access controls szabist – spring 2012. access controls this chapter presents the following: ...
TRANSCRIPT
Access Controls
This chapter presents the following:
Identification methods and technologies Authentication methods, models, and
technologies Discretionary, mandatory, and nondiscretionary
models Accountability, monitoring, and auditing practices Intrusion detection and prevention systems Possible threats to access control practices and
technologies
Access Controls – An Overview Access controls give organizations the
ability to control, restrict, monitor, and protect resource availability, integrity, and confidentiality.
Examples of Access Controls?
Identification, Authentication, Authorization,and Accountability
Identification – Should have necessary credentials? Public Information - User ID
Authentication – Are credentials correct? Private Information - Password, smart token, PIN
Authorization – Once authenticated. Are you authorized to access?
Accountability – You are liable for all the actions performed.
Now Example!!!!
Identification, Authentication, Authorization,and Accountability
Identification Component Requirements should be unique, for user accountability should not be shared between users
Authentication Two / Three Factor Authentication
something a person knows, something a person has, and something a person is.
Identity Management
“Identity management is a broad term that encompasses the use of different products to
identify, authenticate, and authorize users through automated means”.
What are Identity Management Solutions?
Identity Management
The following are many of the common questions enterprises deal with today in controlling access to assets: What should each user have access to? Who approves and allows access? Do former employees still have access? How do we keep up with our dynamic and ever-changing environment? What is the process of revoking access? How is access controlled and monitored centrally? Why do employees have eight passwords to remember? We have five different operating platforms. How do we centralize
access when each platform (and application) requires its own type of credential set?
How do we control access for our employees, customers, and partners?
What is the traditional process to grant access over the systems? ACLs , Profiles???
Identity Management Solutions Refer to the Diagram ‘IDENTITY MANAGEMENT’!!! Main goals of identity management (IdM)
technologies are: to streamline the management of identity,
authentication, authorization, and the auditing of subjects on multiple systems throughout the enterprise.
Identity Management
Identity Management TechnologiesIDENTIFICATION and
AUTHENTICATION Following are the types of technologies
at least you should be aware of: Directories Web access management Legacy single sign-on Account management Profile update
IDENTIFICATION – (contd.) Working of Directory Services
LDAP Meta Directory
Identity Management Technologies
IDENTIFICATION – (contd.) Web Access Management
Communication Process Cookies??
Identity Management Technologies
AUTHENTICATION – (contd.) Biometrics
Physiological – “What you are?” Behavioral – “What you do?”
Type 1 Error (False Rejection Rate) Type 2 Error (False Acceptance Rate)
Minimize both the errors specially Type 2 Crossover Error Rate (CER)
Percentage / Ratio of Type 1 and Type 2 A lower of CER represent more reliability of system
Identity Management Technologies
AUTHENTICATION – (contd.) Various Biometric Technologies
Finger Print Palm Scan Hand Geometry Retina Scan Iris Scan Signature Dynamics Keystroke Dynamics Voice Print Facial Scan Passwords
What are the possible attacks on Passwords?
Identity Management Technologies
AUTHENTICATION – (contd.) Various Biometric Technologies
Finger Print Palm Scan Hand Geometry Retina Scan Iris Scan Signature Dynamics Keystroke Dynamics Voice Print Facial Scan Passwords
What are the possible attacks on Passwords Electronic monitoring, Access the password file, Brute
force attacks, Dictionary attacks, Social engineering; etc
Identity Management Technologies
AUTHENTICATION – (contd.) Password
Passwords Protection Mechanism Password Hashing and Encryption (Encryption will be discussed in
later chapters) MD4 and MD5
One time Password Token Device / Secure IDs
Identity Management Technologies
AUTHENTICATION – (contd.)
Cryptographic Keys
Passphrase
Smart Cards Smart Card Attacks?
Fault Generation Side Channel Attacks Microprobing
Identity Management Technologies
AUTHORIZATION a two-step process that determines whether an
individual is allowed to access a particular resource. Access Criteria
Roles Groups Physical and Logical Locations Time of day Temporary Access Transaction Type Default to No Access!! Need to Know Access.
AUTHENTICATION and AUTHORIZATION KERBEROS
designed in the mid-1980s as part of MIT’s Project Athena.
Provides end to end security in a client/server model and is based on symmetric key cryptography
Initially developed and used in UNIX systems Currently the default authentication method for
Microsoft OS, Apple’s Mac OS X, Sun’s Solaris, and Red Hat Enterprise Linux
Main Components in Kerberos
AUTHORIZATION KERBEROS
Working of Kerberos User enters the authentication credentials into the Kerberos software
installed on user’s computer. Username is sent to the authentication service (AS) on the KDC, which in turn sends an initial ticket that is encrypted with user’s password (secret key).
If the password is correct, then the ticket is decrypted and user gains access to the local workstation.
When user needs to send a print job to the print server, the system sends the initial ticket to the ticket granting service (TGS) which runs on the KDC. (proves that user is authenticated and allows to request access to the print server.)
The TGS creates and sends a second ticket to user, which will be used to authenticate to the print server.
AUTHORIZATION KERBEROS - Working of Kerberos
This second ticket contains two instances of the same session key, one encrypted with user’s secret key and the other encrypted with the print server’s
secret key. Also contains an authenticator, which contains identification information of user, the system’s IP address, sequence number, and a timestamp.
User’s system receives the second ticket, decrypts and extracts the session key, adds a second authenticator set of identification information to the ticket, and sends the ticket to the print server. The print server receives the ticket, decrypts and extracts the session key, and
decrypts and extracts the two authenticators in the ticket. If the printer server can decrypt and extract the session key, it knows the KDC created the ticket, because only the KDC has the secret key used to encrypt the session key. If the authenticator information that the KDC and the user put into the ticket matches, then the print server knows it received the ticket from the correct principal.
Once this is completed, it means user is properly authenticated to the print server and the server prints the document.
AUTHORIZATION KERBEROS
Weaknesses of Kerberos Open architecture therefore interoperability issues The KDC can be a single point of failure. If the KDC goes down, no one
can access needed resources. Redundancy is necessary for the KDC. The KDC must be able to handle the number of requests it receives in a
timely manner. It must be scalable. Secret keys are temporarily stored on the users’ workstations, which
means it is possible for an intruder to obtain these cryptographic keys. Session keys are decrypted and reside on the users’ workstations, either
in a cache or in a key table. Again, an intruder can capture these keys. If the keys are too short, they can be vulnerable to brute force attacks.
AUTHORIZATION SESAME (The Secure European System for
Applications in a Multi-vendor Environment) Extension to KERBEROS functionality Uses symmetric and asymmetric cryptographic
techniques to authenticate subjects to network resources.
Assignment 2
Thin Clients
Access Control Models
Mandatory Access Controls (MAC)
Discretionary Access Controls (DAC)
Role Based Access Controls (RBAC)
Access Controls Administration Centralized Access Control
Administration
Decentralized Access Control Administration
Accountability
Accountability is tracked by recording user, system, and application activities.
Auditing capabilities ensure users are accountable for their actions. System-level events Application-level events User-level events
Review of Audit Information Protecting Audit Data and Log Information
Access Controls Monitoring
Intrusion Detection System (IDS) Network Based IDS (NIDS)
Identify attacks within the monitored network and issue a warning to the operator.
If placed between the Internet and the firewall, it will detect all the attack attempts, whether or not they enter the firewall.
If placed between a firewall and the corporate network, it will detect those attacks that enter the firewall (it will detect intruders).
Host Based IDS (HIDS) Configured for a specific environment and will monitor various
internal resources of the operating system to warn of a possible attack.
They can detect the modification of executable programs, detect the deletion of files and issue a warning when an attempt is made to use a privileged command.
Access Controls Monitoring
Intrusion Detection System (IDS) – contd.HIDS and NIDS can be one of the following types: Signature-based
Pattern matching Stateful matching
Anomaly-based Statistical anomaly–based Protocol anomaly–based Traffic anomaly–based
Rule- or Heuristic-based
A Few Threats to Access Controls Dictionary Attacks
Countermeasures Do not allow passwords to be sent in cleartext. Encrypt the passwords with encryption algorithms
or hashing functions. Employ one-time password tokens. Use hard-to-guess passwords. Rotate passwords frequently. Employ an IDS to detect suspicious behavior. Use dictionary cracking tools to find weak
passwords chosen by users (Ethical Hacking).
A Few Threats to Access Controls Brute Force Attacks
Countermeasures
Perform brute force attacks to find weaknesses and
hanging modems (internal penetration testing).
Monitor and audit for such activity.
Employ an IDS to watch for suspicious activity.
Set account lockout thresholds.
A Few Threats to Access Controls
Spoofing at Logon
Fake logon screen
Fake error message will appear
Phishing
Type of social engineering
www.amazon.com might become
www.amzaon.com
A Few Threats to Access Controls
Countermeasures Be skeptical of e-mails indicating you must make changes to
your accounts, or warnings stating an account will be terminated if you don’t perform some online activity.
Call the legitimate company to find out if this is a fraudulent message.
Review the address bar to see if the domain name is correct. When submitting any type of financial information or
credential data, an SSL connection should be set up, which is indicated in the address bar (https://) and a closed-padlock icon in the browser at the bottom-right corner.
Do not click an HTML link within an e-mail. Type the URL out manually instead.