@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013

@Yuan Xue Outline Review of Network Architecture Weakness at different layers Placement of Security Function Security function  encryption + message authentication Security Service and Mechanism

@Yuan Xue In A Nutshell KDC-based Decentralized Secret Key Distribution Message Encryption Message Authentication Public-key-based RSA, Diffei-Hellman Public-key-based RSA, Diffei-Hellman Announcement Directory Certificate Public-key management Session Keys Public Keys Decentralized (Web of Trust) Decentralized (Web of Trust)

@Yuan Xue Let’s first review the computer network architecture… Where Should We Implement The Security Functions?

@Yuan Xue Our Goal Suppose you are building a computer network. What technologies would serve as the underlying building blocks what kind of software architecture would you design to integrate these building blocks into an effective communication service what would be the weaknesses in the design that may be exploited by attackers

@Yuan Xue Direct Link Network Point-to-point network Encoding Framing Error detection

@Yuan Xue Multiple Access Network Media Access Control Protocol When the link is shared by multiple hosts, their accesses to the link need mediation. Ethernet -- CSMA/CD (Carrier Sense Multiple Access / Collision Detection)

@Yuan Xue Where the functions are implemented? Network adaptor encoding, framing, error detection, and media access control. MAC Address In Ethernet, each adaptor has a unique Ethernet address, which is also the MAC address of the corresponding host.

@Yuan Xue Where the functions are implemented? Packet reception Each frame transmitted on an Ethernet is received by every adaptor connected to that Ethernet. Each adaptor recognizes those frames addressed to its own address, and passes only those frames to the host. An adaptor can also be programmed to run in promiscuous mode, in which case it delivers all received frames to the host.

@Yuan Xue Where does the security issue come from? Frequency jamming Eavesdropping (e.g., packet sniffing) MAC address spoofing Etc. …

@Yuan Xue From Direct Link Network To InterNetworking

@Yuan Xue InterNetworking Issues Heterogeneity Scale Solution Internet Protocol (IP) is the key tool to build scalable, heterogeneous internetworks. Functions Fragmentation and Reassembly Addressing Routing and Forwarding

@Yuan Xue Addressing providing suitable identifiers for all these hosts in internetworks. Hierarchical addresses a network part + a host part. Address classes flexibility, allowing networks of vastly different sizes to be accommodated fairly efficiently.

@Yuan Xue Routing and Forwarding Forwarding

@Yuan Xue Routing and Forwarding Routing Distance vector Link state

@Yuan Xue Internet Routing Internet is organized into autonomous systems provide hierarchically aggregate routing information in a large internetwork to improve scalability. intra-domain routing within a single autonomous system  RIP and OSPF are used for intra-domain routing inter-domain routing between autonomous systems.  BGP (Border Gateway Protocol) is the routing protocol used in Internet for inter-domain routing.

@Yuan Xue More Security Issues IP spoofing Authentication of routing messages Etc …

@Yuan Xue End-to-End Protocols Problem turn this host-to-host packet delivery service into a communication channel between application processes. End-to-end protocols of Internet UDP and TCP Connectionless vs. Connection-oriented protocol More on TCP  Connection establishment  Reliable transmission  Congestion control

@Yuan Xue Security Issues Port scanning TCP SYN flooding TCP sequence number prediction Etc …

@Yuan Xue Network Architecture

@Yuan Xue Placement of Security Function What to encrypt/protect Message format Where the security function should be located? Network stack Link vs. End-to-end Where each layer is located and how it may get attacked Aspects to consider Message security (which fields in the packet are protected) Number of keys required Number of encryption/decryptions Transparency to users/end hosts

@Yuan Xue Link vs. End-to-End Encryption

@Yuan Xue Message format

@Yuan Xue Security Architecture, Service and Mechanism

@Yuan Xue OSI Security Architecture ITU-T X.800 “Security Architecture for OSI” Defines a systematic way of defining and providing security requirements Provides a useful abstract overview of the security concepts

@Yuan Xue Security Services (X.800) Authentication - assurance that the communicating entity is the one claimed Peer authentication Data origin authentication Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Connection/connectionless/selective field/traffic flow Data Integrity - assurance that data received is as sent by an authorized entity  Connection/connectionless/selective field/with or without recovery Non-Repudiation - protection against denial by one of the parties in a communication Source/destination Refer to table 1.2 in [WS]

@Yuan Xue Security Mechanisms (X.800) Specific security mechanisms: encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms: trusted functionality, security labels, event detection, security audit trails, security recovery Refer to table 1.3 in [WS]

@Yuan Xue Relationship Between Security Service and Security Mechanisms