Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Security CS598MCC Spring 2013 Yiwei Yang. Definition a set of procedures, practices, and technologies for assuring the reliable, predictable operation.

Published byZack Sorsby Modified over 9 years ago

Similar presentations

Presentation on theme: "Web Security CS598MCC Spring 2013 Yiwei Yang. Definition a set of procedures, practices, and technologies for assuring the reliable, predictable operation."— Presentation transcript:

1 Web Security CS598MCC Spring 2013 Yiwei Yang

2 Definition a set of procedures, practices, and technologies for assuring the reliable, predictable operation of web servers, web browsers, other programs that communicate with web servers, and the surrounding Internet infrastructure.

3 Three components Data in transit Web Browser Web Server

4 Privacy issue with web browser Where does information leak out? 1. Provided by users (registration form) 2. Log files - Web logs (IP, time, requested URL, browser type, username if authentication is used …) proxy servers can obscure web log - Mail logs (from, to, …) - DNS logs (name, IP, query…) - RADIUS logs

5 Privacy issue with web browser Where does information leak out? 3. Web bugs outsourced web site monitoring 4. Cookie - user’s actual data - a number of codes that key into a database that resides at the web provider

6 Privacy issue with web browser Attacks related with cookies 1.XSS(Cross-site scripting) - Nonpersistent - Persistent Prevention - Better cookie handling - Disable the script

7 Privacy issue with web browser Attacks related with cookies 2. CSRF( Cross-Site Request Forgery) - belongs to Deputy attack - carried out attack from user himself Prevention - Better cookie handling - Authentication for each operation - Random number

8 RADIUS(Remote Authentication Dial In User Service ) Application layer client/server protocol on top of UDP Authentication, Authorization, Accounting (AAA) RADIUS Server - daemon process running on Unix or Window NT machine RADIUS Client - access server(gateway) that control access to network( RAS, NAS, VPN server)

9 Radius Packet format

10 Authentication and Authorization 1.User initiates authentication to the NAS. 2.NAS prompts for username and password. 3.User replies. 4.RADIUS client sends username and encrypted password to the RADIUS server. 5.RADIUS server responds with Accept, Reject, or Challenge. 6.The RADIUS client acts upon services and services parameters bundled with Accept or Reject.

11 Client sends out access-request packet - request authenticator is a random 16 octet string - password is encrypted p is divided into p 1,p 2,…..p n where p i is a 16-octet block c 1 = p 1 XOR MD5(S || request authenticator ) c 2 = p 2 XOR MD5(S || c 1 ) ……. c n = p n XOR MD5(S || c n-1 ) - sent to port 1812 of server Authentication and Authorization

12 Server received the packet Drop it if no shared secret Otherwise authenticate the user - access-accept( parameters used for this session including access list to apply) - access-reject - access-challenge response authenticator = MD5 (code || ID|| length|| request authenticator|| attributes || s) Send out the packet to client Authentication and Authorization

13 Client drop the packet if it doesn’t have corresponding identifier or calculation on response authenticator doesn’t match Otherwise the user is authenticated if received access-accept What can go wrong? Authentication and Authorization

14 Attacks on RAIDUS Response Authenticator Based Shared Secret Attack User-Password Attribute Based Shared Secret Attack User-Password Based Password Attack Active User-Password Compromise through Repeated Request Authenticators We need to secure the traffic

15 Accounting

16 Secure Network Connection Cryptographic protocol Offline encryption communication protocol -PGP/OpenPGP, S/MIME Online encryption communication protocol -SSL, IPsec, Kerberos, SET, SSH

17 SSL(Secure Sockets Layer)

18 SSL Record Protocol

19 Handshake Protocol: Phase 1 and 2

20 SSL: Handshake Round 1 Client Server { v C || r 1 || s 1 || ciphers || comps } Client Server {v || r 2 || s 1 || cipher || comp } v C Client’s version of SSL vHighest version of SSL that Client, Server both understand r 1, r 2 nonces (timestamp and 28 random bytes) s 1 Current session id (0 if new session) ciphersCiphers that client understands compsCompression algorithms that client understand cipherCipher to be used compCompression algorithm to be used

21 SSL: Handshake Round 2 Client Server {certificate } Note: if Server not to authenticate itself, only last message sent; third step omitted if Server does not need Client certificate k S Server’s private key ctypeCertificate type requested (by cryptosystem) gcaAcceptable certification authorities er2End round 2 message Client Server {mod || exp || Sig S (h(r 1 || r 2 || mod || exp)) } Client Server {ctype || gca } Client Server {er2 }

22 Handshake Protocols: Phases 3 and 4

23 SSL: Handshake Round 3 Client Server { pre }Pub S msgsConcatenation of previous messages sent/received this handshake opad, ipadAs above Client Server { h(master || opad || h(msgs || master | ipad)) } Both Client, Server compute master secret master: master =MD5(pre || SHA(‘A’ || pre || r 1 || r 2 ) || MD5(pre || SHA(‘BB’ || pre || r 1 || r 2 ) || MD5(pre || SHA(‘CCC’ || pre || r 1 || r 2 ) Client Server { client_cert }

24 SSL: Handshake Round 4 Client Server { h(master || opad || h(msgs || 0x434C4E54 || master || ipad )) } msgsConcatenation of messages sent/received this handshake in previous rounds (does notinclude these messages) opad, ipad, masterAs above Client Server { h(master || opad || h(msgs || 0x53525652 || master | ipad)) } Server sends “change cipher spec” message using that protocol Client Server Client sends “change cipher spec” message using that protocol Client Server

25 SSL What does SSL provide us? - Data integrity, Confidentiality - Authentication(handshake) Limitation on SSL - doesn’t work with connection less protocol - doesn’t support non-repudiation - doesn’t protect the application itself - general-purpose data security Misuse of SSL

26 TLS(Transport Layer Security) SSL 3.0 served as the basis for TLS 1.0(SSL 3.1) Slightly different from SSL - Message Authentication (HMAC) - key derivation - Finished -Alert protocol message type

27 Secure Web Server Based on CIA, what do we need to secure? Three steps to secure server 1. Host security 2. Secure web service 3. Examine interaction between OS and web service

28 References RADIUS http://en.wikipedia.org/wiki/RADIUS http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080 0945cc.shtml SSL https://wiki.engr.illinois.edu/download/attachments/202934655 /ssl-ipsec.pdf?version=1&modificationDate=1348193253000

29 Thank you!

Download ppt "Web Security CS598MCC Spring 2013 Yiwei Yang. Definition a set of procedures, practices, and technologies for assuring the reliable, predictable operation."

Similar presentations

Web security: SSL and TLS

Web security: SSL and TLS
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS 4362 - CIS 5357 Network Security.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 9 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 9 Wenbing Zhao Department of Electrical and Computer Engineering.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.

0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller

Similar presentations

Ads by Google