SlideShare a Scribd company logo

2. access control

Download as PPT, PDF
7
7wounders
EducationBusinessTechnology
1 of 57
Access Control Systems & Methodology dswami@vsnl.com 98402 99933 1
Topics to be covered  Overview  Tokens/SSO  Access control  Kerberos implementation  Attacks/Vulnerabilities/Monitori  Types of access control ng  MAC & DAC  IDS  Orange Book  Object reuse  Authentication  TEMPEST  Passwords  RAS access control  Biometrics  Penetration Testing 2
What is access control?  Access controls are the collection of mechanisms that specify what users can do on the system, such as what resources they can access and what operations they can perform. • The ability to allow only authorized users, programs or processes system or resource access • The granting or denying, according to a particular security model, of certain permissions to access a resource • An entire set of procedures performed by hardware, software and administrators, to monitor access, identify users requesting access, record access attempts, and grant or deny access based on pre-established rules. 3
The Big Three Confidentiality  An attack on confidentiality is when an entity, such as a person, program, or computer, gains unauthorized access to sensitive information. Integrity  An attack on integrity occurs when an unauthorized entity gains access and tampers with a system resource. Another type of integrity attack occurs when an unauthorized entity inserts objects into the system or performs an unauthorized modification. Availability  An attack on availability is when an asset on the system is destroyed, rendered unavailable, or caused to be unusable. 4
Access control Cont… Authentication  Process through which one proves and verifies certain information Identification  Process through which one ascertains the identity of another person or entity Separation of Duties  A process is designed so that separate steps / operations must be performed by different people.  Collusion is an agreement among two or more people to commit fraud. Least Privilege  A policy that limits both the system’s users and processes to access only those resources necessary to perform 5 assigned functions.
How can AC be implemented? Hardware Software • Application • Protocol (Kerberos, IPSec…) Physical Logical (policies) 6
Access Control Protects  Data - Unauthorized viewing, modification or copying  System - Unauthorized use, modification or denial of service  It should be noted that nearly every network operating system (Win2K, NT, Unix, Vines, NetWare…) is based on a secure physical infrastructure  Protection from Threats  Prepares for minimal Impact  Accountability 7
Proactive access control  Awareness training  Background checks  Separation of duties  Split knowledge  Policies  Data classification  Effective user registration  Termination procedures  Change control procedures 8
Physical Control  Guards  Locks  Mantraps  ID badges  CCTV, sensors, alarms  Biometrics  Fences - the higher the voltage the better  Card-key and tokens  Guard dogs 9
Technical (Logical) Controls  Access control software, such as firewalls, proxy servers  Anti-virus software  Passwords  Smart cards/biometrics/badge systems  Encryption  Dial-up callback systems  Audit trails  Intrusion detection systems (IDSs) 10
Administrative Control  Policies and procedures  Security awareness training  Separation of duties  Security reviews and audits  Rotation of duties  Procedures for recruiting and terminating employees  Security clearances  Background checks  Alert supervision  Performance evaluations  Mandatory vacation time 11
AC & privacy issues Expectation of privacy Policies Monitoring activity, Internet usage, e-mail Login banners should detail expectations of privacy and state levels of monitoring 12
Types of Access Control  Mandatory (MAC)  Discretionary (DAC)  Lattice / Role Based / Task Based  Formal models: Bell-La Padula - Focuses on the confidentiality of classified information Biba - Rules for the protection of Information Integrity Take/Grant – A directed Graph to specify the rights that a subject can transfer to, or take from, another subject Clark/Wilson – The Integrity Model based on Well Formed Transactions 13
Mandatory Access Control  Assigns sensitivity levels, AKA labels  Every object is given a sensitivity label & is accessible only to users who are cleared up to that particular level.  Only the administrators, not object owners, make change the object level  Generally more secure than DAC  Orange book B-level  Used in systems where security is critical, i.e., military  Hard to program for and configure & implement 14
Mandatory Access Control Cont…  Downgrade in performance  Relies on the system to control access  Example: If a file is classified as confidential, MAC will prevent anyone from writing secret or top secret information into that file.  All output, i.e., print jobs, floppies, other magnetic media must have be labeled as to the sensitivity level 15
Discretionary Access Control Access is restricted based on the authorization granted to the user Orange book C-level Prime use to separate and protect users from unauthorized data Used by Unix, NT, NetWare, Linux, Vines, etc. Relies on the object owner to control access 16
Access control lists (ACL) A file used by the access control system to determine who may access what programs and files, in what method and at what time Different operating systems have different ACL terms Types of access: Read/Write/Create/Execute/Modify/Delete/Renam e 17
Standard UNIX file permissions Permission Allowed action, if object is a Allow action if object is a directory file R (read) Reads contents of a file List contents of the directory X (execute) Execute file as a program Search the directory W (write) Change file contents Add, rename, create files and subdirectories 18
Standard NT file permissions Permission Allowed action, if object is Allow action if object is a a file directory No access None None List N/A RX Read RX RX Add N/A WX Add & Read N/A RWX Change RWXD RWXD Full Control All All R- Read X - Execute W - Write D - Delete 19
MAC vs. DAC Discretionary Access Control You decided how you want to protect and share your data Mandatory Access Control  The system decided how the data will be shared 20
Problems with formal models  Based on a static infrastructure  Defined and succinct policies  These do not work in corporate systems which are extremely dynamic and constantly changing  None of the formal models deals with: Viruses/active content Trojan horses firewalls  Limited documentation on how to build these systems 21
Orange Book DoD Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, 1983 Provides the information needed to classify systems (A,B,C,D), defining the degree of trust that may be placed in them For stand-alone systems only Windows NT has a C2 utility, it does many things, including disabling networking 22
Orange book levels A - Verified protection A1 B - MAC B1/B2/B3 C - DAC C1/C2 D - Minimal security. Systems that have been evaluated, but failed 23
The Orange Book Limitations Based on an old model, Bell-La Padula Stand alone, no way to network systems Systems take a long time (1-2 years) to certify Any changes (hot fixes, service packs, patches) break the certification Has not adapted to changes in client-server and corporate computing Certification is expensive For the most part, not used outside of the government sector 24
Red Book Used to extend the Orange Book to networks Actually two works: Trusted Network Interpretation of the TCSEC (NCSC-TG-005) Trusted Network Interpretation Environments Guideline: Guidance for Applying the Trusted Network Interpretation (NCSC-TG-011) 25
Authentication Three Types of Authentication:  Something you know - Password, PIN, mother’s maiden name, passphrase…  Something you have - ATM card, smart card, token, key, ID Badge, driver license, passport…  Something you are - Fingerprint, voice scan, iris scan, retina scan, DNA… 26
Multi-factor authentication  2-factor authentication. To increase the level of security, many systems will require a user to provide 2 of the 3 types of authentication.  ATM card + PIN  Credit card + signature  PIN + fingerprint  Username + Password (NetWare, Unix, NT default)  3-factor authentication -- For highest security Username + Password + Fingerprint Username + Passcode + SecurID token 27
Problems with passwords  Insecure - Given the choice, people will choose easily remembered and hence easily guessed passwords such as names of relatives, pets, phone numbers, birthdays, hobbies, etc.  Easily broken - Programs such as crack, SmartPass, PWDUMP, NTCrack & l0phtcrack can easily decrypt Unix, NetWare & NT passwords. Dictionary attacks are only feasible because users choose easily guessed passwords!  Inconvenient - In an attempt to improve security, organizations often issue users with computer- generated passwords that are difficult, if not impossible to remember  Repudiable - Unlike a written signature, when a transaction is signed with only a password, there is no real proof as to the identity of the individual that made 28 the transaction
Classic password rules  The best passwords are those that are both easy to remember and hard to crack using a dictionary attack. The best way to create passwords that fulfill both criteria is to use two small unrelated words or phonemes, ideally with a special character or number. Good examples would be hex7goop or -typetin  Don’t use:  common names, DOB, spouse, phone #, etc.  word found in dictionaries  password as a password  systems defaults 29
Password management Configure system to use string passwords Set password time and lengths limits Limit unsuccessful logins Limit concurrent connections Enabled auditing How policies for password resets and changes Use last login dates in banners 30
Password Attacks Dictionary Crack John the Ripper Brute force l0phtcrack Hybrid Attack Dictionary and Brute Force Trojan horse login program Password sending Trojans 31
Biometrics Authenticating a user via human characteristics Using measurable physical characteristics of a person to prove their identification Fingerprint signature dynamics Iris retina voice face DNA, blood 32
Advantages of fingerprint-based biometrics  Can’t be lent like a physical key or token and can’t be forgotten like a password  Good compromise between ease of use, template size, cost and accuracy  Fingerprint contains enough inherent variability to enable unique identification even in very large (millions of records) databases  Basically lasts forever -- or at least until amputation or dismemberment  Makes network login & authentication effortless 33
Biometric Disadvantages  Still relatively expensive per user  Companies & products are often new & immature  No common API or other standard  Some hesitancy for user acceptance 34
Biometric privacy issues  Tracking and surveillance - Ultimately, the ability to track a person's movement from hour to hour  Anonymity - Biometric links to databases could dissolve much of our anonymity when we travel and access services  Profiling - Compilation of transaction data about a particular person that creates a picture of that person's travels, preferences, affiliations or beliefs 35
Practical biometric applications  Network access control  Staff time and attendance tracking  Authorizing financial transactions  Government benefits distribution (Social Security, welfare, etc.)  Verifying identities at point of sale  Using in conjunction with ATM , credit or smart cards  Controlling physical access to office buildings or homes  Protecting personal property  Prevent against kidnapping in schools, play areas, etc.  Protecting children from fatal gun accidents  Voting/passports/visas & immigration 36
Tokens Used to facilitate one-time passwords Physical card SecurID S/Key Smart card Access token 37
Synchronous Token 38
Asynchronous Token 39
Smart Card 40
Single sign-on User has one password for all enterprise systems and applications That way, one strong password can be remembered and used All of a users accounts can be quickly created on hire, deleted on dismissal Hard to implement and get working Kerberos, CA-Unicenter, Memco Proxima, IntelliSoft SnareWorks, Tivoli Global Sign-On, x.509 41
Kerberos Part of MIT’s Project Athena Kerberos is an authentication protocol used for network wide authentication All software must be kerberized Tickets, authenticators, key distribution center (KDC) Divided into realms Kerberos is the three-headed dog that guards the entrance to Hades (this won’t be on the test) 42
Kerberos Roles KDC divided into Authentication Server & Ticket Granting Server (TGS) Authentication Server - authentication the identities of entities on the network TGS - Generates unique session keys between two parties. Parties then use these session keys for message encryption 43
Kerberos Authentication User must have an account on the KDC KDC must be a trusted server in a secured location Shares a DES key with each user When a user want to access a host or application, they request a ticket from the KDC via klogin & generate an authenticator that validates the tickets User provides ticket and authenticator to the application, which processes them for validity and will then grant access. 44
Problems with Kerberos Each piece of software must be kerberized Requires synchronized time clocks Relies on UDP which is often blocked by many firewalls Kerberos v4 binds tickets to a single network address for a hosts. Host with multiple NIC’s will have problems using tickets 45
Attacks  Passive attack - Monitor network traffic and then use data obtained or perform a replay attack. Hard to detect  Active attack - Attacker is actively trying to break- in. Exploit system vulnerabilities Spoofing Crypto attacks  Denial of service (DoS) - Not so much an attempt to gain access, rather to prevent system operation Smurf, SYN Flood, Ping of death Mail bombs 46
Vulnerabilities Physical Natural Floods, earthquakes, terrorists, power outage, lightning Hardware/Software Design Weakness Media Corrupt electronic media, stolen disk drives Emanation EMR, RF Communications Sniffing, Wire Tapping, Radiation Human 47 Social engineering, disgruntled staff
Monitoring  IDS Network based and Host Based (Signature and Anomaly Detection)  Logs System Logs and Audit Logs  Audit trails  Network tools Network Monitor (Sniffers and SNMP Based Tools) Tivoli Spectrum OpenView 48
Intrusion Detection Systems IDS monitors system or network for attacks IDS engine has a library and set of signatures that identify an attack Adds defense in depth Should be used in conjunction with a system scanner (CyberCop, ISS S3) for maximum security 49
Object reuse  Must ensure that magnetic media must not have any remanance of previous data  Also applies to buffers, cache and other memory allocation  Required at TCSEC B2/B3/A1 level  Secure Deletion of Data from Magnetic and Solid- State Memory  Documents recently declassified  Objects must be declassified  Magnetic media must be degaussed or have secure overwrites 50
TEMPEST Electromagnetic emanations from keyboards, cables, printers, modems, monitors and all electronic equipment. With appropriate and sophisticated enough equipment, data can be readable at a few hundred yards. TEMPEST certified equipment, which encases the hardware into a tight, metal construct, shields the electromagnetic emanations WANG Federal is the leading provider of TEMPEST hardware TEMPEST hardware is extremely expensive and can only be serviced by certified technicians Rooms & buildings can be TEMPEST-certified TEMPEST standards NACSEM 5100A NACSI 5004 are classified documents 51
Banners Banners display at login or connection stating that the system is for the exclusive use of authorized users and that their activity may be monitored Not foolproof, but a good start, especially from a legal perspective Make sure that the banner does not reveal system information, i.e., OS, version, hardware, etc. 52
RAS access control  RADIUS (Remote Authentication Dial-In User Service) - client/server protocol & software that enables RAS to communicate with a central server to authenticate dial-in users & authorize their access to requested systems  TACACS/TACACS+ (Terminal Access Controller Access Control System) - Authentication protocol that allows a RAS to forward a users logon password to an authentication server. TACACS is an unencrypted protocol and therefore less secure than the later TACACS+ and RADIUS protocols. A later version of TACACS is XTACACS (Extended TACACS). May 1997 - TACACS and XTACACS are 53 considered Cisco End-of-Maintenance
Penetration Testing  Basically Measuring the Security of Your Network by Breaking Into it  Identifies weaknesses in Internet, Intranet, Extranet, and RAS technologies  Discovery and footprint analysis  Exploitation  Physical Security Assessment  Social Engineering  Attempt to identify vulnerabilities and gain access to critical systems within organization  Identifies and recommends corrective action for the systemic problems which may help propagate these vulnerabilities throughout an organization  Assessments allow client to demonstrate the need for additional security resources, by translating exiting vulnerabilities into real life business risks 54
Rule of least privilege  One of the most fundamental principles of infosec  States that: Any object (user, administrator, program, system) should have only the least privileges the object needs to perform its assigned task, and no more.  An AC system that grants users only those rights necessary for them to perform their work  Limits exposure to attacks and the damage an attack can cause  Physical security example: car ignition key vs. door key 55
Implementing least privilege  Ensure that only a minimal set of users have root access  Don’t make a program run setuid to root if not needed. Rather, make file group-writable to some group and make the program run setgid to that group, rather than setuid to root  Don’t run insecure programs on the firewall or other trusted host 56
? 57

Recommended

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Access_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyAccess_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyArti Ambokar
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
8 Access Control
8 Access Control8 Access Control
8 Access ControlAlfred Ouyang
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control FundamentalsInformation Technology
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
Physical access control
Physical access controlPhysical access control
Physical access controlAhsin Yousaf
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 

Recommended

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Access_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyAccess_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyArti Ambokar
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
8 Access Control
8 Access Control8 Access Control
8 Access ControlAlfred Ouyang
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control FundamentalsInformation Technology
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
Physical access control
Physical access controlPhysical access control
Physical access controlAhsin Yousaf
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
System security
System securitySystem security
System securitysommerville-videos
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access controlElimity
 
Physical Security
Physical SecurityPhysical Security
Physical SecurityKriscila Yumul
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+DesignAlfred Ouyang
 
Computer Security
Computer SecurityComputer Security
Computer SecurityFrederik Questier
 
Information security
Information security Information security
Information security razendar79
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Mandatory access control for information security
Mandatory access control for information securityMandatory access control for information security
Mandatory access control for information securityAjit Dadresa
 
Wireless and mobile security
Wireless and mobile securityWireless and mobile security
Wireless and mobile securityPushkar Pashupat
 
Access control3
Access control3Access control3
Access control3Awhydot
 
Access control3
Access control3Access control3
Access control3Awhydot
 

More Related Content

What's hot

Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access controlElimity
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+DesignAlfred Ouyang
 
Information security
Information security Information security
Information security razendar79
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Mandatory access control for information security
Mandatory access control for information securityMandatory access control for information security
Mandatory access control for information securityAjit Dadresa
 
Wireless and mobile security
Wireless and mobile securityWireless and mobile security
Wireless and mobile securityPushkar Pashupat
 

What's hot (20)

System security
System securitySystem security
System security
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Social engineering
Social engineering Social engineering
Social engineering
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
Cia security model
Cia security modelCia security model
Cia security model
 
Network security
Network security Network security
Network security
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+Design
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Information security
Information security Information security
Information security
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Mandatory access control for information security
Mandatory access control for information securityMandatory access control for information security
Mandatory access control for information security
 
Wireless and mobile security
Wireless and mobile securityWireless and mobile security
Wireless and mobile security
 

Similar to 2. access control

Access control3
Access control3Access control3
Access control3Awhydot
 
Access control3
Access control3Access control3
Access control3Awhydot
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Linux Security in Operating System
Linux Security in Operating SystemLinux Security in Operating System
Linux Security in Operating SystemMeghaj Mallick
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
E gov security_tut_session_11
E gov security_tut_session_11E gov security_tut_session_11
E gov security_tut_session_11Mustafa Jarrar
 
2008-10-15 Red Hat Deep Dive Sessions: SELinux
2008-10-15 Red Hat Deep Dive Sessions: SELinux2008-10-15 Red Hat Deep Dive Sessions: SELinux
2008-10-15 Red Hat Deep Dive Sessions: SELinuxShawn Wells
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointBeyondTrust
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxechnrketan
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
2008 08-12 SELinux: A Key Component in Secure Infrastructures
2008 08-12 SELinux: A Key Component in Secure Infrastructures2008 08-12 SELinux: A Key Component in Secure Infrastructures
2008 08-12 SELinux: A Key Component in Secure InfrastructuresShawn Wells
 
Data Security And The Security
Data Security And The SecurityData Security And The Security
Data Security And The SecurityRachel Phillips
 

Similar to 2. access control (20)

Access control3
Access control3Access control3
Access control3
 
Access control3
Access control3Access control3
Access control3
 
8. operations security
8. operations security8. operations security
8. operations security
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
ANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdfANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdf
 
Introduction to SELinux Part-I
Introduction to SELinux Part-IIntroduction to SELinux Part-I
Introduction to SELinux Part-I
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Linux Security in Operating System
Linux Security in Operating SystemLinux Security in Operating System
Linux Security in Operating System
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
E gov security_tut_session_11
E gov security_tut_session_11E gov security_tut_session_11
E gov security_tut_session_11
 
2008-10-15 Red Hat Deep Dive Sessions: SELinux
2008-10-15 Red Hat Deep Dive Sessions: SELinux2008-10-15 Red Hat Deep Dive Sessions: SELinux
2008-10-15 Red Hat Deep Dive Sessions: SELinux
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the Endpoint
 
Ch20
Ch20Ch20
Ch20
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxe
 
Ppt linux
Ppt linuxPpt linux
Ppt linux
 
S5-Authorization
S5-AuthorizationS5-Authorization
S5-Authorization
 
PPT_Compiled
PPT_CompiledPPT_Compiled
PPT_Compiled
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
 
2008 08-12 SELinux: A Key Component in Secure Infrastructures
2008 08-12 SELinux: A Key Component in Secure Infrastructures2008 08-12 SELinux: A Key Component in Secure Infrastructures
2008 08-12 SELinux: A Key Component in Secure Infrastructures
 
Data Security And The Security
Data Security And The SecurityData Security And The Security
Data Security And The Security
 

More from 7wounders

10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
7. physical sec
7. physical sec7. physical sec
7. physical sec7wounders
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
5. telecomm & network security
5. telecomm & network security5. telecomm & network security
5. telecomm & network security7wounders
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 

More from 7wounders (6)

Cissp why
Cissp whyCissp why
Cissp why
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
5. telecomm & network security
5. telecomm & network security5. telecomm & network security
5. telecomm & network security
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 

Recently uploaded

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 

Recently uploaded (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 

2. access control

  • 1. Access Control Systems & Methodology dswami@vsnl.com 98402 99933 1
  • 2. Topics to be covered  Overview  Tokens/SSO  Access control  Kerberos implementation  Attacks/Vulnerabilities/Monitori  Types of access control ng  MAC & DAC  IDS  Orange Book  Object reuse  Authentication  TEMPEST  Passwords  RAS access control  Biometrics  Penetration Testing 2
  • 3. What is access control?  Access controls are the collection of mechanisms that specify what users can do on the system, such as what resources they can access and what operations they can perform. • The ability to allow only authorized users, programs or processes system or resource access • The granting or denying, according to a particular security model, of certain permissions to access a resource • An entire set of procedures performed by hardware, software and administrators, to monitor access, identify users requesting access, record access attempts, and grant or deny access based on pre-established rules. 3
  • 4. The Big Three Confidentiality  An attack on confidentiality is when an entity, such as a person, program, or computer, gains unauthorized access to sensitive information. Integrity  An attack on integrity occurs when an unauthorized entity gains access and tampers with a system resource. Another type of integrity attack occurs when an unauthorized entity inserts objects into the system or performs an unauthorized modification. Availability  An attack on availability is when an asset on the system is destroyed, rendered unavailable, or caused to be unusable. 4
  • 5. Access control Cont… Authentication  Process through which one proves and verifies certain information Identification  Process through which one ascertains the identity of another person or entity Separation of Duties  A process is designed so that separate steps / operations must be performed by different people.  Collusion is an agreement among two or more people to commit fraud. Least Privilege  A policy that limits both the system’s users and processes to access only those resources necessary to perform 5 assigned functions.
  • 6. How can AC be implemented? Hardware Software • Application • Protocol (Kerberos, IPSec…) Physical Logical (policies) 6
  • 7. Access Control Protects  Data - Unauthorized viewing, modification or copying  System - Unauthorized use, modification or denial of service  It should be noted that nearly every network operating system (Win2K, NT, Unix, Vines, NetWare…) is based on a secure physical infrastructure  Protection from Threats  Prepares for minimal Impact  Accountability 7
  • 8. Proactive access control  Awareness training  Background checks  Separation of duties  Split knowledge  Policies  Data classification  Effective user registration  Termination procedures  Change control procedures 8
  • 9. Physical Control  Guards  Locks  Mantraps  ID badges  CCTV, sensors, alarms  Biometrics  Fences - the higher the voltage the better  Card-key and tokens  Guard dogs 9
  • 10. Technical (Logical) Controls  Access control software, such as firewalls, proxy servers  Anti-virus software  Passwords  Smart cards/biometrics/badge systems  Encryption  Dial-up callback systems  Audit trails  Intrusion detection systems (IDSs) 10
  • 11. Administrative Control  Policies and procedures  Security awareness training  Separation of duties  Security reviews and audits  Rotation of duties  Procedures for recruiting and terminating employees  Security clearances  Background checks  Alert supervision  Performance evaluations  Mandatory vacation time 11
  • 12. AC & privacy issues Expectation of privacy Policies Monitoring activity, Internet usage, e-mail Login banners should detail expectations of privacy and state levels of monitoring 12
  • 13. Types of Access Control  Mandatory (MAC)  Discretionary (DAC)  Lattice / Role Based / Task Based  Formal models: Bell-La Padula - Focuses on the confidentiality of classified information Biba - Rules for the protection of Information Integrity Take/Grant – A directed Graph to specify the rights that a subject can transfer to, or take from, another subject Clark/Wilson – The Integrity Model based on Well Formed Transactions 13
  • 14. Mandatory Access Control  Assigns sensitivity levels, AKA labels  Every object is given a sensitivity label & is accessible only to users who are cleared up to that particular level.  Only the administrators, not object owners, make change the object level  Generally more secure than DAC  Orange book B-level  Used in systems where security is critical, i.e., military  Hard to program for and configure & implement 14
  • 15. Mandatory Access Control Cont…  Downgrade in performance  Relies on the system to control access  Example: If a file is classified as confidential, MAC will prevent anyone from writing secret or top secret information into that file.  All output, i.e., print jobs, floppies, other magnetic media must have be labeled as to the sensitivity level 15
  • 16. Discretionary Access Control Access is restricted based on the authorization granted to the user Orange book C-level Prime use to separate and protect users from unauthorized data Used by Unix, NT, NetWare, Linux, Vines, etc. Relies on the object owner to control access 16
  • 17. Access control lists (ACL) A file used by the access control system to determine who may access what programs and files, in what method and at what time Different operating systems have different ACL terms Types of access: Read/Write/Create/Execute/Modify/Delete/Renam e 17
  • 18. Standard UNIX file permissions Permission Allowed action, if object is a Allow action if object is a directory file R (read) Reads contents of a file List contents of the directory X (execute) Execute file as a program Search the directory W (write) Change file contents Add, rename, create files and subdirectories 18
  • 19. Standard NT file permissions Permission Allowed action, if object is Allow action if object is a a file directory No access None None List N/A RX Read RX RX Add N/A WX Add & Read N/A RWX Change RWXD RWXD Full Control All All R- Read X - Execute W - Write D - Delete 19
  • 20. MAC vs. DAC Discretionary Access Control You decided how you want to protect and share your data Mandatory Access Control  The system decided how the data will be shared 20
  • 21. Problems with formal models  Based on a static infrastructure  Defined and succinct policies  These do not work in corporate systems which are extremely dynamic and constantly changing  None of the formal models deals with: Viruses/active content Trojan horses firewalls  Limited documentation on how to build these systems 21
  • 22. Orange Book DoD Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, 1983 Provides the information needed to classify systems (A,B,C,D), defining the degree of trust that may be placed in them For stand-alone systems only Windows NT has a C2 utility, it does many things, including disabling networking 22
  • 23. Orange book levels A - Verified protection A1 B - MAC B1/B2/B3 C - DAC C1/C2 D - Minimal security. Systems that have been evaluated, but failed 23
  • 24. The Orange Book Limitations Based on an old model, Bell-La Padula Stand alone, no way to network systems Systems take a long time (1-2 years) to certify Any changes (hot fixes, service packs, patches) break the certification Has not adapted to changes in client-server and corporate computing Certification is expensive For the most part, not used outside of the government sector 24
  • 25. Red Book Used to extend the Orange Book to networks Actually two works: Trusted Network Interpretation of the TCSEC (NCSC-TG-005) Trusted Network Interpretation Environments Guideline: Guidance for Applying the Trusted Network Interpretation (NCSC-TG-011) 25
  • 26. Authentication Three Types of Authentication:  Something you know - Password, PIN, mother’s maiden name, passphrase…  Something you have - ATM card, smart card, token, key, ID Badge, driver license, passport…  Something you are - Fingerprint, voice scan, iris scan, retina scan, DNA… 26
  • 27. Multi-factor authentication  2-factor authentication. To increase the level of security, many systems will require a user to provide 2 of the 3 types of authentication.  ATM card + PIN  Credit card + signature  PIN + fingerprint  Username + Password (NetWare, Unix, NT default)  3-factor authentication -- For highest security Username + Password + Fingerprint Username + Passcode + SecurID token 27
  • 28. Problems with passwords  Insecure - Given the choice, people will choose easily remembered and hence easily guessed passwords such as names of relatives, pets, phone numbers, birthdays, hobbies, etc.  Easily broken - Programs such as crack, SmartPass, PWDUMP, NTCrack & l0phtcrack can easily decrypt Unix, NetWare & NT passwords. Dictionary attacks are only feasible because users choose easily guessed passwords!  Inconvenient - In an attempt to improve security, organizations often issue users with computer- generated passwords that are difficult, if not impossible to remember  Repudiable - Unlike a written signature, when a transaction is signed with only a password, there is no real proof as to the identity of the individual that made 28 the transaction
  • 29. Classic password rules  The best passwords are those that are both easy to remember and hard to crack using a dictionary attack. The best way to create passwords that fulfill both criteria is to use two small unrelated words or phonemes, ideally with a special character or number. Good examples would be hex7goop or -typetin  Don’t use:  common names, DOB, spouse, phone #, etc.  word found in dictionaries  password as a password  systems defaults 29
  • 30. Password management Configure system to use string passwords Set password time and lengths limits Limit unsuccessful logins Limit concurrent connections Enabled auditing How policies for password resets and changes Use last login dates in banners 30
  • 31. Password Attacks Dictionary Crack John the Ripper Brute force l0phtcrack Hybrid Attack Dictionary and Brute Force Trojan horse login program Password sending Trojans 31
  • 32. Biometrics Authenticating a user via human characteristics Using measurable physical characteristics of a person to prove their identification Fingerprint signature dynamics Iris retina voice face DNA, blood 32
  • 33. Advantages of fingerprint-based biometrics  Can’t be lent like a physical key or token and can’t be forgotten like a password  Good compromise between ease of use, template size, cost and accuracy  Fingerprint contains enough inherent variability to enable unique identification even in very large (millions of records) databases  Basically lasts forever -- or at least until amputation or dismemberment  Makes network login & authentication effortless 33
  • 34. Biometric Disadvantages  Still relatively expensive per user  Companies & products are often new & immature  No common API or other standard  Some hesitancy for user acceptance 34
  • 35. Biometric privacy issues  Tracking and surveillance - Ultimately, the ability to track a person's movement from hour to hour  Anonymity - Biometric links to databases could dissolve much of our anonymity when we travel and access services  Profiling - Compilation of transaction data about a particular person that creates a picture of that person's travels, preferences, affiliations or beliefs 35
  • 36. Practical biometric applications  Network access control  Staff time and attendance tracking  Authorizing financial transactions  Government benefits distribution (Social Security, welfare, etc.)  Verifying identities at point of sale  Using in conjunction with ATM , credit or smart cards  Controlling physical access to office buildings or homes  Protecting personal property  Prevent against kidnapping in schools, play areas, etc.  Protecting children from fatal gun accidents  Voting/passports/visas & immigration 36
  • 37. Tokens Used to facilitate one-time passwords Physical card SecurID S/Key Smart card Access token 37
  • 41. Single sign-on User has one password for all enterprise systems and applications That way, one strong password can be remembered and used All of a users accounts can be quickly created on hire, deleted on dismissal Hard to implement and get working Kerberos, CA-Unicenter, Memco Proxima, IntelliSoft SnareWorks, Tivoli Global Sign-On, x.509 41
  • 42. Kerberos Part of MIT’s Project Athena Kerberos is an authentication protocol used for network wide authentication All software must be kerberized Tickets, authenticators, key distribution center (KDC) Divided into realms Kerberos is the three-headed dog that guards the entrance to Hades (this won’t be on the test) 42
  • 43. Kerberos Roles KDC divided into Authentication Server & Ticket Granting Server (TGS) Authentication Server - authentication the identities of entities on the network TGS - Generates unique session keys between two parties. Parties then use these session keys for message encryption 43
  • 44. Kerberos Authentication User must have an account on the KDC KDC must be a trusted server in a secured location Shares a DES key with each user When a user want to access a host or application, they request a ticket from the KDC via klogin & generate an authenticator that validates the tickets User provides ticket and authenticator to the application, which processes them for validity and will then grant access. 44
  • 45. Problems with Kerberos Each piece of software must be kerberized Requires synchronized time clocks Relies on UDP which is often blocked by many firewalls Kerberos v4 binds tickets to a single network address for a hosts. Host with multiple NIC’s will have problems using tickets 45
  • 46. Attacks  Passive attack - Monitor network traffic and then use data obtained or perform a replay attack. Hard to detect  Active attack - Attacker is actively trying to break- in. Exploit system vulnerabilities Spoofing Crypto attacks  Denial of service (DoS) - Not so much an attempt to gain access, rather to prevent system operation Smurf, SYN Flood, Ping of death Mail bombs 46
  • 47. Vulnerabilities Physical Natural Floods, earthquakes, terrorists, power outage, lightning Hardware/Software Design Weakness Media Corrupt electronic media, stolen disk drives Emanation EMR, RF Communications Sniffing, Wire Tapping, Radiation Human 47 Social engineering, disgruntled staff
  • 48. Monitoring  IDS Network based and Host Based (Signature and Anomaly Detection)  Logs System Logs and Audit Logs  Audit trails  Network tools Network Monitor (Sniffers and SNMP Based Tools) Tivoli Spectrum OpenView 48
  • 49. Intrusion Detection Systems IDS monitors system or network for attacks IDS engine has a library and set of signatures that identify an attack Adds defense in depth Should be used in conjunction with a system scanner (CyberCop, ISS S3) for maximum security 49
  • 50. Object reuse  Must ensure that magnetic media must not have any remanance of previous data  Also applies to buffers, cache and other memory allocation  Required at TCSEC B2/B3/A1 level  Secure Deletion of Data from Magnetic and Solid- State Memory  Documents recently declassified  Objects must be declassified  Magnetic media must be degaussed or have secure overwrites 50
  • 51. TEMPEST Electromagnetic emanations from keyboards, cables, printers, modems, monitors and all electronic equipment. With appropriate and sophisticated enough equipment, data can be readable at a few hundred yards. TEMPEST certified equipment, which encases the hardware into a tight, metal construct, shields the electromagnetic emanations WANG Federal is the leading provider of TEMPEST hardware TEMPEST hardware is extremely expensive and can only be serviced by certified technicians Rooms & buildings can be TEMPEST-certified TEMPEST standards NACSEM 5100A NACSI 5004 are classified documents 51
  • 52. Banners Banners display at login or connection stating that the system is for the exclusive use of authorized users and that their activity may be monitored Not foolproof, but a good start, especially from a legal perspective Make sure that the banner does not reveal system information, i.e., OS, version, hardware, etc. 52
  • 53. RAS access control  RADIUS (Remote Authentication Dial-In User Service) - client/server protocol & software that enables RAS to communicate with a central server to authenticate dial-in users & authorize their access to requested systems  TACACS/TACACS+ (Terminal Access Controller Access Control System) - Authentication protocol that allows a RAS to forward a users logon password to an authentication server. TACACS is an unencrypted protocol and therefore less secure than the later TACACS+ and RADIUS protocols. A later version of TACACS is XTACACS (Extended TACACS). May 1997 - TACACS and XTACACS are 53 considered Cisco End-of-Maintenance
  • 54. Penetration Testing  Basically Measuring the Security of Your Network by Breaking Into it  Identifies weaknesses in Internet, Intranet, Extranet, and RAS technologies  Discovery and footprint analysis  Exploitation  Physical Security Assessment  Social Engineering  Attempt to identify vulnerabilities and gain access to critical systems within organization  Identifies and recommends corrective action for the systemic problems which may help propagate these vulnerabilities throughout an organization  Assessments allow client to demonstrate the need for additional security resources, by translating exiting vulnerabilities into real life business risks 54
  • 55. Rule of least privilege  One of the most fundamental principles of infosec  States that: Any object (user, administrator, program, system) should have only the least privileges the object needs to perform its assigned task, and no more.  An AC system that grants users only those rights necessary for them to perform their work  Limits exposure to attacks and the damage an attack can cause  Physical security example: car ignition key vs. door key 55
  • 56. Implementing least privilege  Ensure that only a minimal set of users have root access  Don’t make a program run setuid to root if not needed. Rather, make file group-writable to some group and make the program run setgid to that group, rather than setuid to root  Don’t run insecure programs on the firewall or other trusted host 56
  • 57. ? 57