Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chap 13. Representing Identity

Published byWarren McCoy Modified over 6 years ago

Similar presentations

Presentation on theme: "Chap 13. Representing Identity"— Presentation transcript:

1 Chap 13. Representing Identity
정보보호 알고리즘 연구실 이 민 호 Chap 13. Representing Identity

2 Representing Identity
13.1 What Is identity? 13.2 Files and Objects 13.3 Users 13.4 Groups and Roles 13.5 Naming and Certificates 13.6 Identity on the Web

3 13.1 What is Identity? Principal : a unique entity
Identity: specifies a principal Authentication : binds a principal to a representation of identity internal to the computer Purpose of Identities For accountability For access control

4 13.2 Files and Objects The identity of file or object depends on system that containing object Local systems identify objects by assigning names Name may be intended For human use (e.g file name) For process use (e.g file descriptor or handle) For kernel use (e.g file allocation table entry, inode) Each name may have different semantics If the object resides on a different system, the name must encode the location of the object

5 13.3 Users Systems represent user identity in a number of different ways EXAMPLE : UNIX operating system - Represent user identity as an integer (0 ~ usually 65,535) - User Identification Number (UID) - Each login name uniquely corresponds to a single UID, but multiple login names have a common UID (Kernel uses UID to identify users)

6 13.3 Users (cont.) The same principal may have many different identities. Each identity serves a particular function EXAMPLE : UNIX operating system -Real UID : user identity at login, but changeable -Effective UID : user identity used for access control Setuid changes effective UID -Saved UID : UID before last change of UID Used to implement least privilege Work with privileges, drop them, reclaim them later -Audit/Login UID : user identity used to track original UID Cannot be altered; used to tie actions to login identity

7 13.4 Groups and Roles Groups Two implementations of groups
The members of the set must be distinguishable Used to share access to file Two implementations of groups alias for a set of principals - Processes assigned to groups and stay in those groups for their lifetime of their sessions principals can change groups - Rights due to old group discarded; rights due to new group added

8 13.4 Groups and Roles (cont.)
A type of group that membership tied to function Rights given are consistent with rights needed to perform function EXAMPLE : DG/UX system System administrator privileges are in sysadmin role Network administrator privileges are in netadmin role Users can assume either role as needed

9 13.5 Naming and Certificates
The identifier must uniquely identify the principal to avoid confusion Problem: names may be ambiguous - Does the name “Matt Bishop” refer to We don’t know that the "Matt Bishop" who teaches at UC Davis from the "Matt Bishop" who works at Microsoft Corporation Identifiers must include ancillary information to distinguish

10 13.5 Naming and Certificates (cont.)
EXAMPLE : X.509v3 Distinguished Names Identifies a principal Consists of a series of fields (e.g.) /O=University of Sogang/OU=Seoul campus/OU=Department of Computer Science/CN=Lee Minho/ (CN is common name, OU is organizational unit, O is organization)

11 13.5 Naming and Certificates (cont.)
Certification authorities (CAs) vouch, at some level, for the identity of the principal to which the certificate is issued CA’s authentication policy says the level of authentication required to identify the principal the certificate is to be issued CA’s issuance policy says to which principals the CA will issue certificates

12 13.5 Naming and Certificates (cont.)
Certification Hierarchy Tree structured arrangement of CAs Root is Internet Policy Registration Authority, or IPRA Sets policies all subordinate CAs must follow Certifies subordinate CAs (called policy certification authorities, or PCAs), each of which has own authentication, issuance policies Does not issue certificates to individuals or organizations other than subordinate Cas PCAs issue certificates to ordinary CAs Does not issue certificates to individuals or organizations other than subordinate CAs

13 13.5 Naming and Certificates (cont.)
University of Valmont issues certificates to students, staff Students must present valid reg cards (considered low assurance) First PCA: requires subordinate CAs to make good-faith effort to verify identities of principals Staff must present proof of employment and fingerprints, which are compared to those taken when staff member hired (considered high assurance) Second PCA: requires use of biometrics to verify identity

14 13.5 Naming and Certificates (cont.)
UValmont and Certification Hierarchy IPRA PCA-1 UValmont Student CA student PCA-2 Staff CA staff high assurance PCA low assurance

15 13.5 Naming and Certificates (cont.)
Certificate tied to a role EXAMPLE : A company wishes to have its comptroller authorized to digitally sign documents Distinguished Name /O=University of Valmont/OU=Office of the Big Bucks/RN=Comptroller where “RN” is role name; note the individual using the certificate is not named, so no CN Even if the current comptroller leaves, the same certificate can be used

16 13.5.1 The Meaning of the Identity
The authentication policy defines that principals prove their identities If incorrect, CA may misidentify entity unintentionally Cause trust problem

17 13.5.1 The Meaning of the Identity (cont.)
Persona Certificate With the erosion of privacy, comes the need for anonymity Persona Certificate supply the requisite anonymity Certificate with meaningless Distinguished Name

18 Trust Goal of certificate : bind the correct identity to the public key The critical question : What is the degree of that assurance? X.509v3, certificate hierarchy Depends on policy of CA issuing certificate Depends on how well CA follows that policy Really, estimate based on the above factors

19 13.5.2 Trust (cont.) EXAMPLE : Passport required
CA require name on passport, number and issuer of passport What are points of trust? Passport not forged and name on it not altered Passport issued to person named in passport Person presenting passport is person to whom it was issued CA has checked passport and individual using passport

20 13.6 Identity on the Web 13.6.1 Host identity 13.6.2 State and Cookies
Static identifiers: do not change over time Dynamic identifiers: changes as a result of an event or the passing of time State and Cookies Anonymity Anonymous Anonymity: good or bad?

21 13.6.1 Host Identity Bound up to networking
Not connected: pick any name (only locally) Connected: one or more names depending on interfaces, network structure, context Each principal on an individual host can gave different names “Name” identifies a principal, “Address” identifies where that principal is located

22 13.6.1 Host Identity (cont.) EXAMPLE : Layered network -MAC layer
Ethernet address: 00:05:02:6B:A8:21 AppleTalk address: network 51, node 235 -Network layer IP address: -Transport layer Host name: cherry.orchard.chekhov.ru

23 13.6.1.1 Static and Dynamic Identifiers
Static identifier : Not change over time Dynamic identifier : changes either as a result of an event or over time Domain Name Server(DNS) : associates hostnames and IP addresses Maps transport identifiers (host names) to network identifiers (host addresses) Forward records: host names  IP addresses Reverse records: IP addresses  host names

24 13.6.1.1 Static and Dynamic Identifiers (cont.)
If dynamic identifiers, Assigned to principals for a limited time Server maintains pool of identifiers Client contacts server using local identifier Only client, server need to know this identifier Server sends client global identifier Client uses global identifier in other contexts, for example to talk to other hosts Server notifies intermediate hosts of new client, global identifier association

25 13.6.1.2 Security Issues with the Domain Name Service
Trust is that name/IP address binding is correct Goal of attacker: associate incorrectly an particular IP address with a host name Assume attacker controls name server, or can intercept queries and send responses

26 13.6.1.2 Security Issues with the Domain Name Service
Attacker can change records on server - Called “control” Add extra record to response, giving incorrect name/IP address association - Called “cache poisoning” Attacker sends victim request that must be resolved by asking attacker - Attacker responds with answer plus two records for address spoofing (1 forward, 1 reverse) - Called “ask me”

27 State and Cookies Cookie : a token that contains information about the state of a transaction on a network The Cookies consist of several values name, value: name has given value expires: how long cookie valid Expired cookies discarded, not sent to server If omitted, cookie deleted at end of session domain: domain for which cookie intended Consists of last n fields of domain name of server Must have at least one “.” in it (.com ) secure: send only over secured (SSL, HTTPS) connection

28 Anonymity on the Web Only one person is using the original host, and the address is not spoofed, someone could guess the identity of the sender with high accuracy Anonymizer: a site that hides origins of connections Usually a proxy server User connects to anonymizer, tells it destination Anonymizer makes connection, sends traffic in both directions Destination host sees only anonymizer

29 13.6.3 Anonymity on the Web (cont.)
EXAMPLE : anon.penet.fi Offered anonymous service Sender sends letter to it, naming another destination Anonymizer strips headers, forwards message Assigns an ID (say, 1234) to sender, records real sender and ID in database Letter delivered as if from Recipient replies to that address Anonymizer strips headers, forwards message as indicated by database entry

30 13.6.3 Anonymity on the Web (cont.)
Cypherpunk R er : R er that deletes header of incoming message, forwards body to destination Also called Type I R er No record kept of association between sender address, r er’s user name Prevents tracing, as happened with anon.penet.fi Usually used in a chain, to obfuscate trail For privacy, body of message may be enciphered

31 13.6.3 Anonymity on the Web (cont.)
Encipher message Add destination header Add header for r er n Add header for r er 2 send to r er 1 send to r er 2 send to Alice Hi, Alice, It’s SQUEAMISH OSSIFRIGE Bob

32 13.6.3 Anonymity on the Web (cont.)
Mixmaster R er : Cypherpunk r er that handles only enciphered mail and pads (or fragments) messages to fixed size before sending them Also called Type II R er Designed to hinder attacks on Cypherpunk r ers Messages uniquely numbered Fragments reassembled only at last r er for sending to recipient

33 13.6.3 Anonymity on the Web (cont.)
Mixmaster message enciphered with RSA for r er #1 r er #2 address packet ID: 135 Triple DES key: 1 enciphered with Triple DES key #1 enciphered with RSA for r er #2 final hop address packet ID: 168 message ID: 7839 Triple DES key: 2 random garbage enciphered with Triple DES key #2 recipent’s address any mail headers to add message padding if needed

34 13.6.3.1 Anonymity for Better or Worse
Benefit Removes personalities from debate Anonymity allows whistleblowers considerable protection Anonymity protects privacy Incorrect conclusions from misinterpreted data Harm from erroneous information Not being let alone Are these benefits or drawbacks? Depends on society, and who is involved

Download ppt "Chap 13. Representing Identity"

Similar presentations

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.
6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security.

6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
ITIS 6167/8167: Network and Information Security Weichao Wang.

ITIS 6167/8167: Network and Information Security Weichao Wang.
July 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

Similar presentations

Ads by Google