Lecture III : Communication Security, Services

1
Lecture III Communication Security, Services
Mechanisms

• Internet Security Principles Practices
• John K. Zao, PhD SMIEEE
• National Chiao-Tung University
• Fall 2005

2
What is Communication Security?

• To provide safe communication over unsafe medium
• Alice Bob
• Eve
• Safe Communication
• Alice can send a message to Bob that only Bob can
  understand? Confidentiality
• Nobody can tamper with message content during
  communication? Integrity
• Bob can know for sure it was Alice who sent the
  message? Authentication
• Unsafe Medium
• Medium over which passive and active attacks are
  possible

3
Outline

• What types of services do we need to protect
  communication?
• What kinds of mechanisms do we use to protect
  communication?

4
ISO 7498-2 Security Framework Architecture

• Security Services
• Service Types
• Service Layer Mapping
• Security Mechanisms
• Mechanism Definition
• Service - Mechanism Mapping

5
Communication Security Services

• Confidentiality
• Data Confidentiality
• Traffic Confidentiality
• Data Integrity
• Authentication
• Data Origin Authentication
• Peer Authentication
• Access Control
• Non-Repudiation
• Non-Repudiation of Origin
• Non-Repudiation of Reception
• Audit
• Availability an after-thought but increasingly
  important
• Note all services are defined here in context of
  Communication Security

6
Confidentiality
Protection of information from disclosure to
unauthorized entities (organizations, people,
machines, processes). Information includes data
contents, size, existence, communication
characteristics, etc.

• Service Types
• Data Confidentiality / Disclosure Protection
• Connection Oriented
• Connectionless
• Selective Field
• Traffic Flow Confidentiality
• Origin Destination Association
• Message Size
• Transmission Patterns
• Accompanied with Data Integrity

• Protection Mechanisms
• Data Encryption
• Symmetric (Secret-Key)
• Asymmetric (Public-Key)

7
Integrity
Protection of data against creation, alteration,
deletion, duplication, re-ordering by
unauthorized entities (organizations, people,
machines, processes). Integrity violation is
always caused by active attacks.

• Service Types
• Message Integrity
• Associated with connectionless communication
• Message Stream Integrity
• Associated with connection oriented communication

• Protection Mechanisms
• Message Digests (Hashing)
• Sequence Numbers
• Nonce ID (Random Number)
• Time Stamps

8
Authentication
Communicating entities are provided with
assurance information of relevant identities of
communicating partners (people, machines,
processes). Personnel Authentication requires
special attention.

• Service Types
• Data Origin Authentication
• Associated with Connectionless Communication
• Peer Entity Authentication
• Associated withConnection Oriented Communication
• Fundamental for access controlhence,
  confidentiality integrity

• Protection Mechanisms
• Password
• Manual
• One-Time Password
• Key Sharing
• Manual
• Symmetric Key (Tickets)
• Asymmetric Key (Certificates)
• Challenge Response
• Nonce Based
• Zero Knowledge Proof

9
Access Control

• Protection of information resources or services
  from access or use by unauthorized entities
  (organizations, people, machines, processes).
• Privileges rights to access or use resources or
  services
• Principles entities own access control
  privileges
• Subjects entities exercise access control
  privileges
• Objects / Targets resources or services
  accessed/used by subjects
• Delegation transfer of access control
  privileges among principals
• Authorization transfer of access control
  privileges from principals to subjects

• Service Types
• Subject Based Typing
• Identity Based
• Role Based
• Enforcement Based Typing
• Mandatory Access Control ? Management Directed
• Discretionary Access Control ? Resource Owner
  Directed

• Protection Mechanisms
• Access Control Lists (ACLs)
• Object Based SpecificationEx. UNIX File System
• Capabilities
• Subject Based Specification
• Issue Tickets/Certificates

10
Non-Repudiation
Protection against denial of participation by
communicating entities in all or part of a
communication.

• Service Types
• Non-Repudiation of Origin
• Non-Repudiation of Reception

• Protection Mechanisms
• Notarization
• Time Stamp
• Digital Signature

11
Audit
Recording analyses of participation, roles and
actions in information communication by relevant
entities.

• Service Types
• Off-line Analysis(Computer Forensic)
• On-line Analysis(Real-time Intrusion Detection)

• Protection Mechanisms
• Syslog
• Intrusion Monitors / Sensors
• Common Intrusion Detection Framework (CIDF)
• Common Information Model (CIM)

12
Layers of Protocol Protection
Security Protection is provided in multiple
protocol layers.
13
Service vs. Layer Mapping
14
ISO 7498-2 Security Architecture

• Security Services
• Service Types
• Service Layer Mapping
• Security Mechanisms
• Mechanism Definition
• Service - Mechanism Mapping

15
Security Mechanisms

• Encipherment with Secret / Public Key
  Cryptography
• Data Integrity with One-Way Hash Function
• Authentication with Public-Key
  Challenge/Response
• Access Control
• Digital Signature with Public-Key Cryptography
• Traffic Padding
• Notarization

16
Symmetric / Secret Key Encipherment

• Algorithms use same keys for encryption
  decryption
• Symmetric / Secret Key must be dispatched in
  secret
• Used for bulk encryption / decryption
• Also used in following security services
• Authentication

17
Asymmetric / Public Key Encipherment

• Algorithms use different keys for encryption
  decryption
• Public Key is disclosed but Private Key is kept
  secret
• Computationally intensive - based on large prime
  numbers
• Also used in following security services
• Digital Signatures
• Authentication
• Key Exchange

18
Data Encryption Key Distribution
Public Key
Private Key
Encryption Engine
Decryption Engine

Symmetric Key
Random Number Generator
Symmetric Key
Symmetric Key
Clear Text
Cipher Text
Clear Text
Encryption Engine
Decryption Engine
19
Message Digest or Hash

• Message Originator
• Computes a fixed-length message digest from the
  message using a one-way hash transformation
• Message Recipient
• Validate message integrity by computing the
  message hash and comparing with the message digest

20
Challenge-Response Authentication

• Challenger sends a challenge of random number to
  Responder
• Responder creates a response by digitally signing
  the challenge with its private key and returns
  the response to the Challenger
• Challenger processes the response with public key
  of legitimate Responder and compare it with
  original challenge

21
Digital Signature

• Signature is public-key encrypted hash of a
  document and its relevant parameters

Signed Document
Private Key
Digital Signature
Decryption Engine
Hash
22
Digital Signature Validation

• Message recipients can validate the signature by
  encrypting it with the public key and comparing
  with documents hash value

Signed Document
Hash

Digital Signature
Valid?
Encryption Engine
Hash
23
Service - Mechanism Mapping
Single security services may need to be
implemented by multiple and different security
mechanisms.

• Service Data Confidentiality
• Mechanism 1 Encipherment
• Symmetric (Secret-Key) Cipher
• Asymmetric (Public-Key) Cipher
• Mechanism 2 Integrity
• Message Digest / Digital Hash
• Mechanism 3 Key Management
• Key Distribution Centers (Secret-Key)
• Public Key Infrastructure(Public-Key)
• Manual Keying

• Service Peer Authentication
• Mechanism 1 ChallengeResponse
• Nonce (Random Number) Based
• Zero-Knowledge Proof
• Mechanism 2 Integrity
• Message Digest / Digital Hash