failsoft (resilient): Non-critical processing is terminated.
Failover: Switching to duplicate (hot) backup in realtime.
Cold start: System cannot be restored to a known secure state.
\
Security Architecture and Models
A security model is a statement that outlines the requirements necessary to properly support a certain security policy.
“Security is best if it is built into the foundation of operating systems and applications”
Robert A. Keller, III
IA Instructor/ Writer
94
Computer Architecture
CPU: Contains ALU, Control Unit and primary storage.
Protection Rings: Operating system concept. Inner rings have most privileges. Inner rings can directly access outer rings, but not vice versa. A typical arrangement might be:
Ring 0 : Operating system & Kernel
Ring 1 : Remaining parts of operating system
Ring 2 : I/O drives and utilities
Ring 3 : Applications and programs.
MITs MULTICS is an example of an operating system using this concept.
Operating Systems
Operating systems can be in one of several states:
Ready : Ready to resume processing
Supervisory : Executing a highly privileged routine
Problem State: Executing an application (working on a problem)
Wait State : Waiting for a specific event to complete or resource to become free.
An operating system implements security using many mechanisms, including:
Protection Rings
Mapping Memory
Implementing virtual machines
Working in different states
Assigning trust levels to each process
Process Vs Thread
A process is a program in execution with its own address space. Threads are pieces of code executed within a process.
Memory Addressing Modes
Register: Addresses registers within the CPU.
Direct: Actual addresses. Usually limited to current memory page.
Absolute: Address of all primary memory space. Can hit any memory address directly.
Robert A. Keller, III
IA Instructor/ Writer
95
Indexed: Adding contents of addresses in programs instruction to that of a memory (index) register.
Implied: Operations internal to the processor, such as clearing of a carry bit.
Indirect: The address specified in the instruction contains the address where the actual data can be found.
Processing Methods
Some methods to improve system performance at the hardware level are:
Pipelining: Overlapping the steps of different instructions to run close to concurrently.
CISC: Complex Instruction Set Computer. In earlier technologies, the “fetch” cycle was the slowest port. By packing instructions wtih several operations, number of fetches were reduced.
RISC: Reduced instruction set computer. Instructions are simple and require fewer clock cycles.
Scalar Processor: One instruction at a time.
Superscalar Processor: Enabled concurrent execute of multiple instructions in some pipeline stage.
Very Long Instruction Word (VLIW) Processor: A single instruction specifies more than one concurrent operation.
System (Security) Architecture
Some of the biggest questions in systems security architecture are:
Where should the protection take place? User’s end? Where the data is stored? Restricting user activites?
At which layers should mechanisms be implemented? Hardware, kernel, o/s, services or program layers?
“The more complex a security mechanism becomes, the less assurance it provides” -> Functionality and Assurance Compromise.
What system mechanisms need to be trusted? How can these entities interract in a secure manner?
Some important terms and definitions relating to system architecture are:
Trusted Computer Base: Combination of protection mechanisms within a system, including hardware, software and firmware. Not every part of a system needs to be trusted and therefore do not fall under the TCB.
Reference Monitor: Abstract system concept that mediates all access the subjects have to objects. This is a concept, not a component. In order for a reference monitor to be trusted:
It must be tamperproof (isolation)
It must be invoked for all access requests to an object – there must be no path that can by bypass the reference monitory (completeness)
Must be small enough for thorough validation (verifiability)
Robert A. Keller, III
IA Instructor/ Writer
96
Security Kernel: Hardware, firmware and software that fall under the TCB and implement the reference monitor concept. The security kernal is the core of the TCB. The security kernal must:
Mediate all access to objects in the system.
Be protected from modification
Be verified as correct.
Domains: Set of objects that a subject can access. Domains have to be identified, seperated and strictly enforced.
Resource Isolation: Enables each subject and object to be uniquely identified, permissions and rights to be assigned independantly, accountability to be enforceable and activities to be tracked precisely.
“Security policies that prevent information from flowing from a high security level to a lower security level are multilevel security policies.”
“The execution and memory space assigned to each process is called a protection domain.”
Virtual Machine Monitor: Each “machine” runs at a different security level.
Security Models:
“A model is a symbolic representation of a policy. It maps the desires of the policy into a set of rules to be followed by a computer system.”
“Security policy provides the abstract goals, the security model defines the dos and donts to achieve those goals”
Bell-LaPadula Model:
Developed by the military in the 1970s to address leakage of classified information. Main goal is confidentiality. A system using the Bell-LaPadula model would be classified as a multi-level security system. The Bell-LaPadula is a state machine model, and could also be categorized as an information flow model.
Simple Security Rule : Cannot read data at a higher level.
Star (*) Property: Cannot write data to a lower level. Confinement property
Bell-LaPadula also uses a discretionary access control matrix to handle exceptions. This may allow a trusted subject to violate the *-property, but not its intent. IE, a low-sensitivity paragraph in a higher level document being moved to a low-sensitivity document is ok, but might require an override of the * property.
Criticisms of Bell-LaPadula:
Only deals with confidentiality, not integrity.
Does not address access control management.
Does not address covert channels.
Does not address file sharing in more modern systems.
Secure state transition is not explicitly defined.
Only addresses multi-level security policy type.
Robert A. Keller, III
IA Instructor/ Writer
97
Biba Model:
The Biba model is also a state machine model and similar to Bell-LaPadula, except is addresses data integrity rather than data confidentiality. The data integrity is characterized by three goals:
1. Protection from modification by unauthorized users.
2. Protection from unauthorized modification by authorized users.
3. Internally and externally consistent.
The following rules of the Biba model implement these goals:
Simple Integrity Axiom: No read down.
Star (*) Integrity Axiom: No writing up.
Subjects at one level of integrity cannot invoke an object or subject at a higher level of integrity.
Clark-Wilson Model:
The Clark-Wilson model takes a different approach to protecting integrity. Users cannot access objects directly, but must go through programs that control their access.
“Usually in an information flow model (Bell-LaPadula and Biba), information can flow from one level to another until a restricted operation is attempted. At this point, the system checks an access control matrix to see if the operation has been explicity permitted”.
Unlike Biba, the Clark-Wilson model addresses all THREE integrity goals:
Preventing unauthorized users from making modifications.
Maintaining internal and external consistency
Preventing authorized users from making improper modifications.
The Clark-Wilson model defines the following terms:
Constrained Data Item (CDI): Data item whose integrity is to be protected.
Integrity Verification Procedure (IVP): Program that verifies integrity of CDI.
Transformation Procedure (TP):
Unconstrained Data Item: Data outside of the control of the model. For example, input data.
Information Flow Models:
Each object is assigned a security class or value. Information is constrained to flow only in the directions permitted by the security policy.
Robert A. Keller, III
IA Instructor/ Writer
98
Security Modes of Operation
The “mode of operation” defines the security conditions under which the system actually functions:
Dedicated Security Mode: ALL users have the clearance and the “need to know” to all the data within the system.
System-High Security Mode: All users have clearance and authorization to access the information in the system, but not necessarily a need to know.
Compartmented Security Mode: All users have the clearance to all information on the system but might not have need to know and formal access approval. Users can access a compartment of data only.
Multilevel Security Mode: Permits two or more classification levels of information to be processed at the same time. Users do not have clearance for all of the information being processed.
Limited Access: Minimum user clearance is “not cleared” and the maximum data classification is “sensitive but unclassified”.
Controlled Access: Limited amount of trust placed on system hardware and software.
Trust – assurance of trust implies a much deeper knowledge of the building process, etc
Systems Evaluation Methods
The “Orange” Book:
The US Dept of defense developed TCSEC (Trusted Computer Systems Evaluation Criteria) to provide a graded classification for computer system security. The graded classification hierarchy is:
A – Verified Protection
B – Mandatory Protection
C – Discretionary Protection
D – Minimal Security
Robert A. Keller, III
IA Instructor/ Writer
99
The evaluation criterion involves 4 main area: Security, Policy, Accountability and Assurance and Testing, but these break down into 7 specific areas:
1. Security policy – explicit, well defined, enforced by mechanisms in the system itself.
2. Identification – individual subjects must be uniquely identified in the system.
10. Labels – labels must be associated with individual objects.
11. Documentation – test, design and specification documentation. User guides and manuals.
12. Accountability – audit data is captured and protected. Relies on identification.
13. Life Cycle Assurance – Software, hardware and firmware can be tested individually to ensure that each enforces security policy.
14. Continuous Protection – Ongoing review and maintenance of the security.
Products for evaluation under TCSEC are submitted to the National Computer Security Center (NCSC). The Trusted Products Evaluation Program (TPEP) puts successfully evaluated products on the Evaluated Product List – EPL.
TCSEC Ratings:
Division D : Minimal Protection
All systems that fail to meet the requirements of the higher divisions fall under this category.
Division C : Discretionary Protection
C1: Discretionary Security Protection
Based on individuals and/or groups.
Identification and authorization of individual entities.
Protected execution domain for privileges processes.
Design, test and user documentation – life cycle assurance through security testing.
Documentation to include Security feature’s user guide and trusted facility manual.
Robert A. Keller, III
IA Instructor/ Writer
100
C2: Controlled Access Protection
Security relevant events are audited.
Object reuse concept must be invoked (including memory)
Strict login procedures.
The C2 rating is the most reasonable class for commercial applications.
Division B : Mandatory Protection
Division B enforces mandatory protection by the use of security labels and the reference monitor concept.
B1 : Labeled Security
Each object must have a classification label and each user must have a clearance label.
Security labels are mandatory in class “B”
Mandatory access control for a defined subset of subjects and objects.
B2 : Structured Protection
System design and implementation are subject to a more thorough review and testing process.
Well-defined interfaces between system layers.
Covert storage channels are addressed.
Trusted path required for login and authentication.
Separation of operator and administrator functions (trusted facility management)
Mandatory access control for all subjects and objects.
Formal policy model, structured design and configuration management.
B3 : Security Domains
More granularity in each protection mechanism
Code not necessary to support the security policy is excluded from the system.
Reference monitor component must be small enough to be isolated and tested fully.
System fails to a secure state.
Division A : Verified Protection
Formal methods are used to ensure that all subjects and objects are controlled.
A1 : Verified Design
Feature and architectures are not much different than B3, the difference is in the development process.
Assurance is higher because the formality in the way the system was designed and built is much higher.
Stringent change and configuration management.
Format methods of covert channel analysis.
Robert A. Keller, III
IA Instructor/ Writer
101
Summary of Ratings:
D – Minimal Protection
C – Discretionary protection
C1 : Discretionary Security Protection
C2 : Controlled Access Protection
B – Mandatory Protection
B1 : Labeled Security
B2 : Structured Protection
B3 : Structured Domains
A – Verified Protection
A1 : Verified Design
The Red Book:
TNI (Trusted Network Interpretation). The red book is an interpretation of the Orange book for networks and network components. The Red Book TNI ratings are:
********************************************************
ARP = IP TO MAC (PHYSICAL) – Ipv4
NDP=IP TO MAC – Ipv6
*******************************************************
None
C1 – Minimum
C2 – Fair
B2 – Good
Robert A. Keller, III
IA Instructor/ Writer
102
DITSCAP
Defense Information Technology Security Certification and Accreditation Process. Has 4 phases:
1. Definition
2. Verification
3. Validation
4. Post Accreditation
NIACAP
National Information Assurance Certification and Accreditation Process. Has several types of accreditation
Side Accreditation: Applications and systems at a self-contained location.
Type Accreditation: An application or system distributed to a number of different locations.
System Accreditation: Major application or general support system.
CIAP
Commercial Information Security Assessment Process – in development.
ITSEC – Information Technology Security Evaluation Criteria
This accreditation system is used in Europe. Two main elements of a system are evaluated by ITSEC or TCSET: Functionality and Assurance.
Two systems with the same functionality can have different assurance levels. ITSEC separates these two elements and rates them separately. In ITSEC, F1 to F10 rate the functionality and E0 through E6 rate the assurance:
Robert A. Keller, III
IA Instructor/ Writer
103
ITSEC TCSEC
E0 D0
F1 + E1 C1
F2 + E2 C2
F3 + E3 B1
F4 + E4 B2
F5 + E5 B3
F5 + E6 A1
F6 High Integrity
F7 High Availability
F8 Data Integrity during communication
F9 High Confidentiality (encryption)
F10 Networks with high demands on confidentially and integrity.
Security products or systems are referred to as TOE – Target of Evaluation.
10 functionality classes – F
8 Assurance Levels – Q
7 correctness levels – E
The ITSEC assurance classes are:
E0 : Inadequate assurance to quality for E1.
E1 : Informal definition of TOE architectural design. TOE satisfies functional testing.
E2 : E1 + information description of detailed design. Configuration control and approved distribution procedure.
E3 : E2 + source code and/or drawing have been evaluated.
E4 : E3 + a formal model of security policy.
E5 : E4 + close correspondence between detailed design and source code/drawings.
E6 : E5 + Formal specification of security enforcing functions. Consistency with formal security policy model.
Robert A. Keller, III
IA Instructor/ Writer
104
CTCPEC
Canadian Trusted Computer Product Evaluation Criteria
COMMON CRITERIA
International standard evaluation criteria, initiated by ISO in 1990 and started in 1993.
One specific set of classifications, internationally recognized. Evaluates a product against a “protection profile” which is structured to address specific security problems.
A product is assigned an EAL – Evaluation Insurance Level – EAL1 – EAL7.
Similar to other criteria, the common criteria answers two basic questions:
1. What does it do? (functionality)
2. How sure are you? (assurance)
The protection profile contains:
Descriptive elements
Rationale
Functional Requirements
Development Assurance Requirements
Evaluation Assurance Requirements
Certification: Technical evaluation of security components for the purpose of accreditation.
Accreditation: Formal acceptance of risks of a given system’s overall adequacy by management. Senior Management’s formal acceptance of the product/ service and its risks, e.g., C-Level states that the systems have been “blessed” to be used in their environment.
SSE-CMM : System Security Engineering, Capability Maturity Model
Based on the premise “If you can guarantee the quality of the processes that are used by an organization, you can guarantee the quality of the products and services generated by those processes.”
Two dimensions are used to measure the capability of an organization to perform specific activities. The two dimensions are domain and capability.
Robert A. Keller, III
IA Instructor/ Writer
105
Domain: All the practices that collectively define security engineering.
Base practices: Related base practices are grouped into Process Areas (PAs)
Capability: Practices that indicate process management and institutionalization capability. Generic Practices (GPs).
The GPs represent activities that should be performed as part of BPs.
In the domain dimension, SSE-CMM defined 11 security engineering process areas and 11 administrative process areas
Threats:
Some threats to security models and architectures are:
Covert Channels: Information flow not controlled by the security mechanism.
Covert timing channel
Covert storage channel.
Addresses in TCSEC B2 and higher.
Back Doors: Also known as maintenance hooks / trapdoors.
Timing Issues: Also known as ‘asynchronous attack’. Deals with the timing different in the sequence of steps a system uses to complete a task.
Time of Check vs. Time of Use (TOC/TOU) – Also known as “race conditions”
Buffer Overflows: “Smashing the stack”.
Each of these can lead to a violation of the system security policy.
Recovery Procedures:
The system must recover/restart from an error in a secure state – maintenance mode: access only by privileged users from privileged terminals.
Failsafe: Program execution terminated, system protected from compromise.
Failsoft (resilient): Non-critical processing is terminated.
Failover: Switching to duplicate (hot) backup in real time.
Cold start: System cannot be restored to a known secure state.
---------------
Access Control
Access control protects the systems
and resources from unauthorized access, and, usually determines the level of
authorization.
Access control consists of the
following primary areas:
- Identification
- Authentication
- Authorization
- Accountability
The last three of these are largely
comprised of ‘logical access controls’.
Identification
Biometrics: Very sophisticated and accurate, but expensive.
Type 1 error: false rejection.
Type 2 error: false acceptance.
Other barriers to widespread
adoption of biometrics include user acceptance, enrollment
time and throughput (and money).
Collected biometric images are
stored in a corpus.
The (descending) order of
effectiveness and acceptance for biometric devices:
Order of
Effectiveness
Order of Acceptance
Palm scan
Iris scan
Hand geometry
Keystroke dynamics
Iris scan
Signature dynamics
Retina pattern
Voice verification
Fingerprint
Facial recognition
Voice verification
Fingerprint
Facial Recognition
Palm scan
Signature Dynamics
Hand Geometry
Keystroke Dynamics
Retina Pattern
Authentication
Three factors (types) of
authentication are something you know, have, or are.
Strong authentication requires two
of these (two-factor authentication).
Passwords are the most commonly
used, but also considered one of the weakest.
Key terms: password, pass phrase,
virtual password, cognitive password.
There are two types of one-time
passwords – synchronous and asynchronous.
Synchronous – Token device synchronizes (shares same secret key) with
authentication server via a time-based or event-based synchronization.
Asynchronous – Uses a challenge-response scheme to
communication with the authentication server.
Other authentication mechanisms:
- Private Key – digitally signing a message.
- Pass phrase – transformed into a virtual password.
- Memory card – holds information but does not process it. Example ATM card.
- Smart card – capabilities of memory card plus it can actually process information.
Authorization
The system knows who you are (authentication)
and must now decide if you are permitted to carry out the requested actions
(authorization).
Access criteria types can be broken
up into:
- Roles
- Groups
- Physical or logical (network) location
- Time of day
- Transaction type
All access criteria should default
to “no access”.
Need to know principle:
- Management’s job is to determine the need-to-know.
- Administrator job is to configure access control and security mechanisms to fulfill the need-to-know requirements.
Single Sign-on Mechanisms:
Scripting: Batch files automate authentication process, but may contain
logon credentials (userID and password). Insecure. High maintenance maintaining
scripts.
Kerberos:
Kerberos is a single sign-on system
that uses symmetric key cryptography (DES) and end-to-end encryption. Kerberos
eliminates the need for transmitting passwords over the network. In order to
implement Kerberos, all software in use me be Kerberos compatible or,
“kerberized”. The components of Kerberos are:
KDC: Key distribution center. Holds user’s and services’ keys.
The foundation of Kerberos is the client and server’s trust in the KDC. The KDC
actually consists of a ticket granting service and authentication server.
Principals: Entities requiring KDC services – users, apps or services.
The KDC and each principal share a secret key.
Ticket: Tickets are created by the KDC and given to a principle when
that principle needs to authenticate to another principle.
Realm: A “realm” is the set of components and principles that the
KDC provides services for.
AS: Authentication service – this is part of the KDC.
Kerberos Authentication Process:
The client trusts the KDC and the
services trust the KDC due to their secret keys. An overview of the process
when a client wants to use a service via Kerberos is:
- The client sends its user id and the name of the requested service to the KDC.
- The KDC provides a session key for the client and service to use. One is encrypted with the user secret key and the other with the service secret key.
- The KDC generates a service ticket containing both session keys. This ticket is sent back to the client. The user enters their password and if the password is correct, the client converts it into the necessary key to decrypt the client session key in the ticket.
- The client decrypts the client portion of the ticket to get the session key and sends the ticket on to the service. The service uses its own private key to decrypt the session key.
- The user and service are now authenticated to each other and communicate with encrypted data via the session key.
Secret key: Shared between KDC and a principle.
Session key: Shared between two principles.
Kerberos weakness:
Kerberos has a number of weaknesses
that make it vulnerable to attack. Some of these are:
- The KDC is a single point of failure.
- The secret keys are temporarily stored on user’s workstations, in memory, etc.
- Session keys are decrypted and reside on user’s workstations.
- Vulnerable to password guessing.
- Does not protect network traffic unless encryption is enabled.
- When a user changes password, the KDC database needs to be updated with a new corresponding secret key.
- Replay attacks can be used against Kerberos.
SESAME:
Secure European System for
Applications in a Multi-user Environment. Sesame is a single sign-on system
designed to address some of the weaknesses in Kerberos. It uses public key
cryptography for the distribution of secret keys and supports MD5 and CRC32
hashing. SESAME is also vulnerable to password guessing. Sesame uses the
Needham-Schroeder protocol.
Thin Clients:
No local processing. User must
authenticate to the network just to be able to use the computer/terminal.
KryptoKnight:
KryptoKnight is another single
sign-on protocol similar to Kerberos.
Provides the following security
services:
- Authentication
- Key Distribution
- Data Privacy
- Data Integrity
- Single Sign-On
- Administration
Although the services provided are
essentially the same as Kerberos, some differences are:
- KryptoKnight uses a hash function for authentication.
- KryptoKnight uses nonces for challenges instead of timestamps.
- Any network entity may initiate the protocol.
ACCESS CONTROL MODELS
An access control model is a
framework that dictates how subjects access objects. There are three main types
of access control model: mandatory access control, discretionary access control
and role-based access control.
Discretionary (DAC): The creator of a file is the ‘owner’ and can grant
ownership to others. Access control is at the discretion of the owner. Most
common implementation is through access control lists. Discretionary access
control is required for the Orange Book “C” Level.
Mandatory (MAC): Much more structured. Based on security labels and
categories. Access decisions are based on clearance level of the data and
clearance level of the user, and, classification of the object. Rules are made
by management, configured by the administrators and enforced by the operating
system. Mandatory access control is required for the Orange Book “B” Level.
Role-Based (RBAC): (nondiscretionary access control) continually
administered set of controls by role within organization. Roles are tighter
controlled than groups. A user can only have one role. RBAC
is best suited for companies with a high turnover rate.
Three step process for administering
RBAC access control:
- System/information owners make decisions about rights and permissions (not the systems administrators).
- System/Network administrator (data custodian) actually creates the roles and functions on behalf of owners.
- Security administrator assigns rights to the roles.
Can use different types of RBAC:
Role-based: User’s role within organization.
Task-based: Specific task assigned to the user.
Lattice-based: Determined by the sensitivity level assigned to the
role. Provides an upper and lower bound of access capabilities for every
subject and object relationship.
Access Control Techniques and
Technologies:
Once a company decides on the access
control model to use, the technologies and techniques to implement that model
need to be determined:
Role-based: Can be used with DAC – NT Groups.
Can be used with MAC – Labels
assigned to roles.
Rule-based: Router or firewall rules – user cannot change.
Restricted interfaces:
- Menus and shells
- Database views
- Physically constrained interfaces.
Access Control Matrix:
Table of subjects and objects
indicating access.
Capability Tables:
Specifies the access a certain
subject has to specific objects. Corresponds to a row in the access control
matrix. Bound to subject.
Access Control Lists:
Bound to object. List of subjects
authorized to access a specific object, and, the level of access/authorization.
Content-dependant:
Database views are a good example –
access is based on the data content itself.
Context-dependant:
Access is based on location, time of day, previous access
history, etc.
Access Control Administration:
Access control administration is
either centralized, decentralized or a hybrid of the two.
Examples of centralized access
control technologies include:
RADIUS: Remote Authentication Dial-In User Service. Usually used for
dialup. Access server requests user login credentials and forwards to a backend
RADIUS server. Can add callback function for additional security.
TACACS: Terminal Access Controller Access Control System.
There are several types of TACACS:
- TACACS: Combines its authentication and authorization processes. Passwords are static.
- XTACACS: Separates authentication, authorization and accounting processes.
- TACACS+: XTACACS with two-factor user authentication. Supports token authentication.
Security Domain: A security domain is defined as a “realm of trust”. Subjects
and objects share common security policies and procedures and are managed by
the same system. Also used within operating systems and applications to protect
system files or processes.
Access Control Methods:
There are three broad categories of
access control layers:
- Administrative, Technical, and Physical
Administrative controls:
Policies and procedures: Guidelines + standards + baselines
Personnel controls: Hiring, firing, promotions, transfers, separation of duties,
rotation of duties, forced vacation.
Supervisory structures: Clear lines of reporting.
Awareness Training
Security Testing: Drills, penetration testing, queries to employees,
interviews, reviews.
Physical controls:
- Network segregation.
- Perimeter security.
- Computer controls.
- Work area separation.
- Data backups.
- Cabling.
Logical (Technical) Controls:
System Access – See previous access control mechanisms.
Network architecture – Logical controls can provide segregation and protection of
an environment. I/P address ranges, subnets, routing between networks, etc
Network Access – Logical network access controls – routers, switches, NICs,
bridges.
Encryption and Protocols
Control Zone – Technical and physical control. Surrounds and protects
network devices that emit electrical signals. TEMPEST related.
Auditing
Access Control Types
Each control method can also perform
different functionality. The functionality types are:
- Preventative
- Detective
- Corrective
- Deterrent
- Recovery
- Compensating
For example:
Preventative-Administrative:
- Policies and procedures, effective hiring practices, background checks, data classification, security awareness training.
Preventative-Physical:
- Biometrics, badges, swipe cards, guards, dogs, motion detectors, fences, mantraps, locks and alarms.
Preventative-Technical:
- Passwords, biometrics, smart cards, encryption, call-back systems, database views, antivirus software, ACLs, firewalls, IDS
Accountability: Auditing capabilities ensure that users are held accountable
for their actions, verify that policies are enforced, deter improper actions
and are an investigative tool.
There are 3 main types of audit
tools:
- Audit reduction
- Variance detection
- Attack-signature detection
Audit data must be protected from
unauthorized viewing and modification.
Access Control Practices:
The following tasks should be
carried out regularly:
- Deny access to undefined or anonymous accounts
- Limit and monitor administration accounts
- Suspect access after a number of failed logins
- Remove accounts as soon as someone leaves an organization.
Format Access Control Models:
Bell LaPadula: The Bell LaPadula model is built on state machine
concepts and focuses on confidentiality. The objective of this model is to
ensure that the initial state is always secure and that transitions always
result in a secure state. Bell LaPadula defines a secure state through 3
multilevel properties:
Simple Security Policy: No read up – a lower level subject cannot read a higher
level object (protects confidentiality).
Security * (star) property: No write down – do not allow confidential information to be
written to a local level, where a lower level subject can view it.
Discretionary Security
Property: Uses a discretionary access control
matrix to manage exceptions.
Biba Model: The Biba model is lattice-based and focuses on
integrity more than confidentiality. Biba specifies the following three axioms:
Simple Integrity Axiom: No read down. A higher level subject cannot read information
from a lower level. This prevents higher level reports and data being corrupted
by lower level (and less trustworthy) information.
Integration * (Star) Axiom: No write up. A subject cannot write data above its security
level – higher level data might be compromised by lower level, less trustworthy
data.
A subject at one integrity level
cannot invoke a subject at a higher integrity level.
Clark-Wilson Model: This model has emphasis on integrity – both internal
and external consistency. Clark-Wilson uses well formed transactions,
separation of duties and the labeling of subjects and objects with programs to
maintain integrity. Security properties are partly defined through five
certification rules, suggesting the check that should be conducted so that the
security policy is consistent with the application requirements.
CDI – Constrained Data Item: A data item whose integrity must be preserved.
IVPS – Initial Verification
Procedures: Confirm that all CDIs are in a valid
integrity state when the IVP is run.
TP – Transformation Procedure: Manipulates the CDIs through a well-formed transaction,
which transforms a CDI from one valid integrity state to another.
UDI – Unconstrained Data Item: Data items outside of the control area such as input
information.
Any TP that takes a UDI as input
must either convert the UDI into a CDI or reject
the UDI and perform no transaction at all.
Unauthorized disclosure of
information:
There are several ways in which
information can be inadvertently disclosed. The follow items are related to
information disclosure:
Object Reuse: Reassigning media to a subject when media might still
contain some residual information. Make sure media is cleaned. Degaussing works
best. Object reuse controls are required for TCSEC B2 and above.
Emanation: Picking up radiation emitted by devices. TEMPEST is very
expensive.
Some alternatives are:
White Noise – Uniform spectrum of
random electrical signals used to disguise real data.
Zones – Control zones.
Access Control Monitoring
Keeping track of who attempts to
access specific resources, access control monitoring is an important detective
mechanism usually carried out by intrustion detection systems:
Intrusion Detection Systems (IDS):
Network Based: Monitors network, or a segment of the network (passive).
Placement of sensors is a critical part of configuring a network based IDS.
Place a sensor on the outside firewall to detect attacks and inside the
firewall to detect invasions. Another factor to consider is that the network
traffic should never exceed the IDS threshold, or the IDS may just start to
drop packets.
Host-Based: Monitors a specific system.
Intrusion detection systems have two
main methods of operation:
Knowledge / Signature based: This type of IDS looks for known attacks and is therefore
weak vs. new attacks. There are fewer false alarms. This type of IDS may also
fail to detect “slow” attacks extended over a long period of time.
Behavior based / Statistical
IDS: This type of IDS detects deviations
from expected behavior of users and systems. May use expert systems. Detects
new attacks and doesn’t rely on a database of signatures to be updated, but,
can cause more false positives.
Relational Database Security
The following are areas relating to
database technology and security:
Schema: Description of the database and its tables. Usually written
using a DDL.
Cardinality: Number of rows in a table.
Degree: Number of columns in a table.
Domain: The set of all allowable values an attribute can take.
Entity Integrity & Referential
Integrity:
View: Virtual table defined from other tables that are used to
restrict access, hide attributes and provide content-dependant access. Views
help implement least privilege and need to know principles.
To protect against “inference
attacks”, databases may have a minimum query set size and prohibit query of
“all but one” tuples. Highly secure systems may also employ context dependant
access control where the tuples a user can read are based on those already
read.
Threats
The main categories of threat to
access control mechanisms are:
- Dictionary attack.
- Brute force attack.
- Spoofing at login – fake login screen to capture details.
- Man in the Middle Attacks
A “trusted path” can mitigate login
spoofing.
The following measures are used to
compensate for internal and external access violations:
- Backups
- RAID
- Fault tolerance
- Business continuity planning
- Insurance
TELECOMMUNICATIONS
& NETWORK SECURITY
Open Systems Interconnect (OSI)
model:
Developed early 1980s and introduced
in 1984:
OSI
Model
TCP/IP Model
Application
|
Presentation | Application
Session |____________
Transport <–> Host to Host
Network <–> Internet Layer
Data Link |
Physical | Network Access Layer.
Presentation | Application
Session |____________
Transport <–> Host to Host
Network <–> Internet Layer
Data Link |
Physical | Network Access Layer.
“Each protocol at a specific OSI
layer communicates with a protocol that operates at the same OSI layer on
another computer. This happens through encapsulation”
The protocols, technologies and
computers that operate within the OSI model are called open
systems.
Application Layer:
The application layer works closest
to the user and handled message exchanges, terminal sessions, etc. The
application does not include the actual applications, but the protocols (APIs)
that support the applications.
Examples of protocols running in the
application layer include:
- SMTP, HTTP, LPD, FTP, WWW, Telnet, TFTP
Presentation Layer:
The presentation layer received data
from the application layer and puts it into a format that all computers using
the OSI model can understand.
The presentation layer is not
concerned with the meaning of data, but the correct syntax and format. The
presentation layer can often be considered a “translator”.
This layer also handles encryption
and compression.
- ASCII, JPEG, TIF, GIF, Encryption, Compression, MIDI, MPEG
Session Layer:
When two computers need to
communication, or transfer information, a connection session needs to be set up
between them. The session layer is responsible for establishing a connection,
maintaining it during data transfer and releasing it when done.
The session layer works in 3 phases:
- Connection establishment
- Data Transfer
- Connection release
Common protocols at the session
layer are:
- SSL, NFS, SQL, RPC
Transport Layer:
When two computers are going to
communicate, they must first agree on how much information each will send at a
time, how to determine if data was lost in order to retransmit and other
parameters. The computers agree on these parameters through a process at the
transport layer, OSI layer 4.
The transport layer helps provide
more reliable data transfer, error correction and flow control. It assembles
data into a stream for transmitting over the network, and handled multiplexing
if necessary. The transport layer also handles the teardown of virtual circuits
and the multiplexing of upper layer applications.
- TCP, UDP, SPX
Network Layer:
The main responsibility of the
network layer is to insert information into the packet’s header so that it can
be properly routed. Routing protocols build and maintain their tables at this
layer.
The protocols at this layer do not
ensure packet delivery – they rely on the transport layer for that.
Protocols operating at this level
include:
- IP, ICMP, RIP (Routing information protocol), OSPF (Open shortest path first), BGP (Border gateway protocol) and Internet group management protocol (IGMP)
- Most routers also run in the network layer.
Data Link Layer:
As data travels down the ISO stack
it comes to a point where it needs to be translated into LAN or WAN binary
format for line transmission. This happens at the data link layer.
The data link layer is where the
operating system knows what format the data frame must be in to transmit over
Token Ring, Ethernet, FDDI, ATM, etc.
Network cards bridge the data link
and physical layer. The data link layer actually consists of two sub layers:
- Media Access Control (MAC)
- Logical Link Control (LLC)
Protocols operating in the data link
layer include:
- SLIP, PPP, RARP, L2F, L2TP, ISDN ARP
- Bridges operate in the data link layer.
Physical Layer:
The physical layer converts bits
into voltage for transmission. This layer controls synchronization, data rates,
line noise and phsyical medium access.
Protocols operating in the physical
layer include:
- RS232, SONET, HSSI, X.21
- Repeaters operating in the physical layer.
OSI Security Services and
Mechanisms:
OSI defines 6 basic security
services to secure OSI communications:
- Authentication
- Access Control
- Data confidentiality
- Data integrity
- Non-repudiation
- Logging and Monitoring
In addition, the OSI model defines 8
security mechanisms. A security mechanism is a control that is implemented in
order to provide the 6 basic security services:
- Encipherment
- Digital Signatures
- Access Control
- Data Integrity
- Authentication
- Traffic Padding
- Routing Control
- Notarization
TCP/IP
- I/P is a network layer protocol and provides datagram routine services.
- Two main protocols work at the transport layer, TCP and UDP.
TCP Handshake:
1. Host ——– SYN ———> Host B
2. <—– SYN/ACK —–
3. ——— ACK ——–>
2. <—– SYN/ACK —–
3. ——— ACK ——–>
The TCP/IP model has 4 layers:
Application
Host to host
Internet
Network Access
Host to host
Internet
Network Access
The TCP/IP model layers correspond
to the ISO model layers as follows:
Application
Application, presentation, session.
Host to Host Transport
Internet Network
Network Access Data Link, Physical
Host to Host Transport
Internet Network
Network Access Data Link, Physical
The Host-to-host layer handles:
TCP
– Virtual Circuit, sequenced, slower, more reliable
UDP – “Best effort”, connectionless.
UDP – “Best effort”, connectionless.
Internet layer:
IP
– No guarantee of delivery, delivery in sequence or only once.
ARP – I/P to MAC
RARP – MAC to I/P
ICMP
ARP – I/P to MAC
RARP – MAC to I/P
ICMP
Protocol Numbers:
The IP header contains a protocol
field. Some common protocols are:
1 – ICMP
2 – IGMP
6 – TCP
17 – UDP
1 – ICMP
2 – IGMP
6 – TCP
17 – UDP
Data Structures:
–
Within the IP protocol suite, when an application formats data for sending over
the network, it is a message.
– At the transport layer, TCP works on the data and it is now a segment. The segment is passed to the network layer.
– The network layer adds addressing and routine and the bundle is now called a datagram.
– The datagram is passed off to the data link layer which frames the datagram with a header & trailer. It is now called a frame.
– At the transport layer, TCP works on the data and it is now a segment. The segment is passed to the network layer.
– The network layer adds addressing and routine and the bundle is now called a datagram.
– The datagram is passed off to the data link layer which frames the datagram with a header & trailer. It is now called a frame.
TCP
UDP
Application
Layer
Message
Message
Transport Layer Segment Packet
Network Layer Datagram Datagram
Data Link Layer Frame Frame
Transport Layer Segment Packet
Network Layer Datagram Datagram
Data Link Layer Frame Frame
General Classes of Network Abuse:
Class A: Unauthorized access of restricted
network services. Also called “login abuse”. Refers to legitimate users
accessing network services that should be restricted to them.
Class B: Unauthorized use of a network for non-business purposes.
Class C: Eavesdropping
Class D: DOS and other disruptions
Class E: Network Intrusion. Refers to the use of unauthorized access to break into the network from the outside. Classic cases are spoofing, piggybacking and backdoor exploitation.
Class F: Probing. An active variation of eavesdropping.
Class B: Unauthorized use of a network for non-business purposes.
Class C: Eavesdropping
Class D: DOS and other disruptions
Class E: Network Intrusion. Refers to the use of unauthorized access to break into the network from the outside. Classic cases are spoofing, piggybacking and backdoor exploitation.
Class F: Probing. An active variation of eavesdropping.
Additional Attacks: SYN attacks,
Buffer Overflow, Teardrop attack and Smurf.
Common Session Hi-jacking attacks:
- IP Spoofing attacks.
- TCP sequence number attacks.
- Other fragmentation attacks – using fragmented packets to hide true contact.
NETWORKING
LAN Media Access Technologies
- Most of the differences between LAN and WAN take place at the data link layer
“Two LANs connected by a router is
an internetwork, not a bigger LAN. Each LAN has its own addressing scheme and
broadcast and communication mechanisms. If they are connected by different data
link technologies such as frame relay of X.25 then we are looking at a WAN”
Ethernet
- Usually a bus or star topology
- IEEE 802.3 standard
- Shared media – all devices take turns and detect collisions
- Uses broadcast and collision domains
- CSMA/CD access method (Carrier Sense Multiple Access with Collision Detection)
- Uses coaxial or twisted pair.
Common Implementations:
10base2: ThinNet. Uses coaxial cable. Max length of 185 meters and
provides up to 10mbs throughput. Uses BNC connectors.
10base5: ThickNet. Uses thicket coaxial cable. Longer cable segments
and less interference.
10baseT: Twisted-pair copper wiring. RJ45 connectors, usually
in a star topology with a hub or switch.
Fast Ethernet: Regular Ethernet running at 100mbps over twister pair
wiring.
Ethernet Types Table:
Type
Cabling Speed
10base2,
ThinNet
Co-Axial
10mbps
10base5, ThickNet Co-Axial 10mbps
10base-T UTP 10mbps
100base-FX, Fast UTP 100mbps
1000base-T UTP 1,000mbps
10base5, ThickNet Co-Axial 10mbps
10base-T UTP 10mbps
100base-FX, Fast UTP 100mbps
1000base-T UTP 1,000mbps
Token Ring
- 802.5 standard, originally developed by IBM
- Signal travels in a logical ring
- Each computer is connected to a hub called a Multistation Access Unit (MAU)
- 16mbps capacity
- Active Monitor – removes frames that are continually circulating
- Beaconing – attempts to work around errors.
FDDI – 802.8
- Fiber Distributed Data Interface
- Developed by ANSI
- High speed token-passing media access technology
- Speed of 100mbvps – usually used as a backbone network using fiber optics.
- Fault tolerance – second counter rotating ring.
- Can be used up to 100kms, so popular in MANs
- CDDI (copper distributed data interface) is a version that can be used locally.
- 802.8 standard.
CABLING
LAN Media
|
Standard
|
Characteristics
|
Ethernet
|
802.3
|
* Shared media
|
* Broadcast & Collision Domains
* CSMA/CD
* Coaxial or twisted cable
* 10mbps – 10 Gbps
Token Ring802.5* Devices connect to center MAU
* Token-passing access method
* Transmission speeds of 4-16mpbs
* Active monitor and beaconing
* CSMA/CD
* Coaxial or twisted cable
* 10mbps – 10 Gbps
Token Ring802.5* Devices connect to center MAU
* Token-passing access method
* Transmission speeds of 4-16mpbs
* Active monitor and beaconing
FDDI802.8* Token-passing access
method
* Dual counter rotating ring – fault tolerance
* 100mbps over fiber-optic
* Long distance at high speed
* CDDI works over UTP
* Dual counter rotating ring – fault tolerance
* 100mbps over fiber-optic
* Long distance at high speed
* CDDI works over UTP
Bandwidth
: Size of pipe
Data
Rate
: Amount of data
Coaxial
- Copper core surrounded by shielding layer
- More resistant to EMI
- 10base2 = ThinNet (RG58), 10base5 = ThickNet (RG11/RG8)
- 10base2 segments can be up to 185 meters
- 10base5 segments can be up to 500 meters
- Can use baseband method (one channel) or broadband (multiple channel)
- 50ohms cable used for digital signaling and 75ohms for analog signaling and high speed data.
Twister Paid Cable
- STP = Shielded Twisted Pair
- UTP = Unshielded Twisted Pair
UTP Category
|
Characteristics
|
Usage
|
CAT 1
|
Voice Grade
|
Not recommended for network use.
|
CAT 2
|
Up to 4mbps
|
Mainframe and mini connections.
|
CAT 3
|
10 mbps Ethernet
|
4mbps token10 base-T networksCAT 416
mpbsToken ring networksCAT 5100 mbps for
100-base TX and FDDIFDDI & ATM
installations. New LANSCAT 6155mbpsNet network installationsCAT 71gbpsNet
network installations
Fiber Optics
- Uses a type of glass carrying light waves
- Glass core surrounded by protective cladding, encased in outer jacket
- Not affected by EMI, no attenuation
- Very hard to tap into, so more secure.
Common Cable problems:
Noise: Caused by surrounding devices or characteristics of the
environment
Attenuation: Loss of signal as it travels. The affect of attenuation
increases at higher frequencies.
Crosstalk: UTP is susceptible to crosstalk which is caused when
electrical signals on one wire spill over to another wire.
Plenum space is the space between the ceiling and the next floor. Often
used for wiring and cabling.
TYPES OF TRANSMISSION
Data transmission can happen in
different ways (analog or digital), use different controlling schemes
(synchronous or asynchronous) and can only use one channel on a wire (baseband)
or several channels (broadband).
Analog Signals: Continually varying.
Modulation: Combining with carrier
signal of a specific frequency.
Digital Signals: Discrete binary pulses.
Asynchronous
- Two devices not synchronized in any way.
- Usually used for smaller amounts of data
- Usually includes start and stop delineation
Synchronous
- Transfers data as a stream of bits instead of framing it in start and stop bits.
- Synchronization can be via clocking mechanisms, or a signal in the data.
- Usually used for higher volumes of data.
Baseband
- Transmission accomplished by applying direct current to a cable. Uses full cable for its transmission. Ethernet is baseband.
Broadband
- Divides cable into channels so that different types of data can be transmitted at the same time. CATV is broadband. Other broadband types include T1, T3, ISDN, ATM, DSL and wireless.
Unicast: From source to one computer.
Multicast: From source to a specific set of systems. NIC pics up
packets with a specific multicast address.
Broadcast: From source to all computers on a subnet.
Network Topology:
The physical arrangement of
computers and devices is the “Network Topology”
Ring Topology
- Series of devices connected by unidirectional transmission links.
- Form a closed loop, no central hub
- Must provide redundancy or risk single points of failure
Bus Topology
- In a simple bus topology, a single cable runs the entire length of the network.
- Each packet is looked at by all nodes.
- Traditional Ethernet uses bus topologies.
Star Topology
- All nodes connect to a dedicated central hub or switch
- Hub is a potential single point of failure
- Less cabling used and no termination issues
- Most LANs are in a physical star topology
Mesh Topology
- All systems and resources are connected to each other in some way
- Greater degree of complexity
- Greater degree of redundancy
- The Internet is a good example of a partial mesh.
LAN Media Access Technologies:
Token Passing:
Only the computer has the token can
put frames onto the wire. This media access technology is used by Token Ring
& FDDI and is defined in the 802.5 standard.
Token passing networks are
deterministic meaning it is possible to calculate the maximum time that will
pass before a station can transmit. This makes token ring networks ideal for
applications where delay must be predictable, such as factory automation.
CSMA (Carrier Sense Multiple
Access):
There are two flavors are CSMA,
CSMA/CA (Collision avoidance) and CSMA/CD (Collision detection).
A transmission is called a
“carrier”. If a computer is transmitting frames, it is performing a carrier
activity.
With CSMA/CD, computers listen to
the wire for the absence of a carrier tone. If two computers sense this absence
and transmit at the same time, contention and a collision can take place. All
stations will execute a “back off” algorithm (Random retry timer).
With CSMA/CA, each computer signals
the intent to transmit before they actually do so.
Collision Domains
“The more devices there are on a
contention based network, the more likely collisions are which increases
latency. A collision domain is a group of resources that are competing for the
same shared communication medium”.
One subnet will be on the same
broadcast and collision domain if it is not separated by routers or bridges.
PROTOCOLS
Address Resolution Protocol: ARP
The data link layer works with MAC addresses,
not IP addresses. ARP resolves IP addresses to MAC addresses. ARP broadcasts a
frame requesting the MAC address that corresponds to the destination IP
address. The computer that has that IP address responds with its MAC address.
“ARP table poisoning” is altering
the ARP cache so that an attacker receives packets intended for another
destination.
Reverse Address Resolution Protocol:
RARP
Diskless workstations know their
hardware address, but not the IP address. It broadcasts the MAC address information
and the RARP server responds with an I/P address.
BOOTP is similar to RARP but
provides more functionality including name server and gateway address.
Internet Control Message Protocol:
ICMP
ICMP delivers messages, reports
errors, reports routing information and tests connectivity.
PING is the most common – sends out
ICMP ECHO frames and receives ICMP REPLY frames back.
NETWORKING
DEVICES
Repeaters
- Repeats and amplifies signal between cable segments
- Works at the physical layer
- Also known as line conditioners
Bridges
- Uses to connect different LAN segments
- Works at the data link layer and therefore works with MAC addresses.
- Divides overburdened networks into smaller segments for better use of bandwidth and traffic control
- Beware of “broadcast storms” – using bridges to echo broadcast packets.
- A bridge forwards data to all other network segments if the MAC address of the destination computer is not on the local network segment.
There are three types of bridge:
Local: Connects two or more LAN segments.
Remote: Can connect two or more LANS over a long distance with
telecommunications between them.
Translator: Connects LANs of different types and protocols.
Summary of the functions of bridges:
- Segment a large network into smaller, more controllable pieces
- Use filtering based on MAC address
- Join different types of network while retaining same broadcast domain
- Isolate collision domains within the same broadcast domain
- Some bridges translate between protocol types.
Routers vs. Bridges:
- Routers work at the network layer and are based on IP address. Bridges work at the data link layer and filter frames based on MAC addresses.
- Routers will not usually pass broadcast information.
- Bridges will pass broadcast information.
Spanning tree algorithm is a bridge
algorithm.
If source routing is
used, the packets themselves have the information within them to tell the
bridge where they should go.
Hubs:
Hubs are used to connect multiple
LAN devices into a concentrator. Hubs can be considered as multiport repeaters
and operate at the physical layer.
Routers:
Routers work at the network layer. A
router has two or more interfaces and a routing table to get packets to their
destination. Routers can filter traffic based on access control lists (ACLs)
and fragment packets when necessary.
Routers discover information about
routers and changes that take place in a network through its routing protocols
(RIP, BGP and OSPF).
The following outlines the stages
that take place when a router receives a packet:
- A frame is received on one of the router’s interfaces.
- Destination i/p address is retrieved from the datagram
- The router looks at the routing table to see which port matches the destination
- If the router has no information on the destination, it sends an ICMP error to the sending computer.
- The router decrements the TTL. If the MTU is different than the destination requires, it fragments the packet.
- Router changes the header information on the frame so that it can go to the next correct router.
- Frame is sent to the router’s output queue.
Routing environments are based on
autonomous systems. The autonomous systems are connected to each other through
routers and routing protocols.
Routing takes place within an
autonomous system through internal protocols like OSPF and RIP.
Routing takes place between autonomous
systems through exterior protocols like BGP.
Switches:
Switches combine the functionality
of a repeater and the functionality of a bridge. Any device connected to one
port communicates to any device on another port with it’s own virtual private
link.
“A switch is a multiport bridging
device and each port provides dedicated bandwidth to the device attached to it”
Basic switches work at layer 2 and
forward traffic based on MAC address. Today, there are layer 3 and layer 4
switches with more enhanced functionality. There are referred to as “multilayered
switches”.
Virtual LANS (VLANS) are also an
important part of switching networks. A switch only sends a packet to the port
where the destination MAC address is located, so offer more protection against
network sniffers.
VLAN:
VLANs (Virtual LANs) allow
administrators to logically separate and group users. VLANs also allow
administrators to apply different security practices to different groups.
Brouter:
Hybrid device combining the
functionality of a bridge and a router. A brouter can bridge multiple protocols
and route packets based on some of these protocols.
Gateways:
Almost all gateways work at the
application layer because they need to see a majority of the information within
a frame and not just the address and routing information that a router or
bridge requires.
A popular type of gateway is an
email gateway. The mail gateway will usually convert email into standard X.400
and pass it on to the destination mail server.
A network connecting to a backbone
(Ethernet –> FDDI for example) would need a LAN gateway.
Summary of Main Devices:
Device
|
Layer
|
Functionality
|
Repeater
|
Physical
|
Amplifies signal and extends
networks
|
Bridge
|
Data Link
|
Forwards packets. Filters packets
based on MAC address. Forwards broadcast but not collision traffic.
|
Router
|
Network
|
Filters based on IP address.
Separates or connects LANs, creating internetworks.
|
Brouter
|
Network & Data Link
|
Bridges multiple protocols and
routes some of them.
|
Switch
|
Data Link & Higher
|
Private virtual link between
devices. Allows for VLANs. Impedes sniffing and reduces contention.
|
Gateway
|
Application
|
Connects different types of
network. Protocol and format translation.
|
PBX:
A Private Branch Exchange (PBX) is a
telephone switch located on the company’s property. A PBX can interface with
several types of device and provides a number of telephone services. Data is
multiplexed onto a dedicated line connected to the telephone company’s central
office.
PBXs have the following issues:
- Often have modems attached for vendor maintenance.
- Come shipped with default system passwords.
- Vulnerable to brute force attacks.
ATM Switches:
Most commonly used in WANs but
started to be seen in LANs. Use a cell-relay technology.
FIREWALLS
Firewalls are used to restrict
access from one network to another network. A firewall is a device that
supports and enforces the company’s network security policy.
Many times companies will set up
firewalls to construct a “DMZ” or “buffer zone” which is a network segment
located between protected and unprotected networks. Usually, two firewalls are
used to construct a DMZ:
LAN <– firewall <— DMZ <—-
firewall <—– router <—– .o(Internet)o.
Packet Filtering:
Packet filtering firewalls use
Access Control Lists to determine which packets can and cannot pass through.
The filtering is based on network layer information; the device cannot look
further into the packet itself. A packet filtering router is also called
a screening router. Packet filtering usually takes
place at the network or transport layer.
Pros
Cons
Scalable
Does not look into packet past the header info
High
Performance
Lower security relative to other options
Application
Independent Does not keep track of
connection state
Used in first generation firewalls.
Packet filtering firewalls are often
called “first generation firewalls”.
Application Control Capable
Firewalls are often Called “Next Generation Firewalls”
Stateful Packer Filtering:
Stateful filtering keeps track of
which packets went where until the connection is closed. To accomplish this,
the firewall maintains a state table.
A packet filtering firewall may have
the rule to deny UPD on port 25, while a stateful packet filtering firewall can
say “allow those packets through if they are in response to an outgoing
request”.
- Frames are analyzed at all communication layers.
- High degree of security without the performance hit of proxy firewalls.
- Scalable and transparent to users.
- Provides data for tracking connectionless protocols like UDP and RPC
- Used in third generation firewall applications.
Proxy Firewalls:
A “proxy” is a middleman. A proxy
firewall accepts messages entering or leaving the network and checks it for
malicious information and if ok, passes it on to the destination. A proxy
firewall breaks the communication channel – there is no direct communication to
internal computers.
Outside scanners will only see the
proxy server. Packets are repackaged as they pass through the proxy firewall.
Outbound packets will only have the IP address of the firewall which means that
a proxy server will be the only one with a valid IP address- the servers behind
it can all use private address ranges.
A dual homed firewall has two NICs
and forwarding turned off. There are two types of proxies:
- Application and circuit proxies.
Proxy firewalls are considered
second-generation firewalls and are usually used with a dual-homed host.
Application Level: Inspects entire packets and makes access decisions based on
actual content. Understands the different protocols and usually works for just
one service or protocol.
Circuit-Level: Creates a circuit between client computer and server. Makes
access decisions based on source and destination.
Pros:
- Looks at information within the packet, right up to the application layer.
- Better security than packet filtering
- Aware of protocols, services and commands being used.
Cons:
- Limited to what applications it can support
- Can degrade network performance
- Poor scalability
- Breaks client/server model.
Dual-Homed Host Firewalls:
- Single computer with separate NICs to each network
- Used to divide internal trusted network and external untrusted network
- Must disable forwarding
- Usually used with proxy software
- Users can easily and accidentally enable forwarding.
Application level vs. Circuit Level
proxy firewalls:
Application Level:
- Transfers a copy of each approved packet from one network to another.
- Different proxy required for each service.
- Hides network information from external attackers.
- Hides internal computer information and addresses.
- More intricate control than circuit level proxy firewalls
- Reduces network performance
Circuit-Level:
- Provides a circuit between the source and destination
- Does not require a proxy for each service
- Does not provide the detailed control that the application level proxy does.
- Security for a wider range of protocols.
SOCKS proxy server characteristics:
- Circuit-level proxy
- Requires clients to be integrated with SOCKS client software.
- Mainly used for outbound internet access and VPN
- Can be resource intensive
- Authentication and encryption are similar to VPN, but is not considered a bidirectional VPN.
1st generation: Packet filtering firewalls.
2nd generation: application (proxy) firewalls
3rd generation: stateful packet firewalls
4th generation: dynamic filtering
5th generation: kernel proxy
6th generation: Chip based Flow inspection with Application Control
(NGFW)
FIREWALL ARCHITECTURE:
Bastion Host:
A bastion host can be thought of as
the foundation for the firewall software to operate on. It is the machine
that will be accessed by all entities trying to access or leave the network.
Screened Host:
Many times a screened host is a
bastion host that communicates with a border router and the internal network.
Inbound traffic is filtered by packet filtering on the router and then sent to
the screened host firewall.
Screened Subnet:
Adds another layer of security over
the screened host firewall – the bastion host housing the firewall is screened
between two routers. This architecture sets up a DMZ between the two routers.
Purposes of firewalls:
Firewalls should:
- Default to deny
- Block external packets inbound with internal addresses (Spoofing)
- Block outbound packets with external source addresses (Zombies)
- High security firewalls should reassemble packet fragments before sending them on to their destination.
- Many firewalls will deny packets with source routing information.
Networking
Services
Network Operating Systems (NOS):
Short list of some of the services
that NOS systems (NT, W2K, Linux) provide that most single user (W95, W98)
systems do not:
- Directory services
- Internetworking, routing and WAN support
- Support for dial-up users
- Clustering functionality
- File & print services
- Management and administration tools
- Fault tolerance
A redirector connects
local computer to resources of the network – the local computer may not even be
aware of this.
DNS:
- Networks are split up into “zones”
- DNS server is said to be authoritative for the zone it serves.
Directory Services:
A directory service is a database
containing a hierarchy of users, computers, printers and attributes of each.
The directory is used mainly for lookup purposes – to allow users to break down
resources. Most directory services are built on the X.500 model or use LDAP to
access the directory database.
Intranets and Extranets:
Private I/P address ranges
(Non-routed) are:
10.0.0.0
– 10.255.255.255
Class A
172.16.0.0
–
172.31.255.255 16 * Class B
192.168.0.0
–
192.168.255.255 256 * Class C
Network Address Translation:
Network address translation forms a
gateway between a network and the internet or another network. The gateway
performs transparent routing and address translation. Some attributes of this process
are:
- Hides true internal IP address information from the outside world.
- The NAT device needs to remember the internal IP address and port to send the messages back to.
Metropolitan Area Network (MAN):
A MAN is usually a backbone that
connects businesses to WANS, the Internet and other businesses. A majority of
today’s MANs are Synchronous Optical Network (SONET) or FDDI rings provided by
local telephone companies.
Wide Area Network (WAN):
WAN technologies are used when
communication needs to take place over a larger geographical area.
There are several technologies in
the WAN arena, several of which are discussed below.
The SONET (Synchronous Optical
Network) gives all the world’s carriers the ability to interconnect.
ATM encapsulates data in fixed cells
and can be used to deliver data over SONET. The fixed size provides better
performance and reduced overhead.
A quick snapshot at telecom history:
- Copper lines carrying analog information
- T1 lines carrying up to 24 conversations
- T3 lines carrying up to 28 T1 lines
- Fiber optics and the SONET network
- ATM over SONET
Types and speed of standard leased
lines:
DS0: Single 64k channel on a T1 facilities
DS1: 1.544mbps on a T1 (2.108 on a E1 in Europe)
DS3: 44.756mbps on a T3 facility.
Dedicated Links:
- Leased line or “point to point” link.
- Expensive, but secure
T-Carriers:
- Dedicated lines that carry voice or data over trunk lines.
- Most common are T1 @ 1.544mbps and T3 @ 45mbps
- Multiplexing through TDM (Time division multiplexing)
S/WAN:
- Secure WAN, initiative of RSA security who worked with firewall and protocol vendors to build secure firewall-to-firewall connections through the internet.
- S/WAN is based on VPNs that are created with IPSEC.
xDSL types
ADSL: More bandwidth down than up.
SDSL: 1.544mbps down and up. Limited to 10,000 feet from exchange.
HDSL: High-rate digital subscriber line. 1.544mbps each way.
VDSL: Very high data rate DSL – 13 to 52mbs downstream and 1.5 to
2.3 upstream. Limited to 1,000 – 4,500 feet from exchange.
Packet Switching vs Circuit
Switching:
Circuit
Switching Packet
Switching
Constant
Traffic
Bursty Traffic
Fixed
delays
Variable delays
Connection-oriented
Connectionless
Sensitive to loss of
connection
Sensitive to loss of data
Voice
oriented
Data Oriented
WAN
Technologies
CSU/DSU:
- Channel service unit / data service unit: required when digital equipment will be used to connect a LAN network to a WAN network
- Necessary because the frames are so different between LAN and WAN equipment.
- DSU converts signals from routers, bridges, etc into signals that can be transmitted over the telephone company’s digital lines
- CSU connects the network directly to the telephone company lines.
- Provides an interface for DTE and DCE devices such as the router and the carrier’s switch.
Switching:
There are two main types of
switching, circuit switching and packet switching:
Circuit Switching:
- Connection oriented virtual links (ISDN, telephone call)
- Traffic travels in a predictable and constant manner
- Fixed delays
- Usually carries voice oriented data
Packet Switching:
- Packets can use many different dynamic paths to get to the same destination
- Supports traffic that is bursty
- Variable delays
- Usually carries data-oriented information.
- Internet, X.25 and Frame Relay are all packet switching networks.
Frame Relay:
Frame relay is a WAN protocol that
operates at the data link layer. Frame Relay uses packet switching technology
as an alternative to expensive dedicated lines.
Companies that pay more to ensure a
higher level of bandwidth availability pay a “committed information rate” or
CIR.
Virtual Circuits:
Frame relay forwards frames across
virtual circuits. These can be permanent meaning they are programming in
advance, or switching means it is built when needed an then torn down.
The PVC (Permanent Virtual Circuit)
works like a private line for a customer with a CIR. A PVC is programmed to
ensure bandwidth availability.
X.25
X.25 is an older WAN technology that
defined how networks and devices establish and maintain connections. X.25 is a
switching technology.
Data is divided into 128 bytes and
encapsulated in HDLC frames (High-level Data Link Control).
X.25 is slower than frame relay or
ATM due to heavy error checking and correction that is not necessary on more
modern networks.
ATM – Asynchronous Transfer Mode:
ATM is another switching technology
that uses a cell-switching method instead of packet switching. Like frame
relay, ATM is connection-oriented. Cell switching means that data is segmented
into fixed size cells (53 bytes).
Like Frame Relay, ATM can set up
PVCs and SVCs.
SMDS – Switched Multimegabit Data
Service:
High-speed packet switched
technology used to enable customers to extend their LANs across MANs and WANs.
Protocol is connectionless and can provide bandwidth on demand.
SDLC – Synchronous Data Link
Control:
Base on networks that use leased
lines with permanent physical connections. SDLC is used mainly for
communication to IBM hosts within the SNA architecture.
HDLC – High Level Data Link Control:
Bit-oriented link layer protocol
used for transmission over synchronous lines, HDLC is an extension of SDLC.
HDLC provides high throughput because it supports full duplex.
HSSI – High Speed Serial Interface:
Interface used to connect
multiplexers and routers to high-speed services like ATM and Frame Relay.
These interfaces define the
electrical and physical interfaces to be used by DTE/DCE devices, thus it works
at the physical layer. Developed by CISCO and T3Plus Networking.
Multi-Service Access:
Multi-service access technologies
combine different types of communication categories (voice, data and video)
over one transmission line.
VOIP can be affected by latency due
to Internet being packet oriented switching technology vs. circuit switching.
This is referred to as “jittering”.
H.323
Standard that deals with video,
audio and data packet-based transmissions where multiple users can be involved
with the data exchange. H.323 terminals are connected to gateways or the
gateways are connected to PSTN.
Packet switching technologies
include X.25, LAPB, FRAME RELAY, ATM and SMDS.
REMOTE
ACCESS
Remote access covers technologies
that enable remove and home users to access networks.
Dial-up and RAS:
Remote access is usually gained by
connecting to a network access server (NAS). NAS acts as a gateway and end
point for a PPP connection.
ISDN:
Integrated services digital network.
ISDN breaks the telephone line into different channels and transmits data in a
digital form vs. the old analog method. There are 3 types of ISDN implementation:
BRI: Basic Rate Interface: Operates over existing copper lines in
the local loop and provides digital voice and data channels. Uses two B
channels and 1 D channel.
PRI: Primary Rate Interface: 23 B channels and one D channel
operating at 64k. Equivalent to a T1 circuit.
BISDN: Broadband ISDN. Mainly used with backbones over ATM/SONET.
B channels enable data to be
transferred.
D channel provides for call setup,
error control, caller id and more.
ISDN is a circuit switching
point-to-point protocol.
DSL – Digital Subscriber Line:
- Uses existing phone lines
- Have to be within a 2.5 mail radius of the provider’s equipment.
Cable Modems:
- High speed Internet access through coaxial and fiber lines.
- Bandwidth shares between users in a local area.
- Security concerns: Network sniffers on shared medium.
VPN
– VIRTUAL PRIVATE NETWORKS
A virtual private network is a
secure private connection through a public network or otherwise insecure
environment. VPNs are often used to provide a connection between two routers.
Tunneling Protocols:
VPNs use tunneling protocols to
create a virtual path across a network. There are three main tunneling
protocols used in VPN connections: PPTP, L2TP and IPSEC
PPTP:
Point to point tunneling protocol.
Encapsulation protocol based on PPP. PPTP works at the data link layer and
encrypts and encapsulates packets.
There are a few weaknesses with
PPTP. Negotiation information is exchanged in clear text and can be easily
snooped. PPTP is a Microsoft developed protocol.
- Designed for client/server connectivity
- Sets up a single point-to-point connection between two computers
- Works at the data link layer
- Transmits only over I/P networks
L2F:
Layer 2 Forwarding:
- Created before L2TP by Cisco
- Merged with PPTP to create L2TP
- Provides mutual authentication, but no encryption.
L2TP:
Layer 2 Tunneling Protocol. L2TP
combines L2F with PPTP.
- PPTP can only run on top if I/P. L2TP can use other protocols such as IPX and SNA
- PPTP is an encryption protocol, L2TP is not. L2TP is often used in conjunction with IPSEC for security.
- L2TP supports TACACS+ and RADIUS, PPTP does not.
IPSEC:
- Handles multiple connections at the same time
- Provides secure authentication and encryption
- Supports only IP networks
- Focuses on LAN-LAN communication
- Works at network layer –> Security on top of I/P
- Can work in tunnel mode where both header and payload are encrypted, or transport mode where only the payload is encrypted.
PPP:
PPP encapsulates messages and
transmits them through an IP network ove a serial line. PPP supports different
authentication methods such as Password Authentication Protocol (PAP),
Challenge Handshake Authentication Protocol (CHAP) and Extensible
Authentication Protocol (EAP).
PAP, CHAP, EAP:
PAP: Least secure of the three options as credentials are sent in
clear text. Also vulnerable to reply attacks.
CHAP: Uses a challenge/response mechanism instead of sending a
username and password. Client sends host a logon request and the host returns a
random “challenge” value. The challenge is encrypted with the user password and
returned to the host. The server performs the same encryption and determines
whether or not there was a match.
CHAP is not vulnerable to “man in
the middle” attacks because it continues this challenge/response activity
throughout the connection.
EAP: Extensible Authentication Protocol. EAP is not a specific
mechanism like PAP or CHAP but is more of a framework to allow many different
types of authentication mechanism. EAP extends the authentication possibilities
to other methods like one-time passwords, token cards, biometrics and future
mechanisms.
Network and Resource Availability:
Some general guidelines are:
- Watch out for single points of failure
- Use ISDN or modem backup for WANs
- Use UPS’ and RAID (striping and/or mirroring)
- Clustering provides for fault tolerance, load balancing and failover.
RAID types:
Raid#
|
Name
|
Description
|
Level 0
|
Striping
|
Data is striped over several
drives, but there is no redundant drive. Used for performance enhancement. If
one drive fails, the whole volume is unusable.
|
Level 1
|
Mirroring
|
Data is written to two drives at
once. If one fails, the other has the same data. This is an expensive option
as each drive has another whole drive with the same information.
|
Level 2
|
Hamming Code Parity
|
Data is striped over all drives at
bit level. This array uses 39 drives, 32 for data and 7 for parity. Not used
in practice.
|
Level 3
|
Byte Level Parity
|
Data is striped over all drives,
parity is held on just one drive. If a drive fails, it can be reconstructed
from the parity drive.
|
Level 4
|
Block Level Parity
|
Same as level 3 except data is
striped in disk sector units rather than blocks of bits or bytes.
|
Level 5
|
Interleave Parity
|
Data is written to disk sector
units across all drives. Parity is written to all drives. There is no single
point of failure because parity is written to all drives. Uses XOR algorithm.
|
Level 6
|
Second Parity Data
|
Similar to level 5 but with added
fault tolerance – second set of parity data written to all drives.
|
Level 7
|
Variation of RAID 5 where the
array functions as a single virtual disk in the hardware.
|
|
Level 10
|
Level 1 + Level 0
|
Data is striped across multiple
RAID1 pairs.
|
Level 15
|
Level 5 + Level 1
|
Two complete RAID5 systems are
mirrored for additional fault tolerance.
|
WIRELESS
TECHNOLOGIES
Broadband wireless occupies band 2
to 24ghz
- IEEE 802.16 deals with wireless MANs
- IEEE 802.11 deals with wireless LANs
- Higher frequency can carry more data, but a shorter distance
WLANS work in the 2.4 & 5ghz
unlicensed bands and there are two IEEE standards, 802.11a and 802.11b:
- 802.11a is the latest standard, works in the 5ghz range and provides up to 54mbps
- 802.11b is in the 2.4ghz range and providers up to 11mbps
801.11 uses Wireless Application
Protocol (WAP). WAP uses WML (Wireless Markup Language) and WMLScript to
present web based material. WAP has its own session and transaction protocols
and a transport layer security protocol called WTLS (Wireless Transport Layer
Security).
A WAP gateway is required to
translate WAP protocols to the internet. Encrypted data from a wireless device
comes in with WTLS but must be converted into SSL or TLS by the gateway. For a
second or two, the WTLS data will be decrypted for conversion into SSL – this
is referred to as the gap in the WAP.
Wireless Technology (Prep Guide):
IEEE 802.11 refers to a family of
specifications for wireless LANs. The current 802.11 standard all use CSMA/CD.
802.11: Original wireless LAN standard. 1 or 2mpbs speed in the
2.4ghz band using DSS or FHSS.
802.11b: 11mpbs (autoslows to 5.5, 2 or 1mpbs based on signal
strength). Uses only DSSS. Also known as wi-fi.
802.11a: Up to 54mbs in the 5ghz range. Uses orthogonal FDM.
802.l11g: 20mbps to 54mpbs in the 5ghz range.
802.11e: Draft standard to provide QOS features and multimedia
support.
Spread Spectrum Technology:
Spread Spectrum Technology
broadcasts signals over a range of frequencies. Receiving device must know the
correct frequency of the spread spectrum signal being broadcast. Two spread
spectrum technologies currently exist:
Direct-Sequence Spread Spectrum
(DSSS): Redundant bit pattern for each bit
to be transmitted – spread over a wide frequency. Because it is spread over the
spectrum, the number of discrete channels in the 2.4ghz band is small.
Frequency-Hopping Spread Spectrum
(FHSS): Uses a narrow band carrier that
continually changes frequency in a known pattern. Source and destination
devices must be synchronized to be on the same frequency at the same time.
Both of the above appear as line
noise to a non spread-spectrum device.
AD-HOC mode: Access is Peer to peer.
Infrastructure mode: Access is via an access point (wireless hub).
Wireless Application Protocol (WAP):
Wireless application protocol is a
set of technologies related to HTML but tailored to small screens. The most
noticeable is HDML: Handheld device markup language.
WAP has 5 layers: Application,
session, transaction, security and transport
Application Layer:
Microbrowser, WML (Wireless Markup Language), WMLScript and
Wireless Telephony Applications (WTA)
Session Layer:
Contains the Wireless Session Protocol (WSP), which is
similar to HTTP. WSP facilitates transfer of content between WAP clients and
gateway. WSP provides a connection-oriented mode and a connectionless mode.
Transaction Layer:
Providers the Wireless Transaction Protocol (WTP). Similar
functionality to TCP/TP. Reliable request and response transactions and
supports unguaranteed and guaranteed psuh
The transaction layer provides
transaction services to WAP and handled acknowledgements.
Security Layer:
The security layer contains WTLS (Wireless Transport Layer
Security). WTLS is based on TLS (similar to SSL) and can be invoked in a manner
similar to HTTPS. WTLS provides data integrity, privacy, authentication and DOS
protection.
Transport Layer:
The transport layer supports the Wireless Datagram Protocol
(WDP) which provides an interface to bearers of transportation. The transport
layer supports CDPD, GSM, CDMA, TDMA, SMS and Flex.
Wired Equivalent Privacy (WEP)
Encryption:
WEP is an option in 802.11b. It uses
a 40-bit shared key, RC4 pseudorandom number generator and a 24 bit
initialization vector. WEP works in the following manner:
- Checksum of message computed and appended to the message.
- Shared secret key and initialization vector are fed to the RC4 algorithm to produce a keystream.
- The keystream is XORed with the msg and checksum and produces ciphertext.
- The initialization vector is appended to the ciphertext message and the message is sent to the recipient.
- The recipient who has the same secret key generates the same keystream with the IV.
- The generated keystream is XORed with the ciphertext to yield the original message.
WEP is not considered secure due to the 40-bit encryption.
CISSP Domain 4 – Application and System Development
DOMAIN
4 – Application and System Development
“The division between software
security and device security deals with providing security at the beginning
stages of software development versus providing devices that protect the
perimeter of networks”.
“If an application fails for any reason,
it should resume to a safe state”
Database Management:
“Database access control can be
restricted by only allowing roles”
Database Models:
Relational Database Model: Uses attributes (columns) and tuples (rows) to contain and
organize information. Presents information in the form of tables.
Hierarchical Data Model: Combines records and fields that are related in a logical
tree structure. Used for mapping one-to-many relationships.
Distributed Data Model: Data stored in more than one database, but logically
connected.
Relational Database Components:
Most databases contain the following
core functions:
- Data Definition Language (DDL)
- Data Manipulation Language (DML)
- Query Language (QL)
- Report Generator.
DDL defines the structure and schema
of a database.
Data Dictionary: The data dictionary is a central repository of data elements
and their relationships. The Data Dictionary includes definitions of views,
data sources, relationships, tables, indexes, etc. When new tables, new views
or new schema are added, the data dictionary is updated to reflect this.
Integrity:
- Can run into concurrency problems. Record locking prevents this.
Database software performs to main
types of integrity services:
Semantic Integrity: Makes sure that structural and semantic rules are enforced.
Referential Integrity: No record can contain a reference to a primary key of a
non-existing record or NULL value. Database must also not contain unmatched
foreign key values.
Database Security Issues:
Two main database security issues
are aggregation and inference:
Aggregation:
Aggregation is figuring out complete
information you don’t have access to by using components of that information
you do have access to. The combined information has a
sensitivity that is greater than the sum of the parts.
Queries could be tracked and
restricted based on context-dependant classification used to check what data
the users has already accessed.
Inference:
Inference is similar to aggregation and involves the ability
to derive information that is not explicitly available from information that is
available. For example, a clerk does not have access to troop movements but
does have access to food and tent deployment.
Again, context-dependant
classification rules can help prevent anything that looks like inference.
Database security looks at the
contents of the file rather than the file itself as an operating system could.
This is content-dependant access control which increases processing overhead
but provides more granular control.
Polyinstantiation:
Polyinstantiation enables a relation to contain multiple
tuples with the same primary key but at different security classifications.
System
Development
Security management is an important
aspect of project management.
The following is a typical list of
lifecycle phases:
- Project initiation
- Functional design, analysis and planning
- System design specifications
- Software development
- Installation / Implementation
- Operational Maintenance
- Disposal.
System Design Specifications:
Informational, functional and behavioral model information
goes into the software design as requirements. What comes out of the design is
data, architectural and procedural design.
Installation / Implementation:
- Certification is the process of reviewing and evaluating security controls and is usually a task assigned to an outside independent reviewer.
- Accreditation is the formal acceptance of the system by key management and in implicit acceptance of risk. Once management accepts the residual risk, they should issue a formal accreditation statement.
- Verification – does the product match the specification?
- Validation – Fitness or worth of a software product for its operational mission.
”Verification is doing the job right, Validation is doing the right job”
System Life Cycle Phases:
- Project Initiation:
- Concept of project definition
- Proposal and initial study
- Functional design analysis and planning
- Requirements uncovered and defined
- System environment specifications determined
- System design specifications:
- Functionality design review
- Functionality broken down
- Detailed planning put into place
- Code design
- Software development:
- Developing and programming software
- Installation
- Product installation and implementation
- Testing and Auditing
- Maintenance Support
- Product changes, fixes and minor modifications
- Revision and Replacement
- Modifying the product with revisions, or, replacing it completely.
Waterfall Model:
The steps of a typical waterfall
model are:
- System feasibility
- Software plans and requirements
- Product design
- Detailed design
- Code
- Integration
- Implementation
- Operations and Maintenance
Spiral Model:
- Angular dimensions represent progress made in completing the phases.
- Radial dimension represents cumulative project costs.
The model states that each cycle of
the spiral involves the same series of steps for each part of the project.
Cost Estimation Models:
Basic COCOMO model estimates
development effort and cost as a function of the number of source instructions:
MM = 2.4KDSI (MM = Man months, KDSI
= K developed source instructions)
TDEV = 2.5mm
Maintenance:
Maintenance phases can be divided
into 3 sub-phases:
- Request control
- Change control
- Release control
Change Control:
Configuration management is the
process of controlling the life cycle of an application and documenting the
necessary change control activities. Configuration management is used to manage
changes and new versions of software products. BS7799 addresses configuration
management.
The following definitions are associated
with Configuration Management:
Configuration Item (CI): Component whose state is to be recorded.
Version: A recorded specific state of a configuration item.
Configuration: Collection of component configuration items that comprise a
configuration item in some stage of its evolution. Can be recursive.
Building: Assembling a version of a configuration item from component
configuration items.
Build List:
Software Library:
Software Capability Maturity Model
(CMM):
The Software CMM is based on the
premise that the quality of a software product is a direct function of the
quality of its associated development and maintenance processors.
5 maturity levels are:
Level 1: Initiating
: Good people in place. Processes
performed ad-hoc.
Level 2:
Repeatable : Project management processes in place.
Level 3:
Defined
: Engineering processes and
organizational support.
Level 4:
Managed
: Product and process quantitatively
controlled.
Level 5:
Optimizing
: Continued process improvements.
Institutionalized.
The software CMM is a component that
supports the concept of continuous process improvement. This concept is
embodied in the SEI process improvement IDEAL model:
Initiate
|
Diagnose
|
Establish
| = IDEAL!
Action
|
Leverage
|
Application
Development Methodology
Object-Oriented Concepts:
A shared potion of an object is
the interface. The private portion of an object
facilitates data hiding.
Abstraction is the capability to
suppress unnecessary details so that the important, inherent properties can be
examined and reviewed.
Polymorphism: An object’s response to a message is defined by the class to
which the object belongs. Different objects can respond to the same input in
different ways.
Encapsulation: Hides internal data and operations not exposed via the
interface.
Polyinstantiation: Multiple distinct differences between data within objects to
discourage lower level subjects from learning information at a higher level of
security.
Inheritance: Shares properties and attributes with subclasses.
Cohesion and Coupling:
- Modules should be self-contained and perform a single logical function with as little external help as possible. This is cohesion and the goal for a module is to have high cohesion.
- Modules should not drastically affect the behavior of each other. This is low coupling.
ORBs and CORBAs:
The OMA is the Object Management
Architecture. ORB manages all communication between components and enables them
to interact an a heterogeneous and distributed environment.
ORB is the middleware that
established the client/server relationship between objects.
CORBA provides standard interface
definitions between OMG compliant objects.
COM and DCOM:
The component object model (COM)
defines how components interact and provides an architecture for simple IPC.
DCOM is a distributed model based on COM. DCOM has a library that takes care of
session handling, synchronization, buffering, fault identification and
handling, and data format translation.
OLE – Object Linking and Embedding:
OLE uses COM as its base and allows
objects to be embedded within documents and for linking different resources and
objects.
The capability for one program to
call another is called linking.
The capability to put a piece of
data inside a foreign program or document is called embedding.
DDE – Dynamic Data Exchange:
DDE enables different applications
to share data by providing IPC. DDE is a communication mechanism that enables
direct connection between two applications.
Distributed Computing Environment
(DCE):
DCE is a standard developed by the
OSF – Open Software Foundation (also called “the open group”). DCE is
middleware providing RPC service, security services, directory service, time
service and distributed file support.
DCE is a layer of software that sits
on top of the network layer.
** DCOM uses a globally unique identifier
(GUID).
** DCE uses a universal unique
identifier (UUID).
Expert Systems and Knowledge Based
Systems:
Expert systems usually consist of
two parts, an inference engine and a knowledge base. The inference engine
handles the user interface, external files, scheduling and program-accessing
capabilities.
The knowledge engine contains data
pertaining to a specific problem or domain.
ANN = Artificial Neural Network.
Malicious Code (MALWARE):
Virus: Infects applications. Main function is to reproduce. Macro
viruses are easy to write and office products are in wide use.
Worms: Reproduce on their own with no need for a host application.
Logic Bomb: Will execute certain code when a specific event happens.
Trojan Horse: Program disguised as another program.
Attacks:
SMURF: Requires an attacker, a victim and an amplifying network.
ICMP ECHO packets are sent to the broadcast address of a large network with the
return address spoofed to be that of the victim. The target network will drown
the victim with responses. A counter against the smurf attack is to disable
broadcast packets at the border router.
Fraggle: Similar to SMURF but uses UDP instead of ICMP.
SYN Flood: Repeated SYN packets that will not respond to the SYN/ACK
packets.
Teardrop: Send very small packets with invalid fragment offset causing
the computer to freeze or crash.
Cryptography
A “substitution cipher” is where one character is replaced with another. “Monoalphabetic” substitution uses only one alphabet.
The papyrus around the staff is a “scytale” cipher.
Enigma Machine: The crucial and secret part of the process (the key) was how the operators advanced the rotors when encrypting and decrypting a message.
Cryptography Definitions:
Cryptosytem: A system that provides encryption and decryption
Key: The secret piece of a well-known encryption algorithm
Keyspace: Range of values that can be used to construct a key.
Cryptography: The science of encrypting written communication.
Cryptanalaysis: The process of trying to decrypt encrypted data without the key.
Work Factor: Estimate of the effort it would take an attacker to penetrate an encryption method.
Cryptology: Study of both cryptography and cryptanalysis.
Key Clustering: When two (or more) different keys generate the same ciphertext from the same plain text, this is known as “key clustering”.
Goals of CryptoSystems:
Confidentiality – Unauthorized parties cannot access the information.
Authenticity – Validating the source of a message.
Integrity – Assurance that a message was not modified during transmission.
Non-Repudiation – Sender cannot layer deny sending the message and the receiver cannot deny receiving it.
Types of Ciphers:
Substitution: Uses a key to know how substitution should be carried out.
Transposition: Permutation is used. Does not replace original text with different text – text is moved around.
Simple substitution and transposition methods are vulnerable to “frequency analysis”
Running and Concealment Ciphers:
Running Key Cipher: Does not require a key or algorithms, but steps in the physical world. For example, references to a book. The “key” in this situation is “which book?”
Concealment Cipher: A cipher that hides the message among garbage. For example, have each word appear every 5th word in a sentence. “Buy gold” might become “Product is a good buy, it has ten percent gold content”.
Government Involvement with Cryptography:
v Harry Truman created the NSA in 1952.
v In 1993, government introduced the Clipper chip, based on the Skipjack algorithms. Each chip unit has a key, which encrypts a copy of each user’s session key. Each chip also has a unique serial number and a copy of the unit key is stored in a database under this serial number. The transmitted message contains a Law Enforcement Access Field (LEAF), which contains the serial number of the chip that encrypted the message. The unit key can be retrieved from the database, used to decrypt the session key, which in turn can be used to decrypt the message.
Weaknesses in the Clipper Chip include:
- SkipJack algorithm was never publicly scrutinized and tested
- 80 bit key is weak by current standards.
- 16 bit checksum can be defeated
- The clipper chip ID tagged and identified every communication session.
Key Escrow:
Unit key split in two and given to two different agencies to maintain. Officer needs a court order to request the unit key.
Methods of Encryption
Cryptographic algorithms can use either symmetric keys (secret keys) or asymmetric keys (public keys).
Symmetric Cryptography:
- Both parties use the same key for encryption and decryption
- Each pair of users exchanging messages needs their own set of keys – key management becomes a pain.
- Initial key exchange needs to be out of band
- Because the same keys are used for encryption and decryption, it does not provide authentication and non-repudiation.
- Fast and hard to break when a large key size is used.
The following algorithms all use Symmetric (Secret) Key Cryptography:
- Data Encryption Standard (DES)
- Triple DES (3DES)
- Blowfish
- IDEA
- RC4, RC5 and RC6
Asymmetric Cryptography:
Each entity has different keys, a private key and a public key. The two keys are mathematically related, but cannot be derived from one another.
A message can only be decrypted with the public key if it was encrypted with the private key – provides authentication.
If confidentiality is most important, the sender encrypts with the receiver’s public key and the message can now only be read with the receiver’s private key. This is called a secure message format.
If authentication is most important, the sender encrypts with his own private key. The receiver knows it came from the sender because it can be decrypted with the sender’s public key. This is known as open message format because anyone with the sender’s public key can read it.
For a message to be A secure and signed format, the sender should encrypt with his own private key and then again with the receiver’s public key.
Strengths of Asymmetric cryptography:
- Better key distribution than with symmetric systems.
- Better scalability than symmetric systems
- Can provide confidentiality, authentication and non-repudiation.
Weaknesses:
- Works much slower than symmetric systems.
The following are asymmetric key algorithms:
- RSA
- Elliptical Curve Cryptosystem (EC)
- Diffe-Hellman
- El-Gamal
- Digital Signature Standard (DSS)
Stream and Block Ciphers:
There are two main types of symmetric algorithms: stream and block ciphers:
Block Cipher: The message is divided into blocks and bits and the blocks are then put through transposition, substitution and other functions. Block ciphers use confusion and diffusion in their methods. The key dictates what S-boxes are used and in what order.
Stream Cipher: Entire message is treated as a stream of bits or bytes. Some stream ciphers use a “keystream generator”. The key provides randomness to the keystream that is applied to the plaintext.
A strong stream cipher algorithm has the following characteristics:
- Long periods of non-repeating patterns within keystreams.
- Statistically unpredictable
- Keystreams are not linearly related to the key.
- Statistically unbiased – as many 0s as 1s.
Stream ciphers are more suited to hardware encryption because they operate a bit at a time. Block ciphers are better suited to software-based encryption.
Types of Symmetric Encryption Systems
Data Encryption Standard:
DES is a block encryption algorithm using 64-bit blocks. It uses a 64-bit key: 56 bits of true key and 8 for parity. Characters are put through 16 rounds of transposition and substitution.
- Devised in 1972 as a derivation of the “Lucifer” system
- DES Describes the DEA (Data Encryption Algorithm)
- FIPS PUB 46-1 (1977) and ANSI X3.92 (1981)
- 64bit blocks, 56 bit key and 16 rounds of transformation
- Uses confusion and diffusion for encrypting plain text.
Confusion: Conceals statistical connection between ciphertext and plain text. Uses non-linear substitution boxes (S-Boxes)
Diffusion: Spreads the influence of a plain text character over many ciphertext characters.
DES has 4 distinct modes of operation:
Electronic Code Book (ECB): Native encryption method for DES. Electronic codebook literally operates like a codebook. For a given block of plaintext and a given key, the same set of ciphertext is always produced. ECB uses padding to round up to a 64-bit block boundary. ECB is used for small amounts of data such as challenge-response or key management. Not good for large amounts of data as patterns would eventually show.
Cipher Block Chaining (CBC): In Cipher Block Chaining, the value of the previous block processed is a part of the algorithm and key for the next block, so, patterns are not revealed. This chaining effect means that a particular ciphertext block is dependant on all the blocks that came before it, not just the current block.
Cipher Feedback Mode (CFB): Previously generated ciphertext from the last block is input to the algorithm to generate random values. Another way of chaining blocks together, but instead of using a value from the previous block, CFB uses the previous block in the ciphertext and combines it with the next block. This mode is used when encrypting individual characters is required.
Output Feedback Mode (OFB): Similar to CFB but functions like a stream cipher by generating a random stream of bits to be combined with the plaintext to create ciphertext.
Simulates a one-time pad. Ciphertext is fed back to the algorithm to form a portion of the next input to encrypt the stream of bits.
Triple DES (3DES):
Encrypting plaintext with one DES key and then encrypting it with a second DES key is no more secure than using a single DES key, therefore, Triple DES is used to obtain stronger encryption:
DES-EDE2: 2 keys are used. Encrypt with 1, decrypt with 2 and then encrypt with 1 again.
DES-EEE2: 2 keys used. Encrypt with 1, encrypt with 2, encrypt with 1.
DES-EEE3: 3 keys used. Encrypt with 1, encrypt with 2, encrypt with 3. Most secure, but requires 3 keys.
Advanced Encryption Standard (AES):
Uses Rjindael block cipher, which can use 128, 192 or 256 bit keys. AES itself specifies fixed block size of 128 bits. AES is the government standard for encrypting SBU information.
The number of rounds of transformation is a function of the key size used:
256 bit – 14 rounds.
192 bit – 12 rounds.
128 bit – 10 rounds.
TwoFish:
128 bit blocks in 16 rounds. Key lengths can be up to 256 bits.
BlowFish:
A block cipher operating on 64 bit blocks with a key length of up to 448 bits. The blocks go through 16 rounds of crypto functions.
IDEA:
Ideas stands for International Data Encryption Algorithm. It operates on 64 bit blocks and uses a 128 bit key. Performs 8 rounds on 16 bit sub-blocks. Each 64 bit block is divided into 16 smaller blocks and each block has 8 rounds of mathematical functions performed on it. IDEA is harder to crack than DES for the same keysize and is used in PGP.
RC5:
Block cipher of variable block length. Key can be 0-2048 bits, blocks can be 32, 64 or 128 bits and the number of rounds can be 0 – 255. Created by Ron Rivest and patented by RSA data.
Asymmetric Encryption Algorithms
RSA:
Defactor standard for public encryption. Invented by Ron Rivest, Adi Shamir and Leonard Adleman. Developed at MIT. Security comes from the difficulty of factoring large numbers. Public and private key are functions of a pair of large prime numbers. RSA is used in many web browsers with SSL.
El-Gamal:
Based on calculating discrete logarithms in a finite field. El-gamal extended Diffie-Hellman to apply to encryption and digital signatures.
Elliptical Curve Cryptosystem (ECC):
Provides much of the same functionality as RSA: Digital signatures, secure key distribution and encryption. ECC is very resource efficient – ideal for smaller devices. ECC providers higher protection with smaller keys than RSA. An ECC key of 160 bits is equivalent to a 1024-bit RSA key.
Public Key Cryptography:
Public key cryptography uses an asymmetric encryption for key encryption and secret key encryption for data. We use an asymmetric algorithm to encrypt the secret key.
Diffie-Hellman: Used for key distribution, NOT encryption and decryption. Subjects can exchange session keys over a non-secure medium without exposing the keys.
Session-Key: “Secret” key used for one data exchange only. Usually randomly generated then encrypted using public cryptography.
Public Key Infrastructure (PKI):
PKI is an ISO authentication framework that uses public key cryptography and X.509 standard protocols.
PKI provides authentication, confidentiality, non-repudiation and message integrity.
The PKI infrastructure contains the pieces that will identify the user, distribute and maintain keys, distribute and maintain certificates and allow certificate revocation.
Each individual taking part in PKI needs a digital signature signed by a CA. Some well-known Certification Authorities are Entrust and VeriSign. Revocation is handled by the certification revocation list (CRL).
PKI is made up of the following entities and functions:
- Certification Authorities
- Registration Authorities
- Certificate Repository
- Certificate Revocation System
- Key backup and recovery system
- Automatic key update
- Management of key histories
- Cross-certification with other Cas
- Time stamping
- Client side software
LDAP is the standard format for accessing certification repositories. Availability and Integrity of LDAP servers is a concern.
ISAKMP: Internet Security Association and Key Management Protocol.
IKE: ISAKMP, Secure Key Exchange Mechanism (SKEME) and Oakley, combined.
In general:
- ISAKMP defined the phases for establishing a secure relationship
- SKEME describes a secure exchange mechanism
- Oakley defined the modes of operation needed to establish a secure connection.
Message Integrity:
One-Way Hash:
A one-way hash takes a variable length input and produces a fixed-length output, or hash value. A hash value is also known as a message digest. If a sender only wants a specific person to view the hash value sent with the message, the value would be encrypted with a key. This is referred to as the message authentication code. Basically, the MAC is a one-way hash value that is encrypted with a symmetric key.
Digital Signature:
A digital signature is an encrypted hash value. A digital signature provides authentication because the message digest is encrypted with the sender’s private key.
Overview/review:
- A message can be encrypted, providing confidentiality.
- A message can be hashed, providing integrity.
- A message can be digitally signed, providing authentication and integrity.
- A message can be encrypted and signed, providing confidentiality, authentication and integrity.
Digital Signature Standard – DSS:
The Federal Government requires its departments to use the DSA & SHA. SHA creates a 160-bit output which is then input to DSA which signs the message.
The DSA (Digital Signature Algorithm) can only be used for signatures, not encryption.
Different Hashing Algorithms
Good hash functions should have the following characteristics:
- Computed on the entire message, not a part of it.
- One-way function so that messages are not disclosed by their signatures.
- Should be impossible, given a message and its hash value, to compute another message with the same hash value.
- Should be resistant to birthday attacks – should not be able to find two messages with the same hash value (collision free).
Some common hashing algorithms include:
MD2: 128 bit hash, slower than MD4 and MD5
MD4: 128 bit hash.
MD5: 128 bit hash. More complex than MD4. Processes text in 512 bit blocks.
HAVAL: Variable length hash. Haval is a modification of the MD5 algorithm with more protection from common attacks against MD5. Processes text in 1024 bit blocks.
SHA: 160-bit hash value. Used with DSA.
SHA-1: Updated version of SHA.
Attacks against one-way hash functions:
Birthday Attack: Using collusions to reverse engineer hash values. Finding two messages that produce the same hash value.
One-Time Pad:
A one time pad, implemented correctly, is unbreakable as each pad is used only once. A non-repeating set of bits are XORed with the message to produce ciphertext. The key is the same size at the message and the sender and receiver must be perfectly in synch. This encryption method is not practically used much.
Key Management
Key management causes one of the biggest headaches in encryption implementation. RSA and Diffie-Hellman are key exchange protocols.
General rules for keys and key management include:
- Key length should be enough to provide the necessary level of protection.
- Keys should be stored and transmitted by secure means.
- Keys should be extremely random and use full spectrum of the keyspace
- Key lifetime should correspond with the sensitivity of the data it is protecting.
- The more the key is used, the shorter its lifetime should be.
- The key should be backed up or escrowed in case of emergencies.
- The key should be properly destroyed once its lifetime comes to an end.
Link Vs End to End Encryption
Advantages of end-to-end encryption:
- Protects information from start to finish
- More flexibility for the user in choosing what gets encrypted and how
- Higher granularity of encryption is available because each application or user can choose a different key.
- Each hop on the network does not need to have a key to decrypt each packet.
Disadvantages of end-to-end encryption:
- Headers, addresses and router information is not encrypted and therefore not protected.
- Destination needs to have same encryption mechanisms to properly decrypt the message.
Advantages of link (lower layer) encryption:
- All data is encrypted, including headers, addresses and routing information.
- Users do not need to do anything to initiate it.
Disadvantages of link encryption:
- Each hop must have a key, making key distribution and management more complex.
- Messages are decrypted at each hop, thus more points of vulnerability.
Email Standards
Privacy Enhanced Email (PEM):
PEM is a series of message authentication and encryption procedures developed by several governing groups. Primary features are:
- Messages are encrypted with DES in CBC mode.
- Authentication is provided by MD2 or MD5
- Public key management using RSA
- X.509 standard for certification structure and format.
Message Security Protocol (MSP):
MSP is the military’s PEM. It was developed by the NSA and is an X.400 compatible application layer protocol.
Pretty Good Privacy (PGP):
PGP uses RSA public key encryption for key management, IDEA for bulk encryption of data and MD5 for authenticity. PGP does not use Certification Authorities but relies instead on a “web of trust”.
Internet Security
“The web is not the internet. The web runs on top of the internet.”
S-HTTP:
Secure Hypertext Transport Protocol. In this protocol, the client and server agree on a protection method and then the client sends the server its public key. The server generates a session key, encrypts it with the client public key and sends it back. S-HTTP maintains an option connection for the duration of the session.
SSL:
SSL is similar to S-HTTP but protect the communication channel itself instead of individual messages. The server sends a message to the client that a secure session is required and the client sends its public key and security requirements back to the server. The server compares the security parameters with its own to find a match and then sends the client a digital certificate. If the client trusts the certificate, the process continues. SSL keeps the communication path open.
MIME: Multipurpose Internet Mail Extension:
If a message or document contains a multimedia attachment, MIME dictates how that portion of the message should be handled.
S/MIME:
S/MIME is a standard for encrypting and digitally signing mail that contains attachments.
SET – Secure Electronic Transaction:
Security technology proposed by Visa and Mastercard for more secure online credit card transactions. Suppliers never see the credit card information.
Cookies:
Sometimes cookies can contain login and password information that is either not encrypted or encrypted weakly. This is a vulnerability.
Secure Shell (SSH):
SSH functions as a type of tunneling mechanism that provides terminal like access to remote computers.
IPSEC (Internet Protocol Security):
The IPSEC protocol is a method of setting up a secure channel for protected data exchange between two devices. IPSEC is a widely accepted standard for secure network layer transport. It is usually used to establish VPNs.
IPSEC uses two basic protocols: Authentication Header (AH) and Encapsulating security Payload (ESP).
IPSEC works on one of two modes:
Tunnel Model: only the payload is encrypted.
Transport Mode: payload, routing and header information are all encrypted.
Each device has one security association (SA) for each session connection, one for inbound and one for outbound. The SA contains the configuration that the device needs to know about. Each device has a security parameter index that keeps track of each SA.
When a packet is received, the steps are:
- Identify appropriate SA, secret key and algorithm.
- Calculate hash value of the packet to authenticate source and verify data integrity.
- Authenticate the source.
- Identify correct cryptographic algorithm (DES or 3DES) and secret key.
- Decrypt the message.
ISAKMP: Internet Security Associated and Key Management Protocol.
Cryptography Attacks
The following sections go over active attacks that can relate to cryptography:
Ciphertext Only Attack: Attacker has the ciphertext of several messages encrypted using the same algorithm.
Known Plaintext Attack: Attacker has plaintext and ciphertext of one or more messages. The goal is to discover the key used to encrypt the messages.
Chosen Plaintext Attack: Attacker has plaintext and ciphertext and can choose the plaintext that gets encrypted.
Chosen Ciphertext Attack: Attacker can choose ciphertext to be decrypted and has access to the decrypted plaintext.
Man-in-the-middle attack:
Intercepting public key and replacing it with your own, and then intercepting subsequent messages intended for someone else. Using digital signatures during session-key exchange can circumvent man in the middle attacks.
Dictionary attack:
Running dictionaries of words through one-way HASH functions to see if the hash value matches what you have. Common method of cracking Unix passwords.
Replay attacks:
When an attacker copies a ticket, breaks the encryption and tries to impersonate the client by resubmitting the ticket at a later time. Kerberos is particularly vulnerable to this type of attack.
Timestamps and sequence numbers are two common counter-measures to replay vulnerabilities.
Wireless Security
Wireless Application Security (WAP):
WAP is a set of protocols that cover layer 7 to layer 3 of the ISO model. The WAP protocol stack contains the following:
- Wireless Markup Language (WML)
- Wireless Application Environment (WAE)
- Wireless Session Protocol (WSP)
- Wireless Transport Protocol (WTP)
- Wireless Transport Layer Security Protocol (WTLS)
- Wireless Datagram Protocol (WDP)
WTLS provides 3 classes of security:
Class 1: Anonymous authentication. Neither client or server is certain of the identify of the other.
Class 2: Server authentication.
Class 3: Two-way client and server authentication.
HDML: Handheld device markup language is a simple alternative to WML.
C-HTML: Compact HTML, widely used in Japan.
Wired Equivalent Privacy:
Secret key shared between clients and access points. Must have the shared key to associate with the access point.
WEP uses the RC4 variable key-size stream cipher encryption algorithm. RC4 was developed in 1987 by Ronald Rivest and operates in output feedback mode.
Security of the WEB algorithm is weak, in the native 40-bit and even the 128 bit versions.
CISSP Domain 6 – Security Architecture and Models
.
Domain
6 – Security Architecture and Models
A security model is a statement that
outlines the requirements necessary to properly support a certain security
policy.
“Security is best if it is built
into the foundation of operating systems and applications”
Computer Architecture
CPU: Contains ALU, Control Unit and primary storage.
Protection Rings: Operating system concept. Inner rings have most
privileges. Inner rings can directly access outer rings, but not vice versa. A
typical arrangement might be:
Ring 0 : Operating system &
Kernel
Ring 1 : Remaining parts of
operating system
Ring 2 : I/O drives and utilities
Ring 3 : Applications and programs.
MITs MULTICS is an example of an
operating system using this concept.
Operating Systems
Operating systems can be in one of
several states:
Ready
: Ready to resume
processing
Supervisory : Executing
a highly privileged routine
ProblemState: Executing an
application (working on a problem)
WaitState :
Waiting for a specific event to complete or resource to become free.
An operating system implements
security using many mechanisms, including:
- Protection Rings
- Mapping Memory
- Implementing virtual machines
- Working in different states
- Assigning trust levels to each process
Process Vs Thread
A process is a program in execution
with its own address space. Threads are pieces of code executed within a
process.
Memory Addressing Modes
Register: Addresses registers within the CPU.
Direct: Actual addresses. Usually limited to current memory
page.
Absolute: Address of all primary memory space. Can hit any memory
address directly.
Indexed: Adding contents of addresses in programs instruction
to that of a memory (index) register.
Implied: Operations internal to the processor, such as clearing of a
carry bit.
Indirect: The address specified in the instruction contains the
address where the actual data can be found.
Processing Methods
Some methods to improve system
performance at the hardware level are:
Pipelining: Overlapping the steps of different instructions to run close
to concurrently.
CISC: Complex Instruction Set Computer. In earlier technologies,
the “fetch” cycle was the slowest port. By packing instructions wtih several
operations, number of fetches were reduced.
RISC: Reduced instruction set computer. Instructions are simple
and require fewer clock cycles.
Scalar Processor: One instruction at a time.
Superscalar Processor: Enabled concurrent execute of multiple instructions in some
pipeline stage.
Very Long Instruction Word (VLIW)
Processor: A single instruction specifies more
than one concurrent operation.
System (Security) Architecture
Some of the biggest questions in
systems security architecture are:
- Where should the protection take place? User’s end? Where the data is stored? Restricting user activities?
- At which layers should mechanisms be implemented? Hardware, kernel, o/s, services or program layers?
“The more complex a security
mechanism becomes, the less assurance it provides” -> Functionality and
Assurance Compromise.
- What system mechanisms need to be trusted? How can these entities interact in a secure manner?
Some important terms and definitions
relating to system architecture are:
Trusted Computer Base: Combination of protection mechanisms within a system,
including hardware, software and firmware. Not every part of a system needs to
be trusted and therefore do not fall under the TCB.
Reference Monitor: Abstract system concept that mediates all access the
subjects have to objects. This is a concept, not a component.
Security Kernel: Hardware, firmware and software that fall under the TCB and
implement the reference monitor concept. The security kernel is the core of the
TCB. The security kernel must:
- Mediate all access to objects in the system.
- Be protected from modification
- Be verified as correct.
Domains: Set of objects that a subject can access. Domains have to be
identified, separated and strictly enforced.
Resource Isolation: Enables each subject and object to be uniquely identified,
permissions and rights to be assigned independently, accountability to be
enforceable and activities to be tracked precisely.
“Security policies that prevent
information from flowing from a high security level to a lower security level
are multilevel security policies.”
“The execution and memory space
assigned to each process is called a protection domain.”
Virtual Machine Monitor: Each “machine” runs at a different security level.
Security Models:
“A model is a symbolic
representation of a policy. It maps the desires of the policy into a set of
rules to be followed by a computer system.”
“Security policy provides the
abstract goals, the security model defines the dos and donts to achieve those goals”
Bell-LaPadula Model:
Developed by the military in the
1970s to address leakage of classified information. Main goal is
confidentiality. A system using the Bell-LaPadula model would be classified as
a multi-level security system. The Bell-LaPadula is a state machine model, and
could also be categorized as an information flow model.
Simple Security Rule : Cannot read data at a higher level.
Star (*) Property: Cannot write data to a lower level.
Bell-LaPadula also uses a
discretionary access control matrix to handle exceptions. This may allow
a trusted subject to violate the *-property, but not its
intent. IE, a low-sensitivity paragraph in a higher level document being moved
to a low-sensitivity document is ok, but might require an override of the *
property.
Criticisms of Bell-LaPadula:
- Only deals with confidentiality, not integrity.
- Does not address access control management.
- Does not address covert channels.
- Does not address file sharing in more modern systems.
- Secure state transition is not explicitly defined.
- Only addresses multi-level security policy type.
Biba Model:
The Biba model is also a state
machine model and similar to Bell-LaPadula, except is addresses data integrity
rather than data confidentiality. The data integrity is characterized by three
goals:
- Protection from modification by unauthorized users.
- Protection from unauthorized modification by authorized users.
- Internally and externally consistent.
The following rules of the Biba
model implement these goals:
Simple Integrity Axiom: No read down.
Star (*) Integrity Axiom: No writing up.
Subjects at one level of integrity
cannot invoke an object or subject at a higher level of integrity.
Clark-Wilson Model:
The Clark-Wilson model takes a
different approach to protecting integrity. Users cannot access objects
directly, but must go through programs that control their access.
“Usually in an information flow
model (Bell-LaPadula and Biba), information can flow from one level to another
until a restricted operation is attempted. At this point, the system checks an
access control matrix to see if the operation has been explicitly permitted”.
The Clark-Wilson model defines the
following terms:
Constrained Data Item (CDI): Data item whose integrity is to be protected.
Integrity Verification Procedure
(IVP): Program that verifies integrity of
CDI.
Transformation Procedure (TP):
Unconstrained Data Item: Data outside of the control of the model. For example, input
data.
Information Flow Models:
Each object is assigned a security
class or value. Information is constrained to flow only in the directions
permitted by the security policy.
Security Modes of Operation
The “mode of operation” defines the
security conditions under which the system actually functions:
Dedicated Security Mode: ALL users have the clearance and the “need to know” to
all the data within the system.
System-High Security Mode: All users have clearance and authorization to access the
information in the system, but not necessarily a need to know.
Compartmented Security Mode: All users have the clearance to all information on the
system but might not have need to know and formal access approvial. Users can
access a compartment of data only.
Multilevel Security Mode: Permits two or more classification levels of information to
be processed at the same time. Users do not have clearance for all of the
information being processed.
Limited Access: Minimum user clearance is “not cleared” and the maximum data
classification is “sensitive but unclassified”.
Controlled Access: Limited amount of trust placed on system hardware and
software.
Trust – assurance of trust implies a much deeper knowledge of the
building process, etc.
Systems Evaluation Methods
The “Orange” Book:
The US Department of Defense
developed TCSEC (Trusted Computer Systems Evaluation Criteria) to provide a
graded classification for computer system security. The graded classification
hierarchy is:
A – Verified Protection
B – Mandatory Protection
C – Discretionary Protection
D – Minimal Security
The evaluation criterion involves 4
main areas: Security, Polciy, Accountabilty and Assustance and Testing, but
these break down into 7 specific areas:
- Security policy – explicit, well defined, enforced by mechanisms in the system itself.
- Identification – individual subjects must be uniquely identified in the system.
- Labels – labels must be associated with individual objects.
- Documentation – test, design and specification documentation. User guides and manuals.
- Accountability – audit data is captured and protected. Relies on identification.
- Life Cycle Assurance – Software, hardware and firmware can be tested individually to ensure that each enforces security policy.
- Continuous Protection – Ongoing review and maintenance of the security.
Products for evaluation under TCSEC
are submitted to the National Computer Security Center (NCSC). The Trusted
Products Evalation Program (TPEP) puts successfully evaluated products on the
Evaluated Product List – EPL.
TCSEC Ratings:
Division D: Minimal Protection
All systems that fail to meet the
requirements of the higher divisions fall under this category.
Division C: Discretionary Protection
C1: Discretionary Security
Protection
- Based on individuals and/or groups.
- Identification and authorization of individual entities.
- Protected execution domain for privileges processes.
- Design, test and user documentation.
C2: Controlled Access Protection
- Security relevant events are audited.
- Object reuse concept must be invoked (including memory)
- Strict login procedures.
The C2 rating is the most reasonable
class for commercial applications.
Division B : Mandatory Protection
Division B enforces mandatory
protection by the use of security labels and the reference monitor concept.
B1 : Labeled Security
- Each object must have a classification label and each user must have a clearance label.
- Security labels are mandatory in class “B”
B2 : Structured Protection
- System design and implementation are subject to a more thorough review and testing process.
- Well-defined interfaces between system layers.
- Covert storage channels are addressed.
- Trusted path required for login and authentication.
- Separation of operator and administrator functions.
B3: Security Domains
- More granularity in each protection mechanism
- Code not necessary to support the security policy is excluded from the system.
- Reference monitor component must be small enough to be isolated and tested fully.
- System fails to a secure state.
Division A: Verified Protection
Formal methods are used to ensure
that all subjects and objects are controlled.
A1: Verified Design
- Feature and architectures are not much different than B3, the difference is in the development process.
- Assurance is higher because the formality in the way the system was designed and built is much higher.
- Stringent change and configuration management.
Summary of Ratings:
D –
Minimal Protection
C –
Discretionary protection
C1 :
Discretionary Security Protection
C2 :
Controlled Access Protection
B –
Mandatory Protection
B1 :
Labeled Security
B2 :
Structured Protection
B3 :
Structured Domains
A –
Verified Protection
A1 :
Verified Design
The Red Book:
TNI (Trusted Network Interpretation). The red book is an interpretation
of the Orango book for networks and network components. The Red Book TNI
ratings are:
- None
- C1 – Minimum
- C2 – Fair
- B2 – Good
DITSCAP
Defense Information Technology
Security Certification and Accreditation Process. Has 4 phases:
- Definition
- Verification
- Validation
- Post Accreditation
NIACAP
National Information Assurance
Certification and Accreditation Process. Has several types of accreditation
Side Accreditation: Applications and systems at a self-contained location.
Type Accreditation: An application or system distributed to a number of
different locations.
System Accreditation: Major application or general support system.
CIAP
Commercial Information Security
Assessment Process – in development.
ITSEC – Information Technology
Security Evaluation Criteria
This accreditation system is used in
Europe. Two main elements of a system are evaluated by ITSEC or TCSET:
Functionality and Assurance.
Two systems with the same
functionality can have different assurance levels. ITSEC separates these two
elements and rates them separately. In ITSEC, F1 to F10 rate the functionality
and E0 through E6 rate the assurance:
ITSEC
TCSEC
E0
D0
F1 +
E1
C1
F2 + E2
C2
F3 +
E3
B1
F4 +
E4
B2
F5 +
E5
B3
F5 +
E6
A1
F6
High Integrity
F7
High Availability
F8
Data Integrity during communication
F9
High Confidentiality (encryption)
F10
Networks with high demands on confidentially and integrity.
Security products or systems are
referred to as TOE – Target of Evaluation.
10 functionality classes – F
8 Assurance Levels – Q
7 correctness levels – E
CTCPEC
Canadian Trusted Computer Product
Evaluation Criteria
COMMON CRITERIA
International standard evaluation
criteria initiated by ISO in 1990 and started in 1993.
One specific set of classifications,
internationally recognized. Evaluates a product against a “protection profile”
which is structured to address specific security problems.
A product is assigned an EAL –
Evaluation Insurance Level – EAL1 – EAL7.
Similar to other criteria, the
common criteria answers two basic questions:
- What does it do? (functionality)
- How sure are you? (assurance)
The protection profile contains:
- Descriptive elements
- Rationale
- Functional Requirements
- Development Assurance Requirements
- Evaluation Assurance Requirements
Certification: Technical evaluation of security components and their
compliants for the purpose of accreditation.
Accreditation: Formal acceptance of the system’s overall adequacy by
management. Based partly on certification information.
SSE-CMM : System Security
Engineering, Capability Maturity Model
Based on the premise “If you can
guarantee the quality of the processes that are used by an organization, you
can guarantee the quality of the products and services generated by those
processes.”
Two dimensions are used to measure
the capability of an organization to perform specific activities. The two
dimensions are domain and capability.
Domain: All the practices that collectively define security engineering.
Base practices: Related base practices are grouped into Process Areas (PAs)
Capability: Practices that indicate process management and
institutionalization capability. Generic Practices (GPs).
The GPs represent activities that
should be performed as part of BPs.
In the domain dimension, SSE-CMM
defined 11 security engineering process areas and 11 administrative process
areas.
Threats:
Some threats to security models and
architectures are:
Covert Channels: Information flow not controlled by the security mechanism.
- Covert timing channel
- Covert storage channel.
Addresses in TCSEC B2 and higher.
Back Doors: Also known as maintenance hooks / trapdoors.
Timing Issues: Also known as ‘asynchronous attack’. Deals with the timing
different in the sequence of steps a system uses to complete a task.
Time of Check vs Time of Use
(TOC/TOU) – Also known as “race conditions”
Buffer Overflows: “Smashing the stack”.
Each of these can lead to a
violation of the system security policy.
Recovery Procedures:
The system must recover/restart from
an error in a secure state – maintenance mode: access only by privileged users
from privileged terminals.
Failsafe: Program execution terminated, system protected from
compromise.
Failsoft (resilient): Non-critical processing is terminated.
Failover: Switching to duplicate (hot) backup in realtime.
Cold start: System cannot be restored to a known secure state.
Domain
6 – Security Architecture and Models
A security model is a statement that
outlines the requirements necessary to properly support a certain security
policy.
“Security is best if it is built
into the foundation of operating systems and applications”
Computer Architecture
CPU: Contains ALU, Control Unit and primary storage.
Protection Rings: Operating system concept. Inner rings have most
privileges. Inner rings can directly access outer rings, but not vice versa. A
typical arrangement might be:
Ring 0 : Operating system &
Kernel
Ring 1 : Remaining parts of operating
system
Ring 2 : I/O drives and utilities
Ring 3 : Applications and programs.
MITs MULTICS is an example of an
operating system using this concept.
Operating Systems
Operating systems can be in one of
several states:
Ready
: Ready to resume
processing
Supervisory : Executing
a highly privileged routine
Problem State: Executing an
application (working on a problem)
Wait State :
Waiting for a specific event to complete or resource to become free.
An operating system implements security
using many mechanisms, including:
- Protection Rings
- Mapping Memory
- Implementing virtual machines
- Working in different states
- Assigning trust levels to each process
Process Vs Thread
A process is a program in execution
with its own address space. Threads are pieces of code executed within a
process.
Memory Addressing Modes
Register: Addresses registers within the CPU.
Direct: Actual addresses. Usually limited to current memory
page.
Absolute: Address of all primary memory space. Can hit any memory
address directly.
Indexed: Adding contents of addresses in programs instruction
to that of a memory (index) register.
Implied: Operations internal to the processor, such as clearing of a
carry bit.
Indirect: The address specified in the instruction contains the
address where the actual data can be found.
Processing Methods
Some methods to improve system
performance at the hardware level are:
Pipelining: Overlapping the steps of different instructions to run close
to concurrently.
CISC: Complex Instruction Set Computer. In earlier technologies,
the “fetch” cycle was the slowest port. By packing instructions wtih several
operations, number of fetches were reduced.
RISC: Reduced instruction set computer. Instructions are simple
and require fewer clock cycles.
Scalar Processor: One instruction at a time.
Superscalar Processor: Enabled concurrent execute of multiple instructions in some
pipeline stage.
Very Long Instruction Word (VLIW)
Processor: A single instruction specifies more
than one concurrent operation.
System (Security) Architecture
Some of the biggest questions in
systems security architecture are:
- Where should the protection take place? User’s end? Where the data is stored? Restricting user activites?
- At which layers should mechanisms be implemented? Hardware, kernel, o/s, services or program layers?
“The more complex a security
mechanism becomes, the less assurance it provides” -> Functionality and
Assurance Compromise.
- What system mechanisms need to be trusted? How can these entities interract in a secure manner?
Some important terms and definitions
relating to system architecture are:
Trusted Computer Base: Combination of protection mechanisms within a system,
including hardware, software and firmware. Not every part of a system needs to
be trusted and therefore do not fall under the TCB.
Reference Monitor: Abstract system concept that mediates all access the
subjects have to objects. This is a concept, not a component. In order for a
reference monitor to be trusted:
- It must be tamperproof (isolation)
- It must be invoked for all access requests to an object – there must be no path that can by bypass the reference monitory (completeness)
- Must be small enough for thorough validation (verifiability)
Security Kernel: Hardware, firmware and software that fall under the TCB and
implement the reference monitor concept. The security kernal is the core of the
TCB. The security kernal must:
- Mediate all access to objects in the system.
- Be protected from modification
- Be verified as correct.
Domains: Set of objects that a subject can access. Domains have to be
identified, seperated and strictly enforced.
Resource Isolation: Enables each subject and object to be uniquely identified,
permissions and rights to be assigned independantly, accountability to be
enforceable and activities to be tracked precisely.
“Security policies that prevent
information from flowing from a high security level to a lower security level
are multilevel security policies.”
“The execution and memory space
assigned to each process is called a protection domain.”
Virtual Machine Monitor: Each “machine” runs at a different security level.
Security Models:
“A model is a symbolic
representation of a policy. It maps the desires of the policy into a set of
rules to be followed by a computer system.”
“Security policy provides the
abstract goals, the security model defines the dos and donts to achieve those
goals”
Bell-LaPadula Model:
Developed by the military in the
1970s to address leakage of classified information. Main goal is
confidentiality. A system using the Bell-LaPadula model would be classified as
a multi-level security system. The Bell-LaPadula is a state machine model, and
could also be categorized as an information flow model.
Simple Security Rule : Cannot read data at a higher level.
Star (*) Property: Cannot write data to a lower level. Confinement property.
Bell-LaPadula also uses a
discretionary access control matrix to handle exceptions. This may allow
a trusted subject to violate the *-property, but not its
intent. IE, a low-sensitivity paragraph in a higher level document being moved
to a low-sensitivity document is ok, but might require an override of the *
property.
Criticisms of Bell-LaPadula:
- Only deals with confidentiality, not integrity.
- Does not address access control management.
- Does not address covert channels.
- Does not address file sharing in more modern systems.
- Secure state transition is not explicitly defined.
- Only addresses multi-level security policy type.
Biba Model:
The Biba model is also a state
machine model and similar to Bell-LaPadula, except is addresses data integrity
rather than data confidentiality. The data integrity is characterized by three
goals:
- Protection from modification by unauthorized users.
- Protection from unauthorized modification by authorized users.
- Internally and externally consistent.
The following rules of the Biba
model implement these goals:
Simple Integrity Axiom: No read down.
Star (*) Integrity Axiom: No writing up.
Subjects at one level of integrity
cannot invoke an object or subject at a higher level of integrity.
Clark-Wilson Model:
The Clark-Wilson model takes a
different approach to protecting integrity. Users cannot access objects directly,
but must go through programs that control their access.
“Usually in an information flow
model (Bell-LaPadula and Biba), information can flow from one level to another
until a restricted operation is attempted. At this point, the system checks an
access control matrix to see if the operation has been explicity permitted”.
Unlike Biba, the Clark-Wilson model
addresses all three integrity goals:
- Preventing unauthorized users from making modifications.
- Maintaining internal and external consistency
- Preventing authorized users from making improper modifications.
The Clark-Wilson model defines the
following terms:
Constrained Data Item (CDI): Data item whose integrity is to be protected.
Integrity Verification Procedure
(IVP): Program that verifies integrity of
CDI.
Transformation Procedure (TP):
Unconstrained Data Item: Data outside of the control of the model. For example, input
data.
Information Flow Models:
Each object is assigned a security
class or value. Information is constrained to flow only in the directions
permitted by the security policy.
Security Modes of Operation
The “mode of operation” defines the
security conditions under which the system actually functions:
Dedicated Security Mode: ALL users have the clearance and the “need to know” to
all the data within the system.
System-High Security Mode: All users have clearance and authorization to access the
information in the system, but not necessarily a need to know.
Compartmented Security Mode: All users have the clearance to all information on the
system but might not have need to know and formal access approval. Users can
access a compartment of data only.
Multilevel Security Mode: Permits two or more classification levels of information to
be processed at the same time. Users do not have clearance for all of the
information being processed.
Limited Access: Minimum user clearance is “not cleared” and the maximum data
classification is “sensitive but unclassified”.
Controlled Access: Limited amount of trust placed on system hardware and
software.
Trust – assurance of trust implies a much deeper knowledge of the
building process, etc.
Systems Evaluation Methods
The “Orange” Book:
The US Dept of defense developed
TCSEC (Trusted Computer Systems Evaluation Criteria) to provide a graded
classification for computer system security. The graded classification
hierarchy is:
A – Verified Protection
B – Mandatory Protection
C – Discretionary Protection
D – Minimal Security
The evaluation criterion involves 4 main
area: Security, Policy, Accountability and Assurance and Testing, but these
break down into 7 specific areas:
- Security policy – explicit, well defined, enforced by mechanisms in the system itself.
- Identification – individual subjects must be uniquely identified in the system.
10. Labels – labels
must be associated with individual objects.
11. Documentation –
test, design and specification documentation. User guides and manuals.
12. Accountability –
audit data is captured and protected. Relies on identification.
13. Life Cycle
Assurance – Software, hardware and firmware can be tested individually
to ensure that each enforces security policy.
14. Continuous
Protection – Ongoing review and maintenance of the security.
Products for evaluation under TCSEC
are submitted to the National Computer Security Center (NCSC). The Trusted
Products Evaluation Program (TPEP) puts successfully evaluated products on the
Evaluated Product List – EPL.
TCSEC Ratings:
Division D : Minimal Protection
All systems that fail to meet the
requirements of the higher divisions fall under this category.
Division C : Discretionary
Protection
C1: Discretionary Security
Protection
- Based on individuals and/or groups.
- Identification and authorization of individual entities.
- Protected execution domain for privileges processes.
- Design, test and user documentation – life cycle assurance through security testing.
- Documentation to include Security feature’s user guide and trusted facility manual.
C2: Controlled Access Protection
- Security relevant events are audited.
- Object reuse concept must be invoked (including memory)
- Strict login procedures.
The C2 rating is the most reasonable
class for commercial applications.
Division B : Mandatory Protection
Division B enforces mandatory
protection by the use of security labels and the reference monitor concept.
B1 : Labeled Security
- Each object must have a classification label and each user must have a clearance label.
- Security labels are mandatory in class “B”
- Mandatory access control for a defined subset of subjects and objects.
B2 : Structured Protection
- System design and implementation are subject to a more thorough review and testing process.
- Well-defined interfaces between system layers.
- Covert storage channels are addressed.
- Trusted path required for login and authentication.
- Separation of operator and administrator functions (trusted facility management)
- Mandatory access control for all subjects and objects.
- Formal policy model, structured design and configuration management.
B3 : Security Domains
- More granularity in each protection mechanism
- Code not necessary to support the security policy is excluded from the system.
- Reference monitor component must be small enough to be isolated and tested fully.
- System fails to a secure state.
Division A : Verified Protection
Formal methods are used to ensure
that all subjects and objects are controlled.
A1 : Verified Design
- Feature and architectures are not much different than B3, the difference is in the development process.
- Assurance is higher because the formality in the way the system was designed and built is much higher.
- Stringent change and configuration management.
- Format methods of covert channel analysis.
Summary of Ratings:
D –
Minimal Protection
C –
Discretionary protection
C1 :
Discretionary Security Protection
C2 :
Controlled Access Protection
B –
Mandatory Protection
B1 :
Labeled Security
B2 :
Structured Protection
B3 :
Structured Domains
A –
Verified Protection
A1 :
Verified Design
The Red Book:
TNI (Trusted Network Interpretation). The red book is an
interpretation of the Orange book for networks and network components. The Red
Book TNI ratings are:
- None
- C1 – Minimum
- C2 – Fair
- B2 – Good
DITSCAP
Defense Information Technology
Security Certification and Accreditation Process. Has 4 phases:
- Definition
- Verification
- Validation
- Post Accreditation
NIACAP
National Information Assurance
Certification and Accreditation Process. Has several types of accreditation
Side Accreditation: Applications and systems at a self-contained location.
Type Accreditation: An application or system distributed to a number of
different locations.
System Accreditation: Major application or general support system.
CIAP
Commercial Information Security
Assessment Process – in development.
ITSEC – Information Technology
Security Evaluation Criteria
This accreditation system is used in
Europe. Two main elements of a system are evaluated by ITSEC or TCSET:
Functionality and Assurance.
Two systems with the same
functionality can have different assurance levels. ITSEC separates these two
elements and rates them separately. In ITSEC, F1 to F10 rate the functionality
and E0 through E6 rate the assurance:
ITSEC
TCSEC
E0
D0
F1 +
E1
C1
F2 +
E2
C2
F3 +
E3
B1
F4 +
E4
B2
F5 +
E5
B3
F5 +
E6
A1
F6
High Integrity
F7
High Availability
F8
Data Integrity during communication
F9
High Confidentiality (encryption)
F10
Networks with high demands on confidentially and integrity.
Security products or systems are
referred to as TOE – Target of Evaluation.
10 functionality classes – F
8 Assurance Levels – Q
7 correctness levels – E
The ITSEC assurance classes are:
E0 :
Inadequate assurance to quality for E1.
E1 :
Informal definition of TOE architectural design. TOE satisfies functional
testing.
E2 :
E1 + information description of detailed design. Configuration control and
approved distribution procedure.
E3 :
E2 + source code and/or drawing have been evaluated.
E4 :
E3 + a formal model of security policy.
E5 :
E4 + close correspondence between detailed design and source code/drawings.
E6 :
E5 + Formal specification of security enforcing functions. Consistency with
formal security policy model.
CTCPEC
Canadian Trusted Computer Product
Evaluation Criteria
COMMON CRITERIA
International standard evaluation
criteria, initiated by ISO in 1990 and started in 1993.
One specific set of classifications,
internationally recognized. Evaluates a product against a “protection profile”
which is structured to address specific security problems.
A product is assigned an EAL –
Evaluation Insurance Level – EAL1 – EAL7.
Similar to other criteria, the
common criteria answers two basic questions:
- What does it do? (functionality)
- How sure are you? (assurance)
The protection profile contains:
- Descriptive elements
- Rationale
- Functional Requirements
- Development Assurance Requirements
- Evaluation Assurance Requirements
Certification: Technical evaluation of security components for the purpose
of accreditation.
Accreditation: Formal acceptance of the system’s overall adequacy by
management. Based partly on certification information.
SSE-CMM : System Security
Engineering, Capability Maturity Model
Based on the premise “If you can
guarantee the quality of the processes that are used by an organization, you
can guarantee the quality of the products and services generated by those
processes.”
Two dimensions are used to measure
the capability of an organization to perform specific activities. The two
dimensions are domain and capability.
Domain: All the practices that collectively define security
engineering.
Base practices: Related base practices are grouped into Process Areas (PAs)
Capability: Practices that indicate process management and
institutionalization capability. Generic Practices (GPs).
The GPs represent activities that
should be performed as part of BPs.
In the domain dimension, SSE-CMM
defined 11 security engineering process areas and 11 administrative process
areas.
Threats:
Some threats to security models and
architectures are:
Covert Channels: Information flow not controlled by the security mechanism.
- Covert timing channel
- Covert storage channel.
Addresses in TCSEC B2 and higher.
Back Doors: Also known as maintenance hooks / trapdoors.
Timing Issues: Also known as ‘asynchronous attack’. Deals with the timing
different in the sequence of steps a system uses to complete a task.
Time of Check vs. Time of Use
(TOC/TOU) – Also known as “race conditions”
Buffer Overflows: “Smashing the stack”.
Each of these can lead to a
violation of the system security policy.
Recovery Procedures:
The system must recover/restart from
an error in a secure state – maintenance mode: access only by privileged users
from privileged terminals.
Failsafe: Program execution terminated, system protected from
compromise.
Failsoft (resilient): Non-critical processing is terminated.
Failover: Switching to duplicate (hot) backup in real time.
Cold start: System cannot be restored to a known secure state.
