Lecture 7, : Computer Security, Fall : Computer Security Lecture 6: Privacy, CSP & Review Robert Thibadeau School of Computer Science Carnegie Mellon University Institute for eCommerce, Fall 2002

Lecture 7, : Computer Security, Fall Today’s lecture Unix Access Nestor 30 th. XML and XML Security

Lecture 7, : Computer Security, Fall This Week Mid Term on Wednesday Essay / Closed Book! Know IPAAA(A) and be ready to analyze and synthesize using it. Know Crypto Elements and be able to use them. Know how a X.509v3 Cert works as a Device Know TLS – DH vs RSA Know Unix Access Model Have done your Linux Task

Lecture 7, : Computer Security, Fall The How-To of Computer Security Integrity – Is it what it represents itself to be? Privacy – Is it hidden from those without a right to see it? Authentication – Is it from who it pretends to be from? Authorization – Is it provided to who it is supposed to be provided to? Auditability – Do I have a record of how it was used? Availability – Is it there (Usually Integrity…)? It : the service or the total data, program, machine, facility, network that is secure – whose intention is being protected.

Lecture 7, : Computer Security, Fall IPAAAA for messages Integrity (message integrity : it is the message sent or the one it was) Privacy (message is secret : it can’t be spied) Authentication (source and recipient are who they say they are) Authorization (recipient is permitted to read : source is permitted to send) Auditability (the message can be proven to be passed successfully) Availability? (the message was not blocked in passage)

Lecture 7, : Computer Security, Fall IPAAAA for Login Access Integrity –(login integrity : it is the login it pretends to be – change in transit or trojan horse login) Privacy –(login is secret : it can’t be spied) Authentication –(source is who he says he is?) Authorization –(login accomplishes access permissioning perfectly?) Auditability –(do I have a record?) Availability? –(does it reliably take the login and reliably give you access?)

Lecture 7, : Computer Security, Fall Other things to Secure?

Lecture 7, : Computer Security, Fall Crypto Toolkit PUBLIC KEY ONE KEY OPENS OTHER KEY CLOSES ONE KEY PUBLIC ONE KEY PRIVATE Also called “asymmetric” and “trap door” PUBLIC KEY Send ONLY TO YOU (public key closes) PUBLIC KEY - SIGNING Receive ONLY FROM ME (public key opens) PRIVATE KEY ONE KEY OPENS AND CLOSES Also called “symmetric” PRIVATE KEY Very Fast – Very Very Secure if Key, 128 bits, Used Once PRIVATE KEY Takes care of all problems if you know only you and me have the key. HASH FUNCTION MAKES ANYTHING ONE SIZE Also called “digest” HASH FUNCTION If Signed Proves: INTEGRITY and AUTHENTICITY CHALLENGE RESPONSE Proves you know something RIGHT NOW

Lecture 7, : Computer Security, Fall X.509v3 Self Signed Certificate Authorities Device Authorities Other Authorities (Program, Mail, etc.)

Lecture 7, : Computer Security, Fall Microsoft CAPI/CSP Cryptographic Application Program Interface (CAPI) Cryptographic Service Provider (CSP) –Windows Logon –File Encryption/Decryption –IPSec (IP Security Protocol) – virtual private network –SSL/TLS – HTTPS –Authenticode CAPI is the only thing allowed to call the CSP –CSP can also be replaced with crypto hardware, including smart cards (smart cards are CSPs.) Unix/Java world: RSA PKCS#11 Cryptoki Protocol (same as CSP).

Lecture 7, : Computer Security, Fall Interface Device (IFD) CSP ISO PC/SC ICC Smartcard PC or Server ICC(IntegratedCircuitCard) IFDHandler ICC Resource Manager Service Manager (CSP) Interface Device (IFD) ICC(IntegratedCircuitCard) IFDHandler Crypto API Windows and other Applications

Lecture 7, : Computer Security, Fall CSP Functions CPAcquireContext Takes in table of function pointers and string identifying CSP container name. Returns handle to CSP for use by all other CSP.DLL functions. CPReleaseContext Releases context referred to by hProv handle. (Disconnects from CSP.) CPGenRandom Fills buffer with cbLen random bytes. CPGenKey Takes algorithm identifier for algorithm that will use this key. Generates and returns handle to a new key. CPDeriveKey Generates cryptographic session key using a hash of base data. Returns key handle, given handle to base data and an algorithm ID. CPDestroyKey Destroys key referenced by hKey handle.

Lecture 7, : Computer Security, Fall CSP CPEncrypt/CPDecrypt Takes data, key handle, and optional hash handle. Encrypts or decrypts data in buffer. CPCreateHash Takes algorithm ID and optional key handle. Returns handle to hash object. CPHashData Hashes data buffer using hash object hHash. CPHashSessionKey Similar to CPHashData, but hashes key referenced by hKey instead of a raw data buffer. CPSignHash Takes signing key pair (dwKeySpec) and hash object (hHash), returns signed hash in a data buffer. CPDestroyHash Destroys hash object referenced by hHash. CPVerifySignature Takes public key, hash object, and signature data buffer. Verifies signature and returns Boolean response (valid signature or not).

Lecture 7, : Computer Security, Fall CSP CPGetUserKey Gets a handle to a permanent user key, given key specification (dwKeySpec). CPExportKey Securely exports key (hKey) in a blob encrypted with the public exchange key (kPubKey) CPImportKey Takes key blob and handle to exchange public key of destination user. Returns handle to imported key.

Lecture 7, : Computer Security, Fall CSP Parameters (p)hProv Handle to Cryptographic Service Provider. Required in all CSP.DLL functions. (p)hKey Handle to a cryptographic key. Can be generated, derived or imported. Can be destroyed, exported, or have its parameters modified. Used to encrypt, decrypt, and create hashes. (p)hHash Handle to hash object. Used in encrypt, decrypt, and signature/verification functions. hBaseData Data used to derive session key in CPDeriveKey. hPubKey Public exchange key for key blob import and export, and signature verification. Algid Specifies algorithm for generating or deriving keys, or creating hashes. For session keys: RC2, RC4, or DES. For key pairs, EXCHANGE or SIGNATURE (key pair type). dwBlobType Specifies type of key blob to create when exporting a key. SIMPLE, PUBLICKEY, PRIVATEKEY, or OPAQUEKEY. dwKeySpec Specifies EXCHANGE or SIGNATURE, the type of key pair to be used. Used to sign hash and to get a permanent user key pair. pbSignature/(p)cbSigLen Signature data buffer and length, used for signing and verification of hashes. szDescription Description of data to be signed or verified. Use not recommended. phUserKey Handle to a permanent user key. szContainer String identifying CSP container name to acquire (used for acquiring CSP context). pVTable Table of pointers (VtableProvStruct) to callback functions (used for acquiring CSP context). cbBufLen/cbLen/pbBuffer/pbData/(p)cbDataLen Buffers and lengths for various different purposes dwFlags Flags to customize operation of most CSP functions. Purpose differs for each function. dwParam Specifies parameter to get or change. Usually sets or uses values in a data buffer.

Lecture 7, : Computer Security, Fall Windows, Unix, etc etc…

Lecture 7, : Computer Security, Fall Break!

Lecture 7, : Computer Security, Fall Information Privacy Technology Law No matter how much you want to, you can’t get technology out of privacy or the law out of privacy

Lecture 7, : Computer Security, Fall Reasons There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private. –Therefore the Law becomes Indispensible Technology – actually the computer – will always surprise you : The Turing Principle –Therefore Technology cannot be frozen to a form Technology – you need locks on the doors and policing of the laws –This requires Technology

Lecture 7, : Computer Security, Fall The Cookies Privacy Violation Technology will Surprise You DoubleClick A Web Page has many Objects on it Each Object can put a cookie on your machine

Lecture 7, : Computer Security, Fall Reasons There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private. –Therefore the Law becomes Indispensible Technology – actually the computer – will always surprise you : The Turing Principle –Therefore Technology cannot be frozen to a form Technology – you need locks on the doors and policing of the laws –This requires Technology

Lecture 7, : Computer Security, Fall Core Privacy Technology : Digital Contracts Technologists agreeing that there is no option but to have digital contracts Digital contracts can become the practice from which law evolves –So the “Liability Regime” and the “Contract Regime” actually go hand in hand from a technology perspective. P3P ( Semantics for the contract – what information, for what intended use, what will be done with it, what are my remedies,

Lecture 7, : Computer Security, Fall ISTPA.org Framework PI Container (PIC) PI Contract PI Intended Use Credentials Policies Conditions Permissions Identity Credentials Signature

Lecture 7, : Computer Security, Fall ISTPA.org Framework Legal, Regulatory, and Policy Context Security Foundation Agent Control Interaction Negotiation Data SubjectData Requestor Usage PI, Preferences & PIC Repository Agent Control Interaction Negotiation PIC Repository PI Container (PIC) EnforcementAuditCertificationValidation Assurance Services

Lecture 7, : Computer Security, Fall Privacy Server Protocol at CMU 1. bilateral and negotiated agreements between client and server using HTTP or HTTPS. bilateralnegotiatedHTTPS 2. agreements that have scope in time (a start and expiration),scope in time 3. agreements that have scope over digital and non-digital interactions (including mail and phone contacts),scope over digital and non-digital interactions 4. agreements that cannot be repudiatedcannot be repudiated 5. agreements that can be indexed by the server using server-only Privacy Universal Identifiers (PUIDs). Privacy Universal Identifiers

Lecture 7, : Computer Security, Fall More Review

Lecture 7, : Computer Security, Fall Access User and Group Access Rights is the Basis for Unix Security AND Windows 2000 Security! –Read, Write, Execute on a file/directory/device The biggest TCO (total cost of ownership) in a computer system is administering and working with access control. –Because things just don’t work until you get the access rights working properly –People think it is something wrong with the program when it is really just the security environment that is set wrong. A GREAT REASON to REALLY LEARN YOUR ACCESS CONTROL SYSTEM!

Lecture 7, : Computer Security, Fall Bits 010 = 2 =~ 020 (if you know these are bits!) 100 = 4 =~ ( ) 4755 ( ) – very common for executables

Lecture 7, : Computer Security, Fall Unix Access Protections What has access protections u-rwx g-rwx o-rwx? –Files –Directories –Devices (/dev/) –Programs (must have execute bit set). All these have ONE user and ONE group that owns them. Each User is ONE user and ONE DEFAULT group but many group memberships. Types of protections applied when creating/modifying –User : rwx (u-rwx, -rwx------, or 0700) –Group : rwx (g-rwx, ----rwx---, or 0070) – other members of user’s group –Other : rwx (o-rwx, rwx, or 0007) –A directory : d (d > set automatically by file system) –SGID : (-----s--- or 2000) inherit group protections –umask 002 : automatically let everybody in group rwx »Need private user group : user mary, group mary if umask 002 not 022. A user can be a member of many groups but only the primary defaults to write unless directory permission is set to overcome user permission (sgid bit set on directory). When access is provided to a group, every member gets it.

Lecture 7, : Computer Security, Fall Unix Access Control Model Filerw(x/s)rwxrw(x/t) Directorydrwxrw(x/s)rwx DevicesSome-other-time.. YOU! User a Group a Group b.. Access Control List/Vector umask 022 7Specialsst 7Userurwx 7Groupgrwx 7Otherorwx User a Group b Execute Create Delete x User a Group b

Lecture 7, : Computer Security, Fall Access Control Commands ls –l ; shows ACLs on files, directories, devices chmod o+rw file ; changes ACL on files, directories, devices groupadd group ; adds a group gpasswd –a user group ; adds a user to a group chgrp user group ; changes the DEFAULT group of a user. touch file ; causes your ownership to go to file umask 002 ; changes your creation mask

Lecture 7, : Computer Security, Fall Special Bits do ONE thing each drwsrwsrwt 4 Set User ID : causes an executable file (a program) to go into the access permissions of the owner of the file (note, group or OTHER could execute it!) not the person executing it. 2 Set Group ID : causes a new file that is being created in a directory to have the group ID of the directory, not the person (User) that is creating the file. 1 Sticky Bit : Causes a new file that is being created in a directory to not be deletable by just anybody in that directory but by the user who created the file. The file is ‘sticky’ because not-just-anybody can delete it.

Lecture 7, : Computer Security, Fall umask Applies only when you are creating (touching, modifying) a file (directory, device…) 022 is the general default : only you can write a file but everybody else can read and execute it. It is a mask on the file settings given by environment. 002 lets everybody in your group write the file. 000 lets everybody write the file. 277 lets only you read and execute (safety) Just type “umask 277” in a shell window and now when you make a file, it will have these attributes.

Lecture 7, : Computer Security, Fall Special Unix Users Root  can do anything except when he has protected himself, but he can change the self protections User -> can do what he is allowed to do by his who he is, his group memberships, and the file/directory/device ACLs Special Groups -> wheel

Lecture 7, : Computer Security, Fall Some Peso default user-groups /etc/group GROUP : passwd : GID : user list root:*:0:maint,operator,root,sync bin:*:1:bin,anon,daemon,root daemon:*:2:bin,daemon,root sys:*:3:bin,adm,root adm:*:4:adm,daemon,root lp:*:7:lp,daemon wheel:*:10:root mail:*:12:mail,mmdf opr:*:13:halt,opr,reboot,shutdown,news news:*:13:halt,opr,reboot,shutdown,news uucp:*:14:uucp