1. No category

Identity

CSC 382: Computer Security
Identity
CSC 382: Computer Security
Slide #1
Identity
1.
2.
3.
4.
5.
6.
What is Identity?
Files and Objects
Users
Groups and Roles
Naming and Certificates
Internet Identity and Anonymity
CSC 382: Computer Security
Slide #2
What is Identity?
Computer’s representation of an entity
– Entities can be subjects or objects.
Authentication binds a principal to an identity.
Example:
– username expresses your identity.
– password binds the person typing to that
particular identity (username).
CSC 382: Computer Security
Slide #3
Purpose of Identity
Access Control
– Most systems base access rights on identity of
principal executing the process.
Accountability
– Logging and auditing functions.
– Need to track identity across account/role
changes (e.g., su, sudo).
CSC 382: Computer Security
Slide #4
Files and Objects
Objects are identified by assigning names
Example: UNIX filenames
– inode: unique identifier, contains file metadata and
location of disk blocks.
– file descriptor: abstracts inode on a per-process basis
for file reading and writing.
– absolute pathnames: describe location in filesystem.
– relative pathnames: describe locations of file with
respect to current working directory.
CSC 382: Computer Security
Slide #5
Remote Objects
Remote objects require more complex names.
Example: URLs
– Identifies objects by location and protocol
required to access it.
– <scheme>://<authority><path>?<query>
– example: ftp://abcorp.com/pub/README
CSC 382: Computer Security
Slide #6
Users
Identity tied to a single entity.
Example: UNIX UIDs
– UNIX identifies user with 15- to 32-bit user ID.
– Also provides login names for convenience
• Each login name corresponds to a single UID.
• A UID may have multiple login names.
–
–
–
–
UID=0 is superuser regardless of login name.
Real UID is actual user.
Effective UID (EUID) used for access control.
SetUID programs allow EUID to differ from UID.
CSC 382: Computer Security
Slide #7
Groups and Roles
An “entity” may be a set of entities referred to by
a single identifier.
Principals often need to share access to files, and
thus are taken as groups.
– static: alias for a group of principles.
– dynamic: principal changes from one group to another
as different privileges are needed.
role: a group that ties membership to function
example: UNIX groups
CSC 382: Computer Security
Slide #8
Certificates
Bind a cryptographic key to a principal.
How to identify the principal?
– Distinguished Names provide unique names
despite people sharing first and last names.
– Certification Authorities (CAs) link DNs to a
particular person.
CSC 382: Computer Security
Slide #9
Distinguished Names
Hierarchical naming system
– Used by X509.3 certificates, LDAP
String representation:
– Series of key value pairs, separated by /’s
Example:
/O=University of Toledo/OU=Dept. of
EECS/CN=James Walden
CSC 382: Computer Security
Slide #10
Certification Authorities
CA Authentication Policy: Describes level
of authentication required to identify a
principle to whom a certificate is issued
CA Issuance Policy: Describes principals to
whom CA will issue certificates
CSC 382: Computer Security
Slide #11
CA Example: Verisign
Authentication Policies
1. Authenticates email address
2. Authenticates real name and address
3. Authenticates legal identity via a background
check from investigative service
Issuance Policies
– Issue to individuals
– Issue to web servers (organizations)
CSC 382: Computer Security
Slide #12
CA Hierarchy
Hierarchical tree of CAs
– Identify CAs by DNs
– Root = Internet Policy Registration Authority
– Policy Certification Authorities (PCAs)
• Each has public authentication and issuance policies.
• Issue certificates to ordinary CA.
– Subordinate nodes must follow policies of
parents, but can add more restrictions.
– Make trust decisions by walking up tree.
CSC 382: Computer Security
Slide #13
Host Identity
Ethernet (MAC) Address
– 48-bit data link level identifier
– example: 00:0B:DB:78:39:8A
IP Address
– 32-bit network level identifier
– ex: 10.17.0.101
IPv6 Address
– 128-bit network level identifier
– ex: fe80::2a0:c9ff:fe97:153d/64
Hostname (DNS name)
– string application level identifier
– ex: www.nku.edu
CSC 382: Computer Security
Slide #14
Anonymity
Internet connections are associated with a
particular host.
What if you don’t want your identity
associated with a connection?
Solution: anonymizer
– A proxy server that performs connection on
your behalf.
– Internet connection associated with
anonymizer, not your IP address.
CSC 382: Computer Security
Slide #15
Pseudo-anonymous Remailer
1. Maps anonymous ID to sender.
2. Replaces sender’s email addresses and
other identifying information.
3. Forwards message to destination host.
4. Replies are also anonymized and
forwarded to original sender.
Caveat: sender and recipient both known to
pseudo-anonymous remailer.
CSC 382: Computer Security
Slide #16
Cypherpunk Remailer
1.
2.
3.
4.
Encipher message with recipient’s public key.
No mapping between originator/remailer address.
Delete header.
Decipher one layer of PGP encryption (using
remailer’s private key).
5. Encipher with PGP public key of next remailer.
6. Forward to next remailer or destination.
CSC 382: Computer Security
Slide #17
Traffic Analysis
Attacker can still obtain association if remailer
immediately forwards messages
– Delay messages for random time interval.
– Randomize processing order of messages.
• Keep pool of incoming messages.
• Send random message once n messages in pool.
• What if attacker sends messages to fill pool?
Attacker can obtain associations by watching
message size.
– Message size decreases with each remailing.
CSC 382: Computer Security
Slide #18
Mixmaster Remailer
Cypherpunk remailer that handles only
enciphered messages and pads or fragments
all messages to a fixed size before sending.
– All messages uniquely numbered to avoid
replay attacks.
– Messages not re-assembled until last remailer.
CSC 382: Computer Security
Slide #19
Key Points
1.
2.
3.
4.
All access control is based on identity.
Identity may have multiple representations.
Identities are bound to principals.
Anonymity allows interaction without
knowledge of true identity.
psuedo-anonymity: intermediary knows identity.
true anonymity: no one knows true identity.
CSC 382: Computer Security
Slide #20
References
1.
2.
3.
4.
5.
6.
Phil Agre. “Your Face is not a Bar Code,”
http://polaris.gseis.ucla.edu/pagre/bar-code.html, 2003.
Ross Anderson, Security Engineering, Wiley, 2001.
Matt Bishop, Introduction to Computer Security, AddisonWesley, 2005.
Bruce Schneier, “Biometrics: Truths and Fictions,”
Cryptogram, http://www.schneier.com/crypto-gram9808.html#biometrics, 1998.
John Viega and Gary McGraw, Building Secure Software,
Addison-Wesley, 2002.
David Wheeler, Secure Programming for UNIX and Linux
HOWTO, http://www.dwheeler.com/secureprograms/Secure-Programs-HOWTO/index.html, 2003.
CSC 382: Computer Security
Slide #21

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz