Implementing Security - University of Houston

Download Report

Transcript Implementing Security - University of Houston

Chapter 6
6
Implementing Security
for
Electronic Commerce
Electronic Commerce
1
Secure Socket
Layer (SSL) Protocol

Introduction

6



An average user of the Internet can not deal with the
complex nature of encryption, digital certificates, and digital
signatures that are used for secure transaction on a regular
basis.
These are handled transparently by Web browsers and
Web servers through a protocol called secure socket layer.
All secured transactions between a client and a commerce
server is considered as a session. A private key is
generated by the browser for each session, which is shared
by the client and the server to exchange encrypted
messages. It is discarded after the session.
SSL comes in two strengths: 40-bit and 128-bit. The longer
the key, the better the security.
2
SSL and S-HTTP

6






The Secure socket layer (SSL) from Netscape Communications
and Secure HyperText Transfer Protocol (S-HTTP) from
CommerceNet are two protocols that provide secure
information transfer over the Internet, although S-HTTP is
almost dead now.
Both Microsoft and Netcape adapted secure socket layer in
their browsers.
SSL works at the transport layer of the TCP/IP protocol suite
and S-HTTP works at the application layer- the top layer.
They have different goals: SSL secures connections between
two computers and S-HTTP sends individual messages
securely.
SSL can secure sessions of HTTP and FTP transmissions.
The protocol for secured HTTP is HTTPS.
Try https://www.microsoft.com on the browser address line.
3
SSL Transmission (How it works)

Security Handshake:

6




Before a transmission can occur, SSL provides a security
handshake in which the client and server computers
exchange a brief burst of messages to discuss the level of
security to be used, exchange digital certificates, and so on.
When a client browser first lands on a server’s secure Web
site, the server sends a hello request to the client (browser)
The browser asks the server for a digital certificate for
verification. The server sends the certificate.
The browser checks the digital signature on the server
certificate against the public key of the Certificate Authority
stored within the browser. This authenticates the server.
After the handshake is over, the SSL then encrypts and
decrypts information flowing between two computers.
4
SSL Transmission (continued..)

Session key:


6




To implement secrecy during transmission, SSL uses both
public and private-key encryption.
The browser generates a private key (called the session
key) to share it between the browser and the Web server
during a transmission session.
Then the browser encrypts this session key using the
server’s public key (that was sent by the server during the
handshake).
The browser then sends the encrypted session key as a
message to the server. The server decrypts the message
with it’s public key and obtains the session key.
For all further transactions between the client and the
server, this session key is used for encryption.
When the session ends, the session key is discarded.
5
Establishing an SSL Session
6
6
SSL Web Server Information


6



Depending on the browser and the server, there are various
encryption algorithms that might be supported by each such as
DES, triple DES, or the RSA. See figure next page.
RSA, named after its inventors Ronald Rivest, Adi Shamir, and
Leonard Adelman, is the widely used algorithm for encrypting
Web and e-mail messages using a public key. It uses a key of
length which varies from 512 to 1,024 bits.
Because of the longer key size, public key encryption is slower
than the private key encryption. Typically, a shorter key is used
in private encryption.
Thus a combination of both private- and public-key encryption
is used in e-commerce transmissions.
The combination of public- and private-key encryption is known
as digital envelope.
7
SSL Web Server Information
6
8
Secure HTTP (S-HTTP) Protocol

6



It is an extension to HTTP protocol that provides numerous
security features such as
 Client and server authentication
 Spontaneous encryption
 Request/response nonrepudiation
It provides symmetric and public-key encryption like the SSL.
It also uses a message digest (hash number or summaries of
messages as integers) to be transmitted with the message for
message integrity. So, if the message is changed during
transmission, it will be detected.
A secure digital envelope encapsulates a message and
provides secrecy, integrity, and client/server authentication.
9
Ensuring Transaction Integrity

6





Electronic commerce activities typically involve a client browser
sending payment information, order information, and payment
instructions to the commerce server and the commerce server
responding to the browser with the electronic confirmation of the order
details.
SSL provides security for message transmission, but an Internet
interloper can still alter a message.
A combination of techniques are used to create messages that are
tamperproof and authenticated.
First, a hash algorithm is applied to the message to obtain a hash
value (message digest). This hash value is appended to the message
and sent to the receiver. The receiver recalculates the hash value and
compares with the original one.
But, a hash algorithm is public and anyone can intercept the message
-- recalculate the hash value, and retransmit the message. The
receiver will calculate the same hash value.
To prevent this type of fraud, the sender encrypts his/her message
with a private key. An encrypted message digest is called a digital
signature.
10
Ensuring Transaction Integrity
Figure 6-15
6
11
Guaranteeing
Transaction Delivery
6

Neither encryption nor digital signatures protect packets from
theft or slowdown.

Transmission Control Protocol (TCP) is responsible for end-toend control of packets.

When it reassembles packets at the destination in the correct
order, it handles all the details when the packets do not appear.

Every data packet sent by a TCP/IP client is confirmed by the
TCP/IP receiver along with the size of the data packet.

If a data packet seem to be lost, TCP server requests that the
client computer resend the particular data packet.
12
Protecting the Commerce Server


6




Security of electronic commerce also involves protection of
electronic commerce server and associated servers.
These include the commerce server, Web server, FTP server,
mail server, remote login server, and operating systems on the
host machines.
An FTP server facilitates delivery of soft goods (software) to
consumers.
E-mail servers service electronic mails sent by a merchant and
received from the consumers.
The Web server manages Web requests from the consumers.
A remote login server allows field personnel to remotely log on
to the corporate computer to perform a variety of tasks.
13
Access control and authentication


6


Controlling who and what has access to the
server.
Requests that the client send a certificate as part
of authentication.
Server checks the timestamp on the certificate to
ensure that it hasn’t expired. The server will
reject an expired certificate and provide no further
service.
Can use a callback system in which the client
computer address and name are checked against
a list of usernames and assigned client
computers.
14
Access control and authentication
6

Usernames and passwords are the most common
method of providing protection for the server.

Usernames are stored in clear text, while passwords
are encrypted.

The password entered by the user is encrypted and
compared to the one on file.
15
Operating System Controls
6

Most operating systems employ username and
password authentication.

The security of the Web server and other servers of
electronic commerce application can be integrated
with the operating system security.
16
Windows Integrated Security for
Internet Information Server (IIS)
6
17
Firewall



6



A firewall provides a defense, sometimes the first line of defense,
between a corporate network and the Internet.
All corporate access to and from the Internet flows through the firewall.
The network and computers being protected are inside the firewall,
and any other network is outside.
The networks inside the firewall is called trusted, whereas networks
outside the firewall are called untrusted.
In the TCP/IP protocol stack, firewall works in the application layer.
Thus, it provides software solution.
Firewalls are computers that have the following characteristics:
 All traffic from inside to outside and outside to inside must pass
through it.
 Only authorized traffic is allowed to pass through it.
 The firewall itself must be immune to penetration.
18
Firewall Computer
 A firewall
6
computer should be stripped of
any unnecessary software for security
reason.
 It should not be used for any other
purpose.
 Firewall computer should not be
administered remotely.
19
Classification of Firewalls


6

Packet filters
 Examine all packets flowing back and forth through the
firewall
Gateway servers
 Filter traffic based on the requested application such as
Telnet, FTP, and HTTP.
 A gateway might permit incoming FTP request, but not
outgoing FTP requests.
 A gateway might prevent employees inside a firewall from
downloading any program outside the firewall.
Proxy servers
 Communicate on behalf of the private network
 Serve as a huge cache for Web pages
20
Check Point Software’s Firewall-1 Web Page
6
21