Transcript INF_123_Lecture_14x

INF 123
SW ARCH, DIST SYS & INTEROP
LECTURE 14
Prof. Crista Lopes
Objectives


Understanding threats to security in decentralized
systems
Understanding basic mechanisms for security on the
Internet
 Firewalls
 SSL/TLS
 HTTPS
Decentralization




No centralized authority to coordinate and control
entities
Independent peers, with possibly conflicting goals,
interact with each other and make local autonomous
decisions
Presence of malicious peers in open decentralized
applications
Need for measures to protect peers against
malicious attacks
Security

“The protection afforded to an automated
information system in order to attain the applicable
objectives of preserving the integrity, availability
and confidentiality of information system resources
(includes hardware, software, firmware,
information/data, and telecommunications).”
 National
Institute of Standards and Technology
Security
Computer systems include the people using the computers.
Many security threats exploit the human [good] nature.
Security



Confidentiality
 Preserving the confidentiality of information means preventing
unauthorized parties from accessing the information or perhaps
even being aware of the existence of the information. I.e.,
secrecy.
Integrity
 Maintaining the integrity of information means that only
authorized parties can manipulate the information and do so only
in authorized ways.
Availability
 Resources are available if they are accessible by authorized
parties on all appropriate occasions.
Trust


Who do you trust? For what functions?
Trust is not a binary concept! Nor static!
Blind trust
No trust

If trust is high
 Security

measures can be lowered
If trust is low
 Security
measures must be ramped up
Trust & Security

What security measures?
Security is not necessarily machine-bound

Depending on many tradeoffs

 Security

Social
measures
measures can be technological
Upon limited trust
 Security
measures may be social
 Punitive
measures for breach of trust
Computer
measures
Computer Security
Well-Known Threats
Well-Known Solutions
Computer Security in Practice



A never-ending game of
Vulnerability; Attack; Fix; Repeat
There’s no such thing as a completely secure system
Know your system’s goals and requirements, set
security investment accordingly
Integrity of Computer Systems

Firewalls
 “part
of a computer system or network that is designed
to block unauthorized access while permitting
authorized communications. It is a device or set of
devices which is configured to permit or deny computer
applications based upon a set of rules and other
criteria.”
 Basic task is to regulate some of the flow of traffic
between computer networks of different trust levels.
 Software and/or hardware
Firewalls: The problem

Computers inside a local area network (LAN) run
applications that assume a high-level of trust within
that LAN, but that trust does not hold wrt the rest of
the Internet
Types of Firewalls

Packet filters: Operate at UDP/TCP/IP level
 Traffic
filtering based on properties such as:
Source IP address & port, Destination IP address & port
Application-level protocols, …

Application-layer
 Knowledge
of services (WWW, FTP, Naspter)
 May have knowledge of users

On inspecting all packets for improper content,
firewalls can restrict or prevent the spread of
networked computer worms and trojans
Integrity Threat: Botnets
Bots are installed on victims’
computers via unsuspecting
acts like installing goodies,
unziping files, etc.
Bots talk to master using
unsuspecting channels such as
IRC, Twitter, IM, etc.
Very hard to fight
Confidentiality of Data

Cryptography
Steganography

On the Internet

 Secure
 HTTPS
Socket Layer / Transport Layer Security
Cryptography




Encryption: converts human-parseable information
into unintelligible gibberish
Decryption: the opposite
Cypher: pair of algorithms for encrypting and
decrypting information
Ancient “art” used prominently in WWII
MD5 Hashes


Message Digest algorithm 5
Transforms an arbitrary-length message into a
128-bit value
 One


way function
Used widely for everyday cryptography
Proved not very secure, collisions
MD5 Hashes


MD5("The quick brown fox jumps over the lazy dog")
= 9e107d9d372bb6826bd81d3542a419d6
MD5("The quick brown fox jumps over the lazy dog.")
= e4d909c290d0fb1ca068ffaddf22cbd0
Typical MD5 use


Password encryption for storage and network
Example: OpenSim passwords
 http://beta.opensimulator.org/node/56
Dictionary Attack

Attempt at deciphering passwords by using words
from a dictionary
 Brute-force

or probabilistic
Given 9e107d9d372bb6826bd81d3542a419d6
 Try
MD5(words) and compare the hash
Dictionary Attack Counter-Measure

Salts: append MD5(password) with an arbitrary
(long) number, and hash that
 Result
= MD5(MD5(password) : salt)
 Need to keep the salt around for password verification

Example: OpenSim passwords
Main Lesson about Passwords


Avoid transmitting and storing naked passwords!
Next: transmitting confidential data over the
Internet
Remember Wifi?
POST /wifi/login HTTP/1.1
Hostname: …
Content-Type: …
Content-Length: …
METHOD=login&firstname=foo&lastname=bar&password=hereismypassword
Naked transmission!
Attacks

Eavesdropping
 Remember

all routing that happens on the Internet
Man-in-the-middle
 Malicious
server pretends to be target server
Encryption of data

JavaScript-encrypt before sending
 Application

overhead
Use Transport Layer Security (TLS)
SSL/TLS


Extra pieces of transport-layer protocol for
negotiating cyphers and ensuring authentication of
the server
Bottom line:
 Payload
data is encrypted before sending, decrypted
upon reception
HTTPS = HTTP + SSL/TLS
POST /wifi/login HTTP/1.1
Hostname: …
Content-Type: …
Content-Length: …
METHOD=login&firstname=foo&lastname=bar
&password=hereismypassword
Unintelligible gibberish
HTTPS = HTTP + SSL/TLS

https:// instead of http://

Uses port 443 by default instead of port 80