Chapter 9
Networking &
Distributed Security
(Part B)
Outline

Overview of Networking

Threats
Wiretapping, impersonation, message
interruption/modification, DoS

Controls
Encryption, authentication, distributed authentication, traffic
control, integrity control

Email privacy: PEM, PGP

Firewalls

Multilevel networks
csci5233 computer security &
integrity (Chap. 9)
2
Network Security Controls: Encryptions
o
Host-level (link) encryption: Fig. 9-16, p.406
 Link encryption occurs at layer 1 (physical) or layer 2 (data
link) in the OSI model.
 Data is encrypted before the system places it on the physical
communication link.
 Data is decrypted when entering the destination host.
+ Encryption is performed by efficient and reliable hardware.
+ Encryption is invisible to the OS and the application.
- Data are “in the clear” at the higher layers (layer 3 and
above).
- Data need to be decrypted by the intermediate hosts.
Q: How many intermediate hosts are there?
csci5233 computer security &
integrity (Chap. 9)
3
Network Security Controls: Encryptions

Application-level (end-to-end) encryption: Fig. 9-18
 Encryption is performed between the sending application
and the receiving application.
 The encryption can be done by hardware device (between
the user and the host) or by software.
 A message is transmitted in encrypted form throughout the
network.  a secure virtual tunnel
+ No cleartext exposure in any host. Is this true?
+ No exposure in intermediate hosts.
- slower than link level encryption
- If symmetric keys are used, totally n * (n-1) / 2 keys are
needed between every n applications.
csci5233 computer security &
integrity (Chap. 9)
4
Network Security Controls: Encryptions

Comparison of link and end-to-end encryption
 Table 9-2: p.409
Link encryption
+ invisible to user
- all or none
+ efficient (hardware encryption)
- only secure at levels 1 or 2
+ Less keys may be needed.

End-to-end
- user level encryption
+ flexibility
- less efficient
- end-to-end security
- More keys are needed.
Any other encryption-based network controls?
csci5233 computer security &
integrity (Chap. 9)
5
VPN (Virtual Private Network)

There are two common types of VPNs:
– Remote-Access
• Also called a Virtual Private Dial-up Network (VPDN)
• a user-to-LAN connection used by a company that has
employees who need to connect to the private network
from various remote locations
• Typically, a corporation that wishes to set up a large
remote-access VPN provides some form of Internet dialup account to their users using an ISP.

– Site-to-Site
• Through the use of dedicated equipment and large-scale
encryption, a company can connect multiple fixed sites
over a public network such as the Internet.
Use of VPN to secure wireless LAN
csci5233 computer security &
integrity (Chap. 9)
6
VPN Encryptions

Most VPNs use one of the following protocols to
provide encryption: IPSec, PPTP/MPPE, and
L2TP/IPSec.
 IPSec - Internet Protocol Security Protocol (IPSec).
• Tunnel mode encrypts the header and the payload of
each packet while transport mode only encrypts the
payload.
• All devices must use a common key or certificate and
must have very similar security policies set up.
• IPSec supports either 56-bit (single DES) or 168-bit
(triple-DES) encryption.
 PPTP/MPPE – Point-To-Point Tunneling Protocol
• PPTP supports multi-protocol VPNs, with 40-bit and 128bit encryption using a protocol called Microsoft Point-toPoint Encryption (MPPE).
• PPTP by itself does not provide data encryption.
csci5233 computer security &
integrity (Chap. 9)
7
VPN Encryptions
 L2TP/IPSec - Commonly called L2TP over IPSec
• This provides the security of the IPSec protocol over the
tunneling of Layer 2 Tunneling Protocol (L2TP).
• Primarily used for remote-access VPNs with Windows
2000 operating systems, since Windows 2000 provides a
native IPSec and L2TP client.
• Internet Service Providers can also provide L2TP
connections for dial-in users, and then encrypt that traffic
with IPSec between their access-point and the remote
office network server.

VPN References:
 http://www.cisco.com/warp/public/471/how_vpn_works.shtml#intro
 http://pptpclient.sourceforge.net/
csci5233 computer security &
integrity (Chap. 9)
8
Network Security Controls:
Authentication / Access Control


Two goals of access control in a network:
a.
To protect a single system from unauthorized users
b.
To prevent unauthorized users to access a computer by
passing through another computer (distributed
authentication)
Protection of dial-in ports:
a special case of distributed user authentication
1.
Automatic call-back
2.
Differentiated access rights depending on access methods
(local vs remote)
3.
Silent modem
Q: Any other methods for dial-in port protection?
csci5233 computer security &
integrity (Chap. 9)
9
Network Security Controls:
Distributed authentication

Two issues:
a.
To protect a single system from unauthorized remote users
distributed user authentication
b.
To protect a network node from unauthorized access
coming from other nodes  computer-to-computer
authentication

Several approaches:





Distributed Authentication (by Digital, DEC)
Kerberos (by MIT)
DCE - Distributed Computing Environment (by OSF)
SESAME (a European R&D project)
CORBA – Common Object Request Broker Architecture
(by OMG)
csci5233 computer security &
integrity (Chap. 9)
10
Digital Distributed Authentication

1989, 1990

Gasser, Morrie, and Ellen McDermot. “An Architecture for
Practical Delegation in a Distributed System”. Proceedings of
the 1990 IEEE Symposium on Security and Privacy. 5/1990.

Issues to be resolved:
1.
Impersonation of a server by a rogue process
2.
Interception / modification of data exchanged btwn servers
3.
Replay of a previous authentication
Approach:


•
Creation of a session key using public keys
•
The session key is used to encrypt further
communications between the servers.
Implementation issues: public key distribution & certification
csci5233 computer security &
integrity (Chap. 9)
11
Kerberos

Kerberos (Greek): a 3-headed dog that in Greek mythology
guards the entrance to Hades

[Steiner, J., Neuman, C., and J. Schiller, 1988] "Kerberos: An
Authentication Service for Open Network Systems", pp. 191202 in Usenix Conference Proceedings, 2/1988.

[Kohl, J. and C. Neuman, 1993] The Kerberos Network
Authentication Service (V5). RFC1510. 9/1993.

Purpose: authentication in distributed systems

Two types of servers:
A Kerberos server (KS) – establish a session key btwn a user
and the TGS
A ticket granting server (TGS) – grant a ticket to a user request
access to a resource
csci5233 computer security &
integrity (Chap. 9)
12
Kerberos

Using Kerberos:
1.
The user obtains a session key (SG)and a ticket (TG)from
the KS. The KS also sends the session key and the user’s
id to the TGS. (Fig. 9-21, p.413)
Q. What is the session key for?
Q. What information are contained in the ticket?
Q. To whom would the user present the ticket?
Q. Does the user transmit his password to the KS?
2.
The user requests access to an object by obtaining from
the TGS a ticket (TF) and a session key (SF). (Fig. 9-22)
Q. What is the session key for?
Q. What information are contained in the ticket? SF (p.414)
Q. To whom would the user present the ticket? Fig. 9-23
Q. Can the ticket be read, modified or forged? Why or why
not?
csci5233 computer security &
integrity (Chap. 9)
13
Kerberos

Strength:
+
No passwords are transmitted on the network.
+
Cryptographic protection against spoofing: Every access is
checked by the TGS and the respective resource server.
+
Limited period of validity: Every ticket has a time stamp.
+
Time stamps to prevent replay attack: Use of a reliable
universal clock is required.
+
Mutual authentication: A secure channel btwn a user and a
server can be established, via the use of a ticket and a
session key. Both the serve and the user can authenticate
each other. How?
csci5233 computer security &
integrity (Chap. 9)
14
Kerberos

Weakness :
–
A continuously available TGS is required. Both reliability
and performance may be potential problems.
–
Trust between the TGS and every server is required.
Trust in a distributed environment is hard to establish.
–
Timely transactions are required.
–
A subverted workstation can save and later replay user
passwords.
–
Password guessing works.
–
Kerberos does not scale well. Why? Fig. 9-23, p.415.
–
To enable the use of Kerberos in a distributed system, it is
required that all applications use Kerberos.
Q. Can the Kerberos server and the TGS be combined? Yes
(see DCE).
Q. What are the trade-offs?
csci5233 computer security &
integrity (Chap. 9)
15
Distributed Computing Environment

An OSF project, 1992
(now the Open Group,
http://www.opengroup.org/dce/)

OSF DCE provides a foundation on which other distributed
services and applications may be built. Fig. 9-24, p.416.

DCE is called "middleware" or "enabling technology“. It is not
intended to exist alone, but instead should be bundled into a
vendor's operating system offering, or integrated in by a thirdparty vendor.

DCE is not an application in itself, but is used to build custom
applications or to support purchased applications.

The security service in DCE is based on Kerberos, with the
KS and the TGS combined into a Security Server.

A cell is an administrative domain, consisting of the set of
subjects and objects managed together.

OSF Distributed Computing Environment FAQ

DCE RFCs
csci5233 computer security &
integrity (Chap. 9)
16
SESAME

A European Commission’s R&D project

Similar to DCE

It uses Kerberos extensively.

It preceded both Kerberos and DCE in use of public key
technology for secure authentication and distributing privilege
attributes and tickets to users.

Note: Both Kerberos and DCE used symmetric keys initially,
but have moved to support public keys.
csci5233 computer security &
integrity (Chap. 9)
17
CORBA

Common Object Request Broker Architecture

An OMG specification, http://www.omg.org/corba/

An ORB is a traffic director that joins clients’ requests to
appropriate servers.

Cross-platform interoperability
“Using the standard protocol IIOP (Internet Inter-ORB
Protocol), a CORBA-based program from any vendor, on
almost any computer, operating system, programming
language, and network, can interoperate with a CORBAbased program from the same or another vendor, on
almost any other computer, operating system,
programming language, and network.“
(http://www.omg.org/gettingstarted/corbafaq.htm#WhatIsIt)
csci5233 computer security &
integrity (Chap. 9)
18
CORBA

The separation of interface from implementation, enabled by
OMG IDL, is the essence of CORBA.
csci5233 computer security &
integrity (Chap. 9)
19
CORBA Security Services


[Viega & McGraw] p.54
OMG standards define two levels of CORBA security services.
 Level 1 is intended for applications that may need to be
secure, but where the code itself need not be aware of
security issues.
In such a case, all security operations should be handled
by the underlying ORB.
 Level 2 supports other advanced security features, and the
application is likely to be aware of these.


Most CORBA’s security features are built into the underlying
IIOP protocol, which supports secure communication using
cryptography.
Mutual authentication is possible between the server and the
user.
csci5233 computer security &
integrity (Chap. 9)
20
CORBA

Strength of CORBA:
 Flexibility of security policy: Any security policy may be
supported, at the level of the ORB.
 Independence of security technology: security technology
neutral
 Interoperability

Drawback:
 CORBA specifications describe the means by which security
functionality can be linked to a CORBA object, but there is
no requirement to do so.
 Implementations of the CORBA specification vary widely in
terms of supported functionalities. (Example: tunneling
connections through a firewall. See VM, p.56.)
csci5233 computer security &
integrity (Chap. 9)
21
Network Security Controls:
Traffic control

Traffic (flow) analysis
an attack launched by an interceptor who examines the traffic
of a network to gather and/or to infer information
The mere existence of messages flowing from one point to
another can be sensitive information.
Examples: p.418

Control against traffic analysis:
Spurious messages between points of low traffic
csci5233 computer security &
integrity (Chap. 9)
22
Network Security Controls:
Data Integrity Control

The goal: To ensure that data is correctly stored,
communicated, and modified in the network

Types of controls:
1.
2.
Cryptographic checksums
Parity bits
Byte parity bit: 1 if the sum of bits in a byte is even; 0
otherwise
Longitudinal parity bit + byte parity bit: p.421
3.
4.
Other error checking codes: hash value, message digest
Digital signatures: In a network, digital signatures are
used to check authenticity of a message and also to
enable auditability/traceability of data change.
Notarization: a 3rd party authority (notary) between two
users in a network
5.
csci5233 computer security &
integrity (Chap. 9)
23
Summary

Next:
– Email privacy: PEM, PGP
– Firewalls
csci5233 computer security &
integrity (Chap. 9)
24