Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 7, 20-771: Computer Security, Fall 2002 1 20-771: Computer Security Lecture 6: Privacy, CSP & Review Robert Thibadeau School of Computer Science.

Published byCharleen Hutchinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 7, 20-771: Computer Security, Fall 2002 1 20-771: Computer Security Lecture 6: Privacy, CSP & Review Robert Thibadeau School of Computer Science."— Presentation transcript:

1

2 Lecture 7, 20-771: Computer Security, Fall 2002 1 20-771: Computer Security Lecture 6: Privacy, CSP & Review Robert Thibadeau School of Computer Science Carnegie Mellon University Institute for eCommerce, Fall 2002

3 Lecture 7, 20-771: Computer Security, Fall 2002 2 Today’s lecture Unix Access Nestor 30 th. XML and XML Security

4 Lecture 7, 20-771: Computer Security, Fall 2002 3 This Week Mid Term on Wednesday Essay / Closed Book! Know IPAAA(A) and be ready to analyze and synthesize using it. Know Crypto Elements and be able to use them. Know how a X.509v3 Cert works as a Device Know TLS – DH vs RSA Know Unix Access Model Have done your Linux Task

5 Lecture 7, 20-771: Computer Security, Fall 2002 4 The How-To of Computer Security Integrity – Is it what it represents itself to be? Privacy – Is it hidden from those without a right to see it? Authentication – Is it from who it pretends to be from? Authorization – Is it provided to who it is supposed to be provided to? Auditability – Do I have a record of how it was used? Availability – Is it there (Usually Integrity…)? It : the service or the total data, program, machine, facility, network that is secure – whose intention is being protected.

6 Lecture 7, 20-771: Computer Security, Fall 2002 5 IPAAAA for messages Integrity (message integrity : it is the message sent or the one it was) Privacy (message is secret : it can’t be spied) Authentication (source and recipient are who they say they are) Authorization (recipient is permitted to read : source is permitted to send) Auditability (the message can be proven to be passed successfully) Availability? (the message was not blocked in passage)

7 Lecture 7, 20-771: Computer Security, Fall 2002 6 IPAAAA for Login Access Integrity –(login integrity : it is the login it pretends to be – change in transit or trojan horse login) Privacy –(login is secret : it can’t be spied) Authentication –(source is who he says he is?) Authorization –(login accomplishes access permissioning perfectly?) Auditability –(do I have a record?) Availability? –(does it reliably take the login and reliably give you access?)

8 Lecture 7, 20-771: Computer Security, Fall 2002 7 Other things to Secure?

9 Lecture 7, 20-771: Computer Security, Fall 2002 8 Crypto Toolkit PUBLIC KEY ONE KEY OPENS OTHER KEY CLOSES ONE KEY PUBLIC ONE KEY PRIVATE Also called “asymmetric” and “trap door” PUBLIC KEY Send ONLY TO YOU (public key closes) PUBLIC KEY - SIGNING Receive ONLY FROM ME (public key opens) PRIVATE KEY ONE KEY OPENS AND CLOSES Also called “symmetric” PRIVATE KEY Very Fast – Very Very Secure if Key, 128 bits, Used Once PRIVATE KEY Takes care of all problems if you know only you and me have the key. HASH FUNCTION MAKES ANYTHING ONE SIZE Also called “digest” HASH FUNCTION If Signed Proves: INTEGRITY and AUTHENTICITY CHALLENGE RESPONSE Proves you know something RIGHT NOW

10 Lecture 7, 20-771: Computer Security, Fall 2002 9 X.509v3 Self Signed Certificate Authorities Device Authorities Other Authorities (Program, Mail, etc.)

11 Lecture 7, 20-771: Computer Security, Fall 2002 10 Microsoft CAPI/CSP Cryptographic Application Program Interface (CAPI) Cryptographic Service Provider (CSP) –Windows Logon –File Encryption/Decryption –IPSec (IP Security Protocol) – virtual private network –SSL/TLS – HTTPS –Authenticode CAPI is the only thing allowed to call the CSP –CSP can also be replaced with crypto hardware, including smart cards (smart cards are CSPs.) Unix/Java world: RSA PKCS#11 Cryptoki Protocol (same as CSP).

12 Lecture 7, 20-771: Computer Security, Fall 2002 11 Interface Device (IFD) CSP ISO 7816 + PC/SC ICC Smartcard PC or Server ICC(IntegratedCircuitCard) IFDHandler ICC Resource Manager Service Manager (CSP) Interface Device (IFD) ICC(IntegratedCircuitCard) IFDHandler Crypto API Windows and other Applications

13 Lecture 7, 20-771: Computer Security, Fall 2002 12 CSP Functions CPAcquireContext Takes in table of function pointers and string identifying CSP container name. Returns handle to CSP for use by all other CSP.DLL functions. CPReleaseContext Releases context referred to by hProv handle. (Disconnects from CSP.) CPGenRandom Fills buffer with cbLen random bytes. CPGenKey Takes algorithm identifier for algorithm that will use this key. Generates and returns handle to a new key. CPDeriveKey Generates cryptographic session key using a hash of base data. Returns key handle, given handle to base data and an algorithm ID. CPDestroyKey Destroys key referenced by hKey handle.

14 Lecture 7, 20-771: Computer Security, Fall 2002 13 CSP CPEncrypt/CPDecrypt Takes data, key handle, and optional hash handle. Encrypts or decrypts data in buffer. CPCreateHash Takes algorithm ID and optional key handle. Returns handle to hash object. CPHashData Hashes data buffer using hash object hHash. CPHashSessionKey Similar to CPHashData, but hashes key referenced by hKey instead of a raw data buffer. CPSignHash Takes signing key pair (dwKeySpec) and hash object (hHash), returns signed hash in a data buffer. CPDestroyHash Destroys hash object referenced by hHash. CPVerifySignature Takes public key, hash object, and signature data buffer. Verifies signature and returns Boolean response (valid signature or not).

15 Lecture 7, 20-771: Computer Security, Fall 2002 14 CSP CPGetUserKey Gets a handle to a permanent user key, given key specification (dwKeySpec). CPExportKey Securely exports key (hKey) in a blob encrypted with the public exchange key (kPubKey) CPImportKey Takes key blob and handle to exchange public key of destination user. Returns handle to imported key.

16 Lecture 7, 20-771: Computer Security, Fall 2002 15 CSP Parameters (p)hProv Handle to Cryptographic Service Provider. Required in all CSP.DLL functions. (p)hKey Handle to a cryptographic key. Can be generated, derived or imported. Can be destroyed, exported, or have its parameters modified. Used to encrypt, decrypt, and create hashes. (p)hHash Handle to hash object. Used in encrypt, decrypt, and signature/verification functions. hBaseData Data used to derive session key in CPDeriveKey. hPubKey Public exchange key for key blob import and export, and signature verification. Algid Specifies algorithm for generating or deriving keys, or creating hashes. For session keys: RC2, RC4, or DES. For key pairs, EXCHANGE or SIGNATURE (key pair type). dwBlobType Specifies type of key blob to create when exporting a key. SIMPLE, PUBLICKEY, PRIVATEKEY, or OPAQUEKEY. dwKeySpec Specifies EXCHANGE or SIGNATURE, the type of key pair to be used. Used to sign hash and to get a permanent user key pair. pbSignature/(p)cbSigLen Signature data buffer and length, used for signing and verification of hashes. szDescription Description of data to be signed or verified. Use not recommended. phUserKey Handle to a permanent user key. szContainer String identifying CSP container name to acquire (used for acquiring CSP context). pVTable Table of pointers (VtableProvStruct) to callback functions (used for acquiring CSP context). cbBufLen/cbLen/pbBuffer/pbData/(p)cbDataLen Buffers and lengths for various different purposes dwFlags Flags to customize operation of most CSP functions. Purpose differs for each function. dwParam Specifies parameter to get or change. Usually sets or uses values in a data buffer.

17 Lecture 7, 20-771: Computer Security, Fall 2002 16 Windows, Unix, etc etc…

18 Lecture 7, 20-771: Computer Security, Fall 2002 17 Break!

19 Lecture 7, 20-771: Computer Security, Fall 2002 18 Information Privacy Technology Law No matter how much you want to, you can’t get technology out of privacy or the law out of privacy

20 Lecture 7, 20-771: Computer Security, Fall 2002 19 Reasons There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private. –Therefore the Law becomes Indispensible Technology – actually the computer – will always surprise you : The Turing Principle –Therefore Technology cannot be frozen to a form Technology – you need locks on the doors and policing of the laws –This requires Technology

21 Lecture 7, 20-771: Computer Security, Fall 2002 20 The Cookies Privacy Violation Technology will Surprise You DoubleClick A Web Page has many Objects on it Each Object can put a cookie on your machine

22 Lecture 7, 20-771: Computer Security, Fall 2002 21 Reasons There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private. –Therefore the Law becomes Indispensible Technology – actually the computer – will always surprise you : The Turing Principle –Therefore Technology cannot be frozen to a form Technology – you need locks on the doors and policing of the laws –This requires Technology

23 Lecture 7, 20-771: Computer Security, Fall 2002 22 Core Privacy Technology : Digital Contracts Technologists agreeing that there is no option but to have digital contracts Digital contracts can become the practice from which law evolves –So the “Liability Regime” and the “Contract Regime” actually go hand in hand from a technology perspective. P3P (www.w3.org/p3p) Semantics for the contract – what information, for what intended use, what will be done with it, what are my remedies,www.w3.org/p3p

24 Lecture 7, 20-771: Computer Security, Fall 2002 23 ISTPA.org Framework PI Container (PIC) PI Contract PI Intended Use Credentials Policies Conditions Permissions Identity Credentials Signature

25 Lecture 7, 20-771: Computer Security, Fall 2002 24 ISTPA.org Framework Legal, Regulatory, and Policy Context Security Foundation Agent Control Interaction Negotiation Data SubjectData Requestor Usage PI, Preferences & PIC Repository Agent Control Interaction Negotiation PIC Repository PI Container (PIC) EnforcementAuditCertificationValidation Assurance Services

26 Lecture 7, 20-771: Computer Security, Fall 2002 25 Privacy Server Protocol at CMU http://yuan.ecom.cmu.edu/psp 1. bilateral and negotiated agreements between client and server using HTTP or HTTPS. bilateralnegotiatedHTTPS 2. agreements that have scope in time (a start and expiration),scope in time 3. agreements that have scope over digital and non-digital interactions (including mail and phone contacts),scope over digital and non-digital interactions 4. agreements that cannot be repudiatedcannot be repudiated 5. agreements that can be indexed by the server using server-only Privacy Universal Identifiers (PUIDs). Privacy Universal Identifiers

27 Lecture 7, 20-771: Computer Security, Fall 2002 26 More Review

28 Lecture 7, 20-771: Computer Security, Fall 2002 27 Access User and Group Access Rights is the Basis for Unix Security AND Windows 2000 Security! –Read, Write, Execute on a file/directory/device The biggest TCO (total cost of ownership) in a computer system is administering and working with access control. –Because things just don’t work until you get the access rights working properly –People think it is something wrong with the program when it is really just the security environment that is set wrong. A GREAT REASON to REALLY LEARN YOUR ACCESS CONTROL SYSTEM!

29 Lecture 7, 20-771: Computer Security, Fall 2002 28 Bits 010 = 2 =~ 020 (if you know these are bits!) 100 = 4 =~ 400 4577 (100 101 111 111) 4755 (100 111 101 101) – very common for executables

30 Lecture 7, 20-771: Computer Security, Fall 2002 29 Unix Access Protections What has access protections u-rwx g-rwx o-rwx? –Files –Directories –Devices (/dev/) –Programs (must have execute bit set). All these have ONE user and ONE group that owns them. Each User is ONE user and ONE DEFAULT group but many group memberships. Types of protections applied when creating/modifying –User : rwx (u-rwx, -rwx------, or 0700) –Group : rwx (g-rwx, ----rwx---, or 0070) – other members of user’s group –Other : rwx (o-rwx, -------rwx, or 0007) –A directory : d (d--------- -> set automatically by file system) –SGID : (-----s--- or 2000) inherit group protections –umask 002 : automatically let everybody in group rwx »Need private user group : user mary, group mary if umask 002 not 022. A user can be a member of many groups but only the primary defaults to write unless directory permission is set to overcome user permission (sgid bit set on directory). When access is provided to a group, every member gets it.

31 Lecture 7, 20-771: Computer Security, Fall 2002 30 Unix Access Control Model Filerw(x/s)rwxrw(x/t) Directorydrwxrw(x/s)rwx DevicesSome-other-time.. YOU! User a Group a Group b.. Access Control List/Vector umask 022 7Specialsst 7Userurwx 7Groupgrwx 7Otherorwx User a Group b Execute Create Delete x User a Group b

32 Lecture 7, 20-771: Computer Security, Fall 2002 31 Access Control Commands ls –l ; shows ACLs on files, directories, devices chmod o+rw file ; changes ACL on files, directories, devices groupadd group ; adds a group gpasswd –a user group ; adds a user to a group chgrp user group ; changes the DEFAULT group of a user. touch file ; causes your ownership to go to file umask 002 ; changes your creation mask

33 Lecture 7, 20-771: Computer Security, Fall 2002 32 Special Bits do ONE thing each drwsrwsrwt 4 Set User ID : causes an executable file (a program) to go into the access permissions of the owner of the file (note, group or OTHER could execute it!) not the person executing it. 2 Set Group ID : causes a new file that is being created in a directory to have the group ID of the directory, not the person (User) that is creating the file. 1 Sticky Bit : Causes a new file that is being created in a directory to not be deletable by just anybody in that directory but by the user who created the file. The file is ‘sticky’ because not-just-anybody can delete it.

34 Lecture 7, 20-771: Computer Security, Fall 2002 33 umask Applies only when you are creating (touching, modifying) a file (directory, device…) 022 is the general default : only you can write a file but everybody else can read and execute it. It is a mask on the file settings given by environment. 002 lets everybody in your group write the file. 000 lets everybody write the file. 277 lets only you read and execute (safety) Just type “umask 277” in a shell window and now when you make a file, it will have these attributes.

35 Lecture 7, 20-771: Computer Security, Fall 2002 34 Special Unix Users Root  can do anything except when he has protected himself, but he can change the self protections User -> can do what he is allowed to do by his who he is, his group memberships, and the file/directory/device ACLs Special Groups -> wheel

36 Lecture 7, 20-771: Computer Security, Fall 2002 35 Some Peso default user-groups /etc/group GROUP : passwd : GID : user list root:*:0:maint,operator,root,sync bin:*:1:bin,anon,daemon,root daemon:*:2:bin,daemon,root sys:*:3:bin,adm,root adm:*:4:adm,daemon,root lp:*:7:lp,daemon wheel:*:10:root mail:*:12:mail,mmdf opr:*:13:halt,opr,reboot,shutdown,news news:*:13:halt,opr,reboot,shutdown,news uucp:*:14:uucp

Download ppt "Lecture 7, 20-771: Computer Security, Fall 2002 1 20-771: Computer Security Lecture 6: Privacy, CSP & Review Robert Thibadeau School of Computer Science."

Similar presentations

Robert Thibadeau, Copyright 2000 1 It’s not what IT does to Privacy it’s what Privacy does to IT Robert Thibadeau, Ph.D. www.internetlab.ri.cmu.edu www.w3.org/p3pwww.w3.org/p3p.

Robert Thibadeau, Copyright It’s not what IT does to Privacy it’s what Privacy does to IT Robert Thibadeau, Ph.D.
Privacy Science, Copyright Robert Thibadeau, CMU, 2001 1 Privacy Science Robert Thibadeau, Ph.D. Director, Internet Systems Laboratory

Privacy Science, Copyright Robert Thibadeau, CMU, Privacy Science Robert Thibadeau, Ph.D. Director, Internet Systems Laboratory
CP3397 ECommerce.

CP3397 ECommerce.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.

Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.

Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Similar presentations

Ads by Google