1. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security Revision 1.1 Date: October 21, 2003

2. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 2 Secure Communication (Chapter 9 Summary) People need to “talk” over the network, they got encryption and authentication keys all set up. Now, how do they communicate securely? –Precisely: Where to put security in the ISO stack?

3. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 3 ISO Stack Recall the 7-layer OSI model from the networks course: Application So, on which level(s) can you possibly put security mechanisms? Presentation Session Transport Network Link Physical

4. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 4 Which Layers? The layers in gray are the ones, on which Internet security protocols are implemented. Application There are a always tradeoffs for each level you decide to secure. Presentation Session Transport Network Link Physical

5. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 5 Which Layers? Application? Network? –App independent Between App and Transport? –Greater flexibility to select different protection levels depending on a type of comm used. Link? –Makes media-tapping protection

6. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 6 Packet Encapsulation Before we proceed to the layers … Encapsulation –Encapsulation is a technique that is used to add services to network protocols. –Technique: Get the original packet Add new headers Apply desired service to the original packet

7. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 7 Packet Encapsulation The service may include: –Real-time data transfer over the Internet –Security Encryption Authentication –… IP headerTCP headerPayload New IP headerESP|AHIP headerTCP headerPayload Original IP Datagram Encapsulated IP Datagram

8. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 8 ESP and AH Encapsulating Security Payload –Goal: confidentiality of the payload –Often used with AH IP Authentication Header –Goal: authenticity of the data in IP packets –MAC ESP and AH are often used together because use of confidentially w/o authentication has been shown to be vulnerable to crypto attacks.

9. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 9 Application Layer Very specific security needs required by an app. An app doesn’t trust underlying levels to satisfy those requirements. No direct end-to-end communication exists. Examples: –email; app: PGP –SSH

10. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 10 Transport Layer Between an app and networking Refers to TCP and UDP Transport layer security sits on top of the Transport Layer: –Does not alter TCP/UPD headers –Security is maintained when apps perform socket calls, which being replaced by their secure versions, i.e. read(socketd) -> secure_read(socketd)

11. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 11 Transport Layer (2) Examples - SSL –Secure Socket Layer, SSL; was introduced by Netscape, then standardized, became TLS – transport layer security, RFC 2246. –Typical example: Web browsers, and other Client sever architectures (RDBMS, for example). –Provides encryption and authentication –Services can easily be configured on top of SSL, w/o requiring much knowledge of it.

12. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 12 Network Layer Natural place for security mechanisms. Applications should not be changed. Independent from other layers, so an insecure version of an IP layer can be replaced by a secure one with authentication and encryption. –Securing NFS Employs encapsulation.

13. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 13 Network Layer (2) Examples of use: –Virtual Private Network, VPN, between communicating firewalls – a static route, a pipe or a tunnel, between two or more organizations, providing confidentiality and authentication using public networks (the Internet) as a transport media. (This is very cost effective in comparison with EDI). –Personal communication with insecure applications (transparent security).

14. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 14 Network Layer (3) Challenges and Disadvantages –Challenge: setting the right policy for the right kind of communication. –The concept of layer independence complicates things => security associations to transport level port numbers. –Disadvantages: requires replacement of the TCP/IP stack. On UNIX/Linux this requires kernel recompilation. On Windows update of its files and reboot. (That’s why it’s easier just upgrade your browser to have SSL, then reinstall OS).

15. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 15 Link Layer The lowest level people ever consider putting security on. Makes sense when there is a high-volume traffic between two directly connected nodes or if physical layer is not protected well enough.

16. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 16 Link Layer (2) Examples: –School campus or an organization with a network spanning across two or more buildings: it is easier to install and maintain antennas on top to link different building then cables underground. –Home or small organization wireless LAN, so no one can get anything meaningful from the radio waves it’s being run on.

17. October 22, 2002Serguei A. Mokhov, mokhov@cs.concordia.ca 17 Link Layer (3) Advantages: –Does not require any knowledge of routing, networking, apps, etc. –Key management relatively simple: two devices share a long-term key, and periodically derive session keys from them. Disadvantages: –Not appropriate when there is no direct connection between communicating parties (e.g.: need routing info, which is encrypted otherwise)