Presentation is loading. Please wait.

Presentation is loading. Please wait.

ECE 424 Embedded Systems Design Embedded System Security Chapter 14 Ning Weng.

Published byNatalie Perkins Modified over 9 years ago

Similar presentations

Presentation on theme: "ECE 424 Embedded Systems Design Embedded System Security Chapter 14 Ning Weng."— Presentation transcript:

1 ECE 424 Embedded Systems Design Embedded System Security Chapter 14 Ning Weng

2 Is your System Secure 2

3 Security Requirements from User prospective 3 From: Security as a New Dimension in embedded system Design By Paul Kocher, Ruby Lee, Gary McGraw, Anand Ragunathan and Srivaths Ravi

4 4  Basic Security Function o Confidentiality Only authorized user can access o Integrity Information should not be altered in any unintended way. o Authentication Data sent and received by appropriate parties rather than masqueraders  User Identification o embedded system should be restricted to a selected set of authorized users  Secure Network Access o Access to a network or a service has to be provided only if the device is authorized.

5 5  Availability o protection against disruption of service  Secure Storage o Securing information in the embedded system’s storage devices, external or internal to the system  Content Security o Protect the rights of the digital content used in the system.  Tamper Resistance o It should maintain the security requirements when the device falls into the hands of malicious parties, and can be physically or logically probed

6 Consequence of People, Process and Technology 6 FactorsSecurity MeasuresAttack People Training users about security risks and common pitfalls Phishing attack Process Make rules and procedure more complicated Attacker tries to lock out user accounts and send phishing messages with false instruction to re- enable accounts. Technology Regular update and apply of security-related patches Software with an exploitable weakness is targeted and attacked

7 Outline  Introduction  Security Concepts and Building Blocks  Major Security Attacks  Conclusion 7

8 Encryption and Cryptography o Encryption: process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing a private key. Ex: Single-Key encryption Generate a Key that only user knows. Crypto algorithm like GPG translates the key into numerical form that is used to randomize the bits in the file, that needs to be encrypted and makes the file inaccessible to user without password. 8

9 Asymmetric-Key Cryptography (RSA) 9  User generates key pair, consists of Private key and Public Key.  Private key is a secret and known only to owner  Public key is for anyone who wants to send message to the owner, they encrypt with public key and user can open it using private key.  Private key and public key are mathematically related.  RSA features to put signature along with encryption, so that user can authenticate the sender by decrypting using public key of sender.  Problem with RSA is exchange of Public key.  Certificate Authorities solves the problem of exchange of keys.

10 Also known Secure Sockets Layer (SSL) It is an application-level security protocol, built in web browsers. TLS enables web security with following rules o Public- Key encryption is used to authenticate clients and server. o Single-Key encryption is used to secure communication between two applications. o Cryptographic signatures are used to ensure message integrity. o Certificates and Certificate authorities are used to associate names with public keys in trusted manner. TLS works with handshake and concludes by creating a secure communication channel. Lets go through the example how handshake works and creates the secure channel with http://mail.google.com 10 Transport Layer Security (TLS)

11 11

12 Secure Shell(SSH) 12  It is a network protocol for secure data communication, remote shell services or command execution in Linux or Unix systems.  It is primarily used to enable secure remote connections.  Once SSH is installed private and public keys are created.  First time when user establishing connection, the public key for the remote mechine will be appended to ~/.ssh/known_host file.  Once the client machine has authenticated and gotten public key, it can use it to encrypt communication.  SSH also allows to log in with public key but user must create their key pair by executing o ssh-keygen –t rsa

13 13 Ex: Connecting to Remote Server

14 14 Key generation:

15 15 Private Key and Public Key

16 Security Architecture for IP: IPSec 16  Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.  All protocols based on TCP and UDP inherit the security benefits of IPSec.  Can access server securely within company’s network. Also provides secure access to remote employees and machines.  Two operating mode supported by IPSec o Transport Mode Only the payload of the IP packet is usually encrypted. Used for host-to- host communications. o Tunnel Mode The entire IP packet is encrypted and/or authenticated. It is then encapsulated into a new IP packet with a new IP header. Used to create virtual private networks for network-to-network communications

17 Two factor Authentication 17  Two-factor authentication is an approach to authentication which requires the presentation of "two or more" of the three authentication "factors" ("something the user knows like password", "something the user has private keys paired with public keys", and "something the user is, like finger prints, iris pattern").  It is an attempt to increase the difficulty involved with defrauding authentication schemes.

18 Outline  Introduction  Security Concepts and Building Blocks  Major Security Attacks  Conclusion 18

19 Buffer Overflow It is a stack based buffer overflow, or buffer over-run, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety. o Ex: o Trouble with this code is it takes no steps to determine buffer destination. o Attacker may take advantage in one of several ways: By overwriting a local variable that is near the buffer in memory on the stack to change the behavior of the program which may benefit the attacker. By overwriting the return address in a stack frame. Once the function returns, execution will resume at the return address as specified by the attacker, usually a user input filled buffer. By overwriting a function pointer, or exception handler, which is subsequently executed. 19

20 SQL Injection o SQL is the language for relational database, where information is represented by tables with columns that refer to one another in order to express relationships between the data. o Websites and web applications uses database to store user logins and associated data. o Ex: Web applications retrieve user information from databaseas shown below o Resulting SQL statement destroys information and also may insert new user, write new files to web directories or modify user information. 20

21 Denial of Service (DOS) o It attacks availability of resource. o 3 categories of DOS Resource Exhaustion Resource interruption Active interference o Resource Exhaustion would prevent valid users from accessing the software, and it could potentially have an impact on the surrounding environment. o Resource interruption, a target is rendered ineffective by interrupting access to a key resources or service. Ex: If DNS service is interrupted, many remote systems become unreachable. o Active interference is if a attacker knows destination IP address and ports used by target machine and forge illegitimate packets that appear to come from Dest IP address, attacker can shut down TCP connections by sending TCP/RESET packet. Social Engineering and Phishing o It is the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information. 21

22  Software in embedded systems is a major source of security vulnerabilities.  The requirements level: Security requirements must cover both overt functional security (e.g., the use of applied cryptography) and emergent characteristics.  The design and architecture level: A system must be coherent and present a unified security architecture that takes into account security principles (such as the principle of least privilege)  The code level: Static analysis tools — tools that scan source code for common vulnerabilities — can discover implementation bugs at the code level. Counter Measures against Software attacks 22

23 From: Security as a New Dimension in embedded system Design By Paul Kocher, Ruby Lee, Gary McGraw, Anand Ragunathan and Srivaths Ravi 23

24 Firewalls  Firewall is a device or software layer that filters out packet based on a set of rules that define which packet can be allowed through and which should be dropped.  Firewalls operate beneath the operating system networking stack. It is low enough in packet processing sequence that drops decision can be made before assigning the system resource and avoid SYN flood attacks.  Firewall operates with chain of sequence of rules. If the packet matches rules defined above it is accepted. Else it is evaluated against the next rule. 24

25 Firewalls  Five default chains INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING 25

26 Servers and Logs  To make system more secure it is always a good habit to maintain Logs of the system activity.  List of logs Embedded system should probably maintain o Failed Login attempts o Web Server and database access logs o Firewall logs 26

27 Hardware Attacks  The design of secure hardware is often overlooked in the product development life cycle, leaving many devices vulnerable to hacker attacks.  The critical components in your circuit needs to be protected  Critical components may include specific algorithms, device identifiers, digital media, cryptographic keys, complete product firmware, or other product-specific data.  Some the major hardware attacks are on o Emission and immunity o Board level o Memory Devices o Power supply 27

28 Memory  Most memory is insecure o Can be read with standard device programmer  Difficult to securely and totally erase data from RAM and non-volatile memory o Remnants may exist and be retrievable from devices long after power is removed  SRAM-based FPGAs most vulnerable to attack o Must load configuration from external memory o Bit stream can be monitored to retrieve data 28

29 Memory counter measures  Protect against I/O scan attacks o Attacker cycles through all possible combinations of inputs to determine outputs o Use unused pins to detect probing  Security fuses and boot-block protection o Enabled for "write-once" access to a memory area or to prevent full read back Implement if available  Advanced memory management consists of using an FPGA or other circuitry to perform hardware-based bounds checking by monitoring the address bus or buses. By doing so, one can restrict read/write access to defined memory. 29

30 Power Supply 30  Using a low-dropout linear regulator or DC-DC converter will help ensure that the circuitry in the product receives power within its expected range, regardless of an improper voltage supplied at the input. Such circuitry can obviously be bypassed if the attacker has access to the board.  In SPA (Simple Power Analysis),DPA(Differential Power Analysis) an attacker directly observes a system's power consumption, which varies based on the operation that the microprocessor is performing.  Using SPA and DPA attacker can easily guess cryptographic keys.

31 Power attack Counter Measures 31  Define minimum and maximum operating limits o Ex: Comparators, watchdogs, supervisory circuits  Do not rely on end user to supply a voltage within recommended operating conditions o Implement linear regulator or DC-DC converter

32 Security Reasons: Information value and inexpensive to duplicate, store and transfer Attacks: Malicious and misuse Ning WengECE 42432 Courtesy of Trusted Computing Group

33 Outline  Introduction  Security Concepts and Building Blocks  Major Security Attacks  Conclusion 33

34 Conclusion 34  Hardware is now more accessible to hackers than ever before. Both software and hardware security is important.  Simplest attacks known for decades still work  Use at least basic security.  New skills and techniques continually being developed and shared.  Determine what to protect, why you are protecting it, and who you are protecting against  Nothing is 100% secure, but being an engineer make the best of it.

Download ppt "ECE 424 Embedded Systems Design Embedded System Security Chapter 14 Ning Weng."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Authored by: Rachit Rastogi Computer Science & Engineering Deptt., College of Technology, G.B.P.U.A. & T., Pantnagar.

Authored by: Rachit Rastogi Computer Science & Engineering Deptt., College of Technology, G.B.P.U.A. & T., Pantnagar.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Chapter 20: Network Security Business Data Communications, 4e.

Chapter 20: Network Security Business Data Communications, 4e.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Similar presentations

Ads by Google