Volkert 1 Parallel Systems Special Chapter: Foundations of Grid Computing Grid Computing Part 2: Security Jens Volkert Dieter Kranzlmüller

2Volkert Overview Glossary Necessity of security in data networks Encryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital signatures Digital signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organization Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

3Volkert Overview Glossary Necessity of security in data networks Encryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital signatures Digital signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organization Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

4Volkert Glossary Principal Partner An entity: Human, program or machine An entity: Human, program or machineCredentials Some data which prove identity (Particular features, certificates) Some data which prove identity (Particular features, certificates)Authentication Verification of a principal's identity Verification of a principal's identityAuthorization Assignment of a set of privileges to a principal Assignment of a set of privileges to a principalConfidentiality Messages are encrypted such that only the receiver can understand them Messages are encrypted such that only the receiver can understand themIntegrity The message is not modified on the way The message is not modified on the wayNon-repudiation Impossibility to deny the authenticity of a digital signature Impossibility to deny the authenticity of a digital signature

5Volkert Overview Glossary Necessity of security in data networks Encryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital signatures Digital signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organization Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

6Volkert Situation: View here Here: Grid = connected LANs Someone (principal) communicates with a partner somwhere in the Grid

7Volkert Requirements No unauthorized person is allowed to read or modify the exchanged information The partner at the other end should be the one which pretends to be The partner should be trustworthy, even when no contact existed until now Authentication Certifying identity or trustworthiness of the partner or of the provided particular features Furthermore: The partner has the same rights A principal must do something for it

8Volkert Principle: Any resource sharing is voluntary Each resource owner decides whether she wants to share the resource when and how it can be used

9Volkert Example: Automated Teller Machine (ATM) Authoritarian model Trust is build up on interrogation of the pin code Based on the code, the machine makes sure that the partner is eligible The partner must trust, thereon, that the machine is not manipulated, e.g., keep the card for later abuse Remark: In a Grid, it would be naive to assume that no machine participating in the communication is manipulated. => In such a system, partners have equal rights

10Volkert The Risks in Grid Aimed attacks on intermediate locations Large-scale distributed farms Illegal or improper data distribution and information depending on the access type Huge distributed storage capacities Break-in by exploting security leaks Complex, heterogeneous and dynamic environments Damages by viruses, worms, etc. Problem of a highly connected novel infrastructure

11Volkert Overview Glossary Necessity of security in data networks Encryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital signatures Digital signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organization Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

12Volkert Cryptography Mathematical algorithms E and D which play an important role in connection with insecure infrastructures Variable symbolism (meaning) Simple text: M Encrypted text: C Encryption with key K 1 : E K 1 (M) = C Encryption with key K 2 : D K 2 (C) = M Algorithm Symmetric: K 2 = K 1 Asymmetric: K 2 ≠ K 1 K2K2 K1K1 Encryption Decryption MCM

13Volkert Symmetric Algorithms The same key is used to code and decode Examples: DES 3DES Rijndael (AES) Blowfish Kerberos PaulJohn ciao3$rciao PaulJohn ciao3$rciao3$r

14Volkert Simplest Method Secret key is exchanged between the two communicating partners Not allowed to be crackable Should not produce something regular Via a secure way Hand it personally (Mils Elektronik) Secure storage

15Volkert Key Generation via an Insecure Channel Diffie-Hellman procedure, about 1970 Information exchange using the channel Without information transport, the key reconstruction is allowed

16Volkert Common Secret Key Between Alice and Bob The number α is known, modulo arithmetic is used Alice dices a random number a, sends A = α a mod N Bob dices random b, sends B = α b mod N Alice computes C = Β a = α ba = α ab mod N Bob computes C = A b = α ab = α ba mod N C is the common secret key Remark: Even when A, B, N, and α are known, C is practically not discoverable Because of the modulo arithmetic with high modulo values

17Volkert Modulo Computation A = α a mod N is, for big N, practically irreversible, so called one way function The determination complexity for a typical N is proportional to: exp(C log N (log log N) 2 ) 1/3 with C>1 typically: N = (a 1280-digit binary number) Even standard exponentiation would be, at this order, too much for the most modern chips: a computation would take more time than the time the universe exists Computation exploiting the dual representation Example: a = 37 = α 2 i is computed by repeated squaring α 37 = α 32 x α 4 x α 0 gives the value

18Volkert Generally: One Way Functions Function H with H(M) = h 1. For given h it is almost impossible to compute M = H -1 (h) 2. For given M, it is difficult to find an M' with H(M’) = H(M) We also speak of one way hash functions, when the one way function H creates a fixed length message out of a variable length message h must be at least 128 Bits long, to insure some security Examples: SNEFRU: Hash length 128 oder 256 Bits MD4/MD5: Hash length 128 Bits SHA (Standard FIPS): Hash length 160 Bits

19Volkert Symmetric Keys Advantage: fast Disadvantage: How to distribute the key? The number of keys is O(n 2 )

20Volkert Deceiving Partner One of the partners sends himself messages pretending to be from others Remedy: asymmetric keys Each used has a private key D and a public key E: The personal key can not be derived from the public one A message encrypted with the public key can only be decrypted with a personal key Often: both keys function reversely

21Volkert Public Key Method Each user has a private and a public key Number of keys is O(n) No exchange of secret information is needed The sender encrypts with the receiver's public key; The receiver decrypts with its personal key Example: Diffie-Helmann (1977) Lower sums (Ralph Merkle, Martin E. Helman) RSA (1978) John keys publicprivate Paul keys publicprivate PaulJohn ciao3$rciao PaulJohn ciaocy7ciao 3$r cy7

22Volkert Lower Sums: Principle Given: Key E = (a 1,a 2,…,a n ) Message N Procedure Message is binary coded Decomposed in blocks of length n Blocks x = (x 1,x 2,…,x n ) are encrypted as a scalar product E. x Example: E = (2292,1089,211,1625,1283,599,759,315,2597,2463) E x = 6790 x = ? With a suited choice of E, hardly breakable All 2 n possibilities should be tried Tipically today n = 1280 Even the receiver does not manage it otherwise Solution: X = (0,0,1,1,1,0,1,1,1,0)

23Volkert Lower Sums: Obtaining the Key Significant part of the private key Choose random numbers such that, with increasing n, each number is bigger than the sum of all previous ones D = (d 1,d 2,…,d n ) Example: D = (3,5,11,20,41,83,169,340,679,1358) Remark: an x coded this way can be easily decrypted! e.g., 1260 for the old x Public key Choose random numbers w and m and compute a i = d i w mod m Remark: w and m remain secret, being, therefore, part of the private key

24Volkert Lower Sums: Essential Statements Due to modulo, almost unbreakable Example: w = 764; m = 2731; A = (2292,1089,211,1625,1283,599,759,315,2597,2463) Our old message: A x = 6790 Decryption is easy One uses w -1 with w -1 w = 1 modulo m (it exists when m and w have no common divizors, easy to compute) Example: = 1605 mod 2731

25Volkert Low Sums: Decryption Compute C’ = C w -1 mod m C’ = 6790 x 1605 mod 2731 = 1260 Further it is valid that: because C = Σ a i x i C w -1 = Σ a i x i w -1 = Σ a i w -1 x i = Σ d i x i mod m With the private key it is easy to decrypt

26Volkert RSA Basic principle: big prime factors are difficult to find Public key Choose 2 bog prime numbers p and q n = pq and another random number E make the public key Encryption Each character of the text is decimally coded (0-99) with a fixed code The code is decomposed in blocks P i of same length, such that the resulted numbers are lower than n Encrypted text is C i = P i E mod n

27Volkert RSA One takes advantage of the fact that a E mod n = a E mod φ(n) mod n with φ(n) = (p-1)(q-1) So when in addition to E, an easily determined D and E.D=1 is used, we obtain C i D = P i ED = P i mod n

28Volkert Overview Glossary Necessity of security in data networks Encryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital signatures Digital signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organization Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

29Volkert Securer Partner? Third person Cleo is located inbetween Towards Alice she behaves as Bob Generates the random number c Generates a common key with Alice C’ = α ac = α ca Towards Bob she behaves like Alice Generate a common key with Bob C’’ = α bc = α cb Can now read and manipulate each message between Alice and Bob

30Volkert Remedy: Introduction of a pass and the corresponding authority The pass does not, strictly speaking, prove that to the given image the given name does belong, but the emitting authority believes this Here: Certificate from an authorizer Signatures

31Volkert Digital Signatures Paul computes the Hash of the message private digital signature Paul encrypts with his own private Key, obtaining the digital signature Paul sends the signed message to John verifies public John computes himself the hash of the message and verifies by comparing with has decoded using the public key If they are the same, the message was not modified. Paul cannot repudiate it. John This is some message Digital Signature Paul This is some message Digital Signature This is some message Digital Signature Hash(A) Hash(B) Hash(A) = ? Paul keys publicprivate

32Volkert Digital Certificates Paul’s digital signature is secure when: 1. Paul’s private key was indeed used 2. John knows Paul’s public key How can John be sure that he knows Paul's public key and not of someone other? A third party (a kind of authority) guarantees the conformity of the public key with the owner. Both Paul and John must trust this third party 2 Models: X.509: hierarchical organization; PGP: “web of trust”.

33Volkert PGP “web of trust” F knows D and E, who knows A and C, who knows A and B. F is reasonably sure that the key from A is really from A. A B C D E F

34Volkert X.509 The third party is a Certification Authority (CA) Emits digital certificates for principals (users, programs and machines) Verifies the identity and the personal data of the requirer Registration Authorities (RAs) execute the actual verification CAs periodically publish lists of no more valid certificates Certificate Revocation Lists (CRL): contain all the revoked and expired certificates CA certificates are self signed

35Volkert X.509 Certificates An X.509 certificate contains: owner’s public key identity of the owner info on the CA time of validity Serial number digital signature of the CA Public key Subject:C=CH, O=CERN, OU=GRID, CN=Andrea Sciaba 8968 Issuer: C=CH, O=CERN, OU=GRID, CN=CERN CA Expiration date: Aug 26 08:08: GMT Serial number: 625 (0x271) CA Digital signature Structure of a X.509 certificate

36Volkert GRID Security: the players Large and dynamic population Different accounts at different sites Personal and confidential data Heterogeneous privileges (roles) Desire Single Sign-On Users “Group” data Access Patterns Membership “Groups” Sites Heterogeneous Resources Access Patterns Local policies Membership Grid

37Volkert The Grid Security Infrastructure (GSI) e very user/host/service has an X.509 certificate; c ertificates are signed by trusted (by the local sites) CA’s; e very Grid transaction is mutually authenticated: 1. J ohn sends his certificate; 2. P aul verifies signature in John’s certificate; 3. P aul sends to John a challenge string; 4. J ohn encrypts the challenge string with his private key; 5. J ohn sends encrypted challenge to Paul 6. P aul uses John’s public key to decrypt the challenge. 7. P aul compares the decrypted string with the original challenge 8. I f they match, Paul verified John’s identity and John can not repudiate it. John Paul John’s certificate Verify CA signature Random phrase Encrypy with J.’ s private key Encrypted phrase Decrypt with J.’ s public key Compare with original phrase Based on X.509 PKI:

38Volkert The Grid Security Infrastructure (GSI) e very user/host/service has an X.509 certificate; c ertificates are signed by trusted (by the local sites) CA’s; e very Grid transaction is mutually authenticated: 1. J ohn sends his certificate; 2. P aul verifies signature in John’s certificate; 3. P aul sends to John a challenge string; 4. J ohn encrypts the challenge string with his private key; 5. J ohn sends encrypted challenge to Paul 6. P aul uses John’s public key to decrypt the challenge. 7. P aul compares the decrypted string with the original challenge 8. I f they match, Paul verified John’s identity and John can not repudiate it. John Paul John’s certificate Verify CA signature Random phrase Encrypy with J.’ s private key Encrypted phrase Decrypt with J.’ s public key Compare with original phrase Based on X.509 PKI: VERY IMPORTANT Private keys Private keys must be stored only: protected in protected placesAND encrypted in encrypted form

39Volkert Certificate request … more details Egee/LCG recognizes a given set of CAs How do you request a certificate depends on your CA For GILDA, have a look at the Demo Video: (Flash) (Flash) m (Real) m (Real) m m

40Volkert Certificate Request Private Key encrypted on local disk Cert Request Public Key ID Cert User generates public/private key pair. User send public key to CA along with proof of identity. CA confirms identity, signs certificate and sends back to user.

41Volkert Certificate Information To get cert information run grid-cert-info grid-cert-info -subject /C=CH/O=CERN/OU=GRID/CN=Simone Campana 7461 Options for printing cert information -all-startdate -subject-enddate -issuer-help

42Volkert X.509 Proxy Certificate GSI extension to X.509 Identity Certificates signed by the normal end entity cert (or by another proxy). signed by the normal end entity cert (or by another proxy). Enables single sign-on Support some important features Delegation Delegation Mutual authentication Mutual authentication Has a limited lifetime (minimized risk of “compromised credentials”) It is created by the grid-proxy-init command: % grid-proxy-init Enter PEM pass phrase: ****** Options for grid-proxy-init: Options for grid-proxy-init: -hours -hours -bits -bits -help

43Volkert grid-proxy-init User enters pass phrase, which is used to decrypt private key. Private key is used to sign a proxy certificate with its own, new public/private key pair. User’s private key not exposed after proxy has been signed User’s private key not exposed after proxy has been signed User certificate file Private Key (Encrypted) Pass Phrase User Proxy certificate file Proxy placed in /tmp the private key of the Proxy is not encrypted: stored in local file: must be readable only by the owner; proxy lifetime is short (typically 12 h) to minimize security risks. NOTE: No network traffic!

44Volkert Proxy again … grid-proxy-init ≡ “login to the Grid” To “logout” you have to destroy your proxy: grid-proxy-destroy grid-proxy-destroy This does NOT destroy any proxies that were delegated from this proxy. This does NOT destroy any proxies that were delegated from this proxy. You cannot revoke a remote proxy You cannot revoke a remote proxy Usually create proxies with short lifetimes Usually create proxies with short lifetimes To gather information about your proxy: grid-proxy-info grid-proxy-info Options for printing proxy information -subject-issuer -type-timeleft -strength-help Options for printing proxy information -subject-issuer -type-timeleft -strength-help

45Volkert Delegation and limited proxy Delegation = remote creation of a (second level) proxy credential New key pair generated remotely on server New key pair generated remotely on server Client signs proxy cert and returns it Client signs proxy cert and returns it Allows remote process to authenticate on behalf of the user Remote process “impersonates” the user Remote process “impersonates” the user The client can elect to delegate a “limited proxy” Each service decides whether it will allow authentication with a limited proxy Each service decides whether it will allow authentication with a limited proxy Job manager service requires a full proxy Job manager service requires a full proxy GridFTP server allows either full or limited proxy to be used GridFTP server allows either full or limited proxy to be used

46Volkert Long term proxy Proxy has limited lifetime (default is 12 h) Bad idea to have longer proxy Bad idea to have longer proxy However, a grid task might need to use a proxy for a much longer time Grid jobs in HEP Data Challenges on LCG last up to 2 days Grid jobs in HEP Data Challenges on LCG last up to 2 days myproxy server: Allows to create and store a long term proxy certificate: Allows to create and store a long term proxy certificate: myproxy-init -s myproxy-init -s -s: specifies the hostname of the myproxy server myproxy-info myproxy-info Get information about stored long living proxy myproxy-get-delegation myproxy-get-delegation Get a new proxy from the MyProxy server myproxy-destroy myproxy-destroy Chech out the myproxy-xxx - - help option Chech out the myproxy-xxx - - help option A dedicated service on the RB can renew automatically the proxy contacts the myproxy server contacts the myproxy server

47Volkert GSI environment variables User certificate files: Certificate:X509_USER_CERT (default: $HOME/.globus/usercert.pem ) Certificate:X509_USER_CERT (default: $HOME/.globus/usercert.pem ) Private key:X509_USER_KEY (default: $HOME/.globus/userkey.pem ) Private key:X509_USER_KEY (default: $HOME/.globus/userkey.pem ) Proxy:X509_USER_PROXY (default: /tmp/x509up_u ) Proxy:X509_USER_PROXY (default: /tmp/x509up_u ) Host certificate files: Certificate:X509_USER_CERT (default: /etc/grid- security/hostcert.pem ) Certificate:X509_USER_CERT (default: /etc/grid- security/hostcert.pem ) Private key:X509_USER_KEY (default: /etc/grid- security/hostkey.pem ) Private key:X509_USER_KEY (default: /etc/grid- security/hostkey.pem ) Trusted certification authority certificates: X509_CERT_DIR(default: /etc/grid-security/certificates ) X509_CERT_DIR(default: /etc/grid-security/certificates )

48Volkert Overview GlossaryEncryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital Signatures Digital Signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organisation Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

49Volkert Virtual Organizations and authorization Grid users MUST belong to Virtual Organizations What we previously called “Groups” What we previously called “Groups” Sets of users belonging to a collaboration Sets of users belonging to a collaboration List of supported VOs: List of supported VOs: VOs maintain a list of their members The list is downloaded by Grid machines to map user certificate subjects to local “pool” accounts The list is downloaded by Grid machines to map user certificate subjects to local “pool” accounts Sites decide which VOs to accept Sites decide which VOs to accept... "/C=CH/O=CERN/OU=GRID/CN=Simone Campana 7461".dteam "/C=CH/O=CERN/OU=GRID/CN=Andrea Sciaba 8968".cms "/C=CH/O=CERN/OU=GRID/CN=Patricia Mendez Lorenzo-ALICE".alice... /etc/grid-security/grid-mapfile

50Volkert On the side: user Registration in a VO Import your certificate in your browser If you received a.pem certificate you need to convert it to PKCS12 If you received a.pem certificate you need to convert it to PKCS12 Use openssl command line (available in each egee/LCG UI) Use openssl command line (available in each egee/LCG UI) openssl pkcs12 –export –in usercert.pem –inkey userkey.pem –out my_cert.p12 –name ’My Name’ Sign the usage guidelines for the VO You will be registered in the VO-LDAP server (wait for notification) You will be registered in the VO-LDAP server (wait for notification) Gilda (and other VO): You receive already a PKCS12 certificate (can import it directly into web browser) You receive already a PKCS12 certificate (can import it directly into web browser) For future use, you will need usercert.pem and userkey.pem in a directory ~/.globus on your UI For future use, you will need usercert.pem and userkey.pem in a directory ~/.globus on your UI Export the PKCS12 cert to a local dir on UI and use again openssl: Export the PKCS12 cert to a local dir on UI and use again openssl: openssl pkcs12 -nocerts -in my_cert.p12 -out userkey.pem openssl pkcs12 -clcerts -nokeys -in my_cert.p12 -out usercert.pem

51Volkert VOMS, LCAS, LCMAPS Virtual Organization Membership Service Extends the proxy info with VO membership, group, role and capabilities Extends the proxy info with VO membership, group, role and capabilities Local Centre Authorization Service (LCAS) Checks if the user is authorized (currently using the grid-mapfile) Checks if the user is authorized (currently using the grid-mapfile) Checks if the user is banned at the site Checks if the user is banned at the site Checks if at that time the site accepts jobs Checks if at that time the site accepts jobs Local Credential Mapping Service (LCMAPS) Maps grid credentials to local credentials (eg. UNIX uid/gid, AFS tokens, etc.) Maps grid credentials to local credentials (eg. UNIX uid/gid, AFS tokens, etc.) Currently uses the grid-mapfile (based only on certificate subject) Currently uses the grid-mapfile (based only on certificate subject) In the near future will map also VOMS group and roles In the near future will map also VOMS group and roles "/VO=cms/GROUP=/cms".cms "/VO=cms/GROUP=/cms/prod".cmsprod "/VO=cms/GROUP=/cms/prod/ROLE=manager".cmsprodman

52Volkert Overview GlossaryEncryption Symmetric algorithms Symmetric algorithms Asymmetric algorithms: PKI Asymmetric algorithms: PKICertificates Digital Signatures Digital Signatures X509 certificates X509 certificates Grid Security Basic concepts Basic concepts Grid Security Infrastructure Grid Security Infrastructure Proxy certificates Proxy certificates Command line interfaces Command line interfaces Virtual Organisation Concept of VO and authorization Concept of VO and authorization VOMS, LCAS, LCMAPS VOMS, LCAS, LCMAPS C/C++ interfaces (GSS-API, GSS Assist)

53Volkert Security APIs in egee/LCG Currently, there are no API developed specifically by egee/LCG The existing API come from other projects Authentication Authentication Globus GSS-API, GSS Assist, COG Kits Authorization Authorization LCAS plugins LCMAPS plugins VOMS API The documentation is generally poor Some development is on the way. Check CHEP 2004: nId=23&confId=0 nId=23&confId=0

54Volkert API: GSS-API and GSS Assist GSS-API (Generic Security Services Application Programming Interface) is a generic API for client-server authentication (RFC- 2743, 2744) Traditionally, interfaces to Kerberos Traditionally, interfaces to Kerberos Globus interfaced it to GSI Globus interfaced it to GSI Unfortunately, rather complicated to use Unfortunately, rather complicated to use GSS-API as user interface to GSI C API C API Java API Java API The Globus GSS Assist routines are designed to simplify the use of the GSSAPI

55Volkert GSS-API 1.The client initiates a context and prepares a token for the server 2.The token is sent to the server 3.The server interprets the token and prepares a new one to be sent to the client 4.The token is sent to the client 5. Iterate process until authentication process succeeds or fails 1.The client wraps a message for the server and sends it 2.The server receives the message and unwraps it 3. The server sends a confirmation message to the client (MIC) 4.The client verifies the MIC

56Volkert GSS-API data types Integers OM_uint32 Strings typedef struct gss_buffer_struct { size_tlength; size_tlength; void*value; void*value; } gss_buffer_desc, *gss_buffer_t Names gss_name_t OIDs typedef struct gss_OID_desc_struct { OM_uint32length; OM_uint32length; void*value; void*value; } gss_OID_desc, *gss_OID OID sets typedef struct gss_set_desc_struct { size_tcount; size_tcount; gsss_OIDelements; gsss_OIDelements; } gss_OID_set_desc, *gss_OID_set Credentials gss_cred_id_t Contexts gss_ctx_id_t

57Volkert More on data types Strings are used for character strings and tokens Names are an opaque representation of a principal Object Identifiers (OIDs) are used for Security mechanisms Security mechanisms Quality of Protection (QOP) values Quality of Protection (QOP) values Name types Name types GSS_C_NT_HOSTBASED_SERVICE GSS_C_NT_USER_NAME (username) Etc. GSS_C_NO_OID for default or null value GSS_C_NO_OID for default or null value Status codes OM_uint32 major-status: generic GSS-API routine errors OM_uint32 major-status: generic GSS-API routine errors OM_uint32 minor-status: mechanism-specific errors OM_uint32 minor-status: mechanism-specific errorsTokens Context level tokens: used for context establishment Context level tokens: used for context establishment Per-message tokens: used for data protection (cryptographic tag, encrypted message) Per-message tokens: used for data protection (cryptographic tag, encrypted message)

58Volkert Name manipulation Convert a string to a name and vice versa gss_import_name(), gss_display_name() gss_import_name(), gss_display_name() Compare, duplicate names gss_compare_name(), gss_duplicate_name() gss_compare_name(), gss_duplicate_name() Generate a Mechanism Name, a mechanism-specific representation of a name gss_canonicalize_name() gss_canonicalize_name() Export a MN in a format suitable for comparison gss_export_name gss_export_name Destroy a name gss_release_name() gss_release_name()

59Volkert Credential management Acquire an existing credential by name gss_acquire_cred() gss_acquire_cred() If name is GSS_C_NO_NAME, default credential is used If name is GSS_C_NO_NAME, default credential is used Obtain information about a credential gss_inquire_cred(), gss_inquire_cred_by_mech() gss_inquire_cred(), gss_inquire_cred_by_mech() name, lifetime, usage (INITIATE, ACCEPT, BOTH), mechanisms supported name, lifetime, usage (INITIATE, ACCEPT, BOTH), mechanisms supported Destroy a credential handle gss_release_cred() gss_release_cred()

60Volkert Context management Establish a secure context gss_init_sec_context(), gss_accept_sec_context() gss_init_sec_context(), gss_accept_sec_context() Retrieve residual duration or other info about context gss_context_time(), gss_inquire_context() gss_context_time(), gss_inquire_context() Export a context from a process to another by means of an interprocess token gss_export_sec_context(), gss_import_sec_context() gss_export_sec_context(), gss_import_sec_context() Destroy a secure context gss_delete_sec_context gss_delete_sec_context

61Volkert Confidentiality and integrity Generate a cryptographic message integrity code (MIC) for a message to transfer to the peer application gss_get_mic() gss_get_mic() Verify the received message against the received MIC gss_verify_mic() gss_verify_mic() Embed the MIC in the (possibly encrypted) message gss_wrap() gss_wrap() (possibly decrypt and) verify the embedded MIC gss_unwrap() gss_unwrap()

62Volkert Globus extensions Credential import and export To pass credentials from a process to another or storing them To pass credentials from a process to another or storing them Export to 1) an opaque buffer, or 2) a file in GSI native format Export to 1) an opaque buffer, or 2) a file in GSI native format gss_import_cred(), gss_export_cred() gss_import_cred(), gss_export_cred() Delegation at any time A lot more flexible than standard GSS-API delegation A lot more flexible than standard GSS-API delegation Delegation at times other than context establishment Possible to delegate credentials different than those used for context establishment: even for different mechanisms! Ex.: delegate a Kerberos credential over a context established with GSI Ex.: delegate a Kerberos credential over a context established with GSI gss_init_delegation(), gss_accept_delegation() gss_init_delegation(), gss_accept_delegation()

63Volkert GSS Assist Simpler functions for Credential handle creation Credential handle creation major_status = globus_gss_assist_acquire_cred(&minor_status, GSS_C_INITIATE, /* or GSS_C_ACCEPT */ GSS_C_INITIATE, /* or GSS_C_ACCEPT */ &credential_handle); &credential_handle); Context establishment Context establishment major_status = globus_gss_assist_init_sec_context(&minor_status, credential_handle, credential_handle, &context_handle, &context_handle, (char *) server_princ, (char *) server_princ, GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG, GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG, &ret_flags, &ret_flags, &token_status, &token_status, globus_gss_assist_token_get_fd, globus_gss_assist_token_get_fd, (void *) &socket_fd, (void *) &socket_fd, globus_gss_assist_token_send_fd, globus_gss_assist_token_send_fd, (void *) &socket_fd); (void *) &socket_fd); Little documentation Little documentation Pointers to functions to send and receive tokens using sockets

64Volkert Further Information Grid LCG Security: LCG Registration: / Globus Security: GGF Security: GSS-API: GSS-API: \ GSSAPIPG/toc.html IETF PKIX charter: PKCS: