lecture 7, 20-771: computer security, fall 2002 1 20-771: computer security lecture 6: privacy, csp...
TRANSCRIPT
Lecture 7, 20-771: Computer Security, Fall 2002 1
20-771: Computer SecurityLecture 6: Privacy, CSP & Review
Robert Thibadeau
School of Computer Science
Carnegie Mellon University
Institute for eCommerce, Fall 2002
Lecture 7, 20-771: Computer Security, Fall 2002 2
Today’s lecture
• Unix Access
• Nestor 30th. XML and XML Security
Lecture 7, 20-771: Computer Security, Fall 2002 3
This Week
Mid Term on Wednesday
Essay / Closed Book!Know IPAAA(A) and be ready to analyze and
synthesize using it.Know Crypto Elements and be able to use them.
Know how a X.509v3 Cert works as a DeviceKnow TLS – DH vs RSAKnow Unix Access Model
Have done your Linux Task
Lecture 7, 20-771: Computer Security, Fall 2002 4
The How-Toof Computer Security
• Integrity – Is it what it represents itself to be?
• Privacy – Is it hidden from those without a right to see it?
• Authentication – Is it from who it pretends to be from?
• Authorization – Is it provided to who it is supposed to be provided to?
• Auditability – Do I have a record of how it was used?
• Availability – Is it there (Usually Integrity…)?
It : the service or the total data, program, machine, facility, network that is secure – whose intention is being protected.
Lecture 7, 20-771: Computer Security, Fall 2002 5
IPAAAAfor messages
• Integrity (message integrity : it is the message sent or the one it was)
• Privacy (message is secret : it can’t be spied)
• Authentication (source and recipient are who they say they are)
• Authorization (recipient is permitted to read : source is permitted to send)
• Auditability (the message can be proven to be passed successfully)
• Availability? (the message was not blocked in passage)
Lecture 7, 20-771: Computer Security, Fall 2002 6
IPAAAAfor Login Access
• Integrity – (login integrity : it is the login it pretends to be – change in transit or
trojan horse login)
• Privacy – (login is secret : it can’t be spied)
• Authentication – (source is who he says he is?)
• Authorization – (login accomplishes access permissioning perfectly?)
• Auditability – (do I have a record?)
• Availability? – (does it reliably take the login and reliably give you access?)
Lecture 7, 20-771: Computer Security, Fall 2002 7
Other things to Secure?
Lecture 7, 20-771: Computer Security, Fall 2002 8
Crypto ToolkitPUBLIC KEY
ONE KEY OPENSOTHER KEY CLOSES
ONE KEY PUBLICONE KEY PRIVATE
Also called “asymmetric” and “trap door”
PUBLIC KEY Send ONLY TO YOU(public key closes)
PUBLIC KEY - SIGNINGReceive ONLY FROM ME
(public key opens)
PRIVATE KEYONE KEY OPENS AND CLOSES
Also called “symmetric”
PRIVATE KEYVery Fast – Very Very Secure if
Key, 128 bits, Used Once
PRIVATE KEYTakes care of all problems if you know only you and me have the
key.
HASH FUNCTIONMAKES ANYTHING ONE SIZE
Also called “digest” HASH FUNCTIONIf Signed Proves: INTEGRITY and
AUTHENTICITY
CHALLENGE RESPONSECHALLENGE RESPONSE
Proves you know something RIGHT NOW
Lecture 7, 20-771: Computer Security, Fall 2002 9
X.509v3
Self Signed
Certificate AuthoritiesCertificate Authorities
Device AuthoritiesDevice Authorities
Other Authorities (Program, Mail, etc.)Other Authorities (Program, Mail, etc.)
Lecture 7, 20-771: Computer Security, Fall 2002 10
Microsoft CAPI/CSP
• Cryptographic Application Program Interface (CAPI)
• Cryptographic Service Provider (CSP)– Windows Logon
– File Encryption/Decryption
– IPSec (IP Security Protocol) – virtual private network
– SSL/TLS – HTTPS
– Authenticode
• CAPI is the only thing allowed to call the CSP– CSP can also be replaced with crypto hardware, including smart
cards (smart cards are CSPs.)
• Unix/Java world: RSA PKCS#11 Cryptoki Protocol (same as CSP).
Lecture 7, 20-771: Computer Security, Fall 2002 11
Interface Device Interface Device (IFD)(IFD)
CSPISO 7816 + PC/SC ICC Smartcard
PC or ServerPC or Server
ICCICC(Integrated(Integrated
CircuitCircuitCard)Card)
IFD IFD HandlerHandler ICC Resource ICC Resource
ManagerManager
Service ManagerService Manager(CSP)(CSP)
Interface Device Interface Device (IFD)(IFD)
ICCICC(Integrated(Integrated
CircuitCircuitCard)Card)
IFD IFD HandlerHandler
Crypto APICrypto API
Windows and other ApplicationsWindows and other Applications
Lecture 7, 20-771: Computer Security, Fall 2002 12
CSP Functions
• CPAcquireContext Takes in table of function pointers and string identifying CSP container name. Returns handle to CSP for use by all other CSP.DLL functions.
• CPReleaseContext Releases context referred to by hProv handle. (Disconnects from CSP.)
• CPGenRandom Fills buffer with cbLen random bytes.
• CPGenKey Takes algorithm identifier for algorithm that will use this key. Generates and returns handle to a new key.
• CPDeriveKey Generates cryptographic session key using a hash of base data. Returns key handle, given handle to base data and an algorithm ID.
• CPDestroyKey Destroys key referenced by hKey handle.
Lecture 7, 20-771: Computer Security, Fall 2002 13
CSP
• CPEncrypt/CPDecrypt Takes data, key handle, and optional hash handle. Encrypts or decrypts data in buffer.
• CPCreateHash Takes algorithm ID and optional key handle. Returns handle to hash object.
• CPHashData Hashes data buffer using hash object hHash.
• CPHashSessionKey Similar to CPHashData, but hashes key referenced by hKey instead of a raw data buffer.
• CPSignHash Takes signing key pair (dwKeySpec) and hash object (hHash), returns signed hash in a data buffer.
• CPDestroyHash Destroys hash object referenced by hHash.
• CPVerifySignatureTakes public key, hash object, and signature data buffer. Verifies signature and returns Boolean response (valid signature or not).
Lecture 7, 20-771: Computer Security, Fall 2002 14
CSP
• CPGetUserKey Gets a handle to a permanent user key, given key specification (dwKeySpec).
• CPExportKey Securely exports key (hKey) in a blob encrypted with the public exchange key (kPubKey)
• CPImportKey Takes key blob and handle to exchange public key of destination user. Returns handle to imported key.
Lecture 7, 20-771: Computer Security, Fall 2002 15
CSP Parameters• (p)hProv Handle to Cryptographic Service Provider. Required in all CSP.DLL functions.• (p)hKey Handle to a cryptographic key. Can be generated, derived or imported. Can be
destroyed, exported, or have its parameters modified. Used to encrypt, decrypt, and create hashes.
• (p)hHash Handle to hash object. Used in encrypt, decrypt, and signature/verification functions.
• hBaseData Data used to derive session key in CPDeriveKey.• hPubKey Public exchange key for key blob import and export, and signature verification.• Algid Specifies algorithm for generating or deriving keys, or creating hashes. For session
keys: RC2, RC4, or DES. For key pairs, EXCHANGE or SIGNATURE (key pair type). • dwBlobType Specifies type of key blob to create when exporting a key. SIMPLE,
PUBLICKEY, PRIVATEKEY, or OPAQUEKEY.• dwKeySpec Specifies EXCHANGE or SIGNATURE, the type of key pair to be used. Used to
sign hash and to get a permanent user key pair.• pbSignature/(p)cbSigLen Signature data buffer and length, used for signing and verification
of hashes.• szDescription Description of data to be signed or verified. Use not recommended.• phUserKey Handle to a permanent user key.• szContainer String identifying CSP container name to acquire (used for acquiring CSP
context).• pVTable Table of pointers (VtableProvStruct) to callback functions (used for acquiring CSP
context).• cbBufLen/cbLen/pbBuffer/pbData/(p)cbDataLen Buffers and lengths for various different
purposes • dwFlags Flags to customize operation of most CSP functions. Purpose differs for each
function.• dwParam Specifies parameter to get or change. Usually sets or uses values in a data
buffer.
Lecture 7, 20-771: Computer Security, Fall 2002 16
Windows, Unix, etc etc…
Lecture 7, 20-771: Computer Security, Fall 2002 17
Break!
Lecture 7, 20-771: Computer Security, Fall 2002 18
InformationPrivacy
•Technology •Law
No matter how much you want to, you can’t get
technology out of privacy or the law out of privacy
Lecture 7, 20-771: Computer Security, Fall 2002 19
Reasons
• There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private.
– Therefore the Law becomes Indispensible
• Technology – actually the computer – will always surprise you : The Turing Principle
– Therefore Technology cannot be frozen to a form
• Technology – you need locks on the doors and policing of the laws
– This requires Technology
Lecture 7, 20-771: Computer Security, Fall 2002 20
The Cookies Privacy Violation
Technology will Surprise You
DoubleClick
A Web Page has many Objects on it Each Object can put a cookie on your
machine
Lecture 7, 20-771: Computer Security, Fall 2002 21
Reasons
• There is no technically perfect solution possible : Thomas Jefferson’s notion of public and private.
– Therefore the Law becomes Indispensible
• Technology – actually the computer – will always surprise you : The Turing Principle
– Therefore Technology cannot be frozen to a form
• Technology – you need locks on the doors and policing of the laws
– This requires Technology
Lecture 7, 20-771: Computer Security, Fall 2002 22
Core Privacy Technology :Digital Contracts
• Technologists agreeing that there is no option but to have digital contracts
• Digital contracts can become the practice from which law evolves
– So the “Liability Regime” and the “Contract Regime” actually go hand in hand from a technology perspective.
P3P (www.w3.org/p3p) Semantics for the contract – what information, for what intended use, what will be done with it, what are my remedies,
Lecture 7, 20-771: Computer Security, Fall 2002 23
ISTPA.org Framework
PI Container (PIC)
PI Contract
PI
Intended Use
Credentials
PoliciesConditionsPermissions
Identity CredentialsSignature
Lecture 7, 20-771: Computer Security, Fall 2002 24
ISTPA.org Framework
Legal, Regulatory, and Policy Context
Security Foundation
Agent
Control
Interaction
Negotiation
Data Subject Data Requestor
Usage
PI, Preferences& PIC Repository
Agent
Control
Interaction
Negotiation
PIC Repository
PIContainer
(PIC)
EnforcementAuditCertificationValidation
Assurance Services
Lecture 7, 20-771: Computer Security, Fall 2002 25
Privacy Server Protocol at CMUhttp://yuan.ecom.cmu.edu/psp
1.bilateral and negotiated agreements between client and server using HTTP or HTTPS.
2.agreements that have scope in time (a start and expiration),
3.agreements that have scope over digital and non-digital interactions (including mail and phone contacts),
4.agreements that cannot be repudiated 5.agreements that can be indexed by
the server using server-only Privacy Universal Identifiers (PUIDs).
Lecture 7, 20-771: Computer Security, Fall 2002 26
More Review
Lecture 7, 20-771: Computer Security, Fall 2002 27
Access• User and Group Access Rights is the Basis
for Unix Security AND Windows 2000 Security!
– Read, Write, Execute on a file/directory/device
• The biggest TCO (total cost of ownership) in a computer system is administering and working with access control.
– Because things just don’t work until you get the access rights working properly
– People think it is something wrong with the program when it is really just the security environment that is set wrong.
• A GREAT REASON to REALLY LEARN YOUR ACCESS CONTROL SYSTEM!
Lecture 7, 20-771: Computer Security, Fall 2002 28
Bits
• 010 = 2 =~ 020 (if you know these are bits!)
• 100 = 4 =~ 400
• 4577 (100 101 111 111)
• 4755 (100 111 101 101) – very common for executables
Lecture 7, 20-771: Computer Security, Fall 2002 29
Unix Access Protections• What has access protections u-rwx g-rwx o-rwx?
– Files – Directories– Devices (/dev/)– Programs (must have execute bit set).
• All these have ONE user and ONE group that owns them.• Each User is ONE user and ONE DEFAULT group but many group memberships.• Types of protections applied when creating/modifying
– User : rwx (u-rwx, -rwx------, or 0700)– Group : rwx (g-rwx, ----rwx---, or 0070) – other members of user’s group– Other : rwx (o-rwx, -------rwx, or 0007)– A directory : d (d--------- -> set automatically by file system)– SGID : (-----s--- or 2000) inherit group protections– umask 002 : automatically let everybody in group rwx
» Need private user group : user mary, group mary if umask 002 not 022.• A user can be a member of many groups but only the primary defaults to write unless
directory permission is set to overcome user permission (sgid bit set on directory).• When access is provided to a group, every member gets it.
Lecture 7, 20-771: Computer Security, Fall 2002 30
Unix Access Control Model
FileFilerw(x/s)rwxrw(x/t)rw(x/s)rwxrw(x/t)
DirectoryDirectorydrwxrw(x/s)rwxdrwxrw(x/s)rwx
DevicesDevicesSome-other-time..Some-other-time..
YOU!YOU!
User aUser a
Group aGroup a
Group b..Group b..
Access Control List/VectorAccess Control List/Vector
umask 022umask 022
77SpecialSpecial sstsst
77UserUser
uurwxrwx
77GroupGroup
ggrwxrwx
77OtherOther
oorwxrwx
User aUser a
Group bGroup b
Execute Create Execute Create Delete xDelete x
User aUser a
Group bGroup b
Lecture 7, 20-771: Computer Security, Fall 2002 31
Access Control Commands
• ls –l ; shows ACLs on files, directories, devices
• chmod o+rw file ; changes ACL on files, directories, devices
• groupadd group ; adds a group• gpasswd –a user group ; adds a user to a
group• chgrp user group ; changes the DEFAULT
group of a user.• touch file ; causes your ownership to go to
file• umask 002 ; changes your creation mask
Lecture 7, 20-771: Computer Security, Fall 2002 32
Special Bits do ONE thing eachdrwsrwsrwt
• 4 Set User ID : causes an executable file (a program) to go into the access permissions of the owner of the file (note, group or OTHER could execute it!) not the person executing it.
• 2 Set Group ID : causes a new file that is being created in a directory to have the group ID of the directory, not the person (User) that is creating the file.
• 1 Sticky Bit : Causes a new file that is being created in a directory to not be deletable by just anybody in that directory but by the user who created the file. The file is ‘sticky’ because not-just-anybody can delete it.
Lecture 7, 20-771: Computer Security, Fall 2002 33
umask
• Applies only when you are creating (touching, modifying) a file (directory, device…)
• 022 is the general default : only you can write a file but everybody else can read and execute it. It is a mask on the file settings given by environment.
• 002 lets everybody in your group write the file.
• 000 lets everybody write the file.• 277 lets only you read and execute (safety)• Just type “umask 277” in a shell window and
now when you make a file, it will have these attributes.
Lecture 7, 20-771: Computer Security, Fall 2002 34
Special Unix Users
• Root can do anything except when he has protected himself, but he can change the self protections
• User -> can do what he is allowed to do by his who he is, his group memberships, and the file/directory/device ACLs
• Special Groups -> wheel
Lecture 7, 20-771: Computer Security, Fall 2002 35
Some Peso default user-groups/etc/group
• GROUP : passwd : GID : user list
• root:*:0:maint,operator,root,sync
• bin:*:1:bin,anon,daemon,root
• daemon:*:2:bin,daemon,root
• sys:*:3:bin,adm,root
• adm:*:4:adm,daemon,root
• lp:*:7:lp,daemon
• wheel:*:10:root
• mail:*:12:mail,mmdf
• opr:*:13:halt,opr,reboot,shutdown,news
• news:*:13:halt,opr,reboot,shutdown,news
• uucp:*:14:uucp