Security potpourri
description
Transcript of Security potpourri
1
Security potpourri
INF 123 – Software [email protected]
(Slides from Dick Taylor and Crista Lopes)
2
Potpourri
3
4
Outline
• Definitions• Common security design decisions• Trust between users• Practical guidelines
5
DEFINITIONS
6
Security
• Non-functional property• Protection aimed at preserving the system’s:
– integrity, – availability, – and confidentiality.
• (Definition from the National Institute of Standards and Technology)
7
Confidentiality
• Only authorized parties can access the information
• Breach
8
Integrity
• Authorized parties can manipulate information only in the authorized ways
• Corruption
Denethor is only a steward, but he acts like a king.(He should not.)
9
Availability
• Authorized parties can access resources on all appropriate occasions
• Denial of service
10
SECURITY DESIGN DECISIONS
11
Common security design decisions
• Principle Of Least Authority – POLA• Separation of privilege• Complete mediation• Fail-safe defaults• Access control• …
12
POLA
• AKA Principle of Least Privilege• Do not give to a component more privilege
(data, visibility, CPU time, bandwidth, …) than it needs
13
POLA
Something shiny!Don’t touch it!
14
POLAWhat do you think of Sauron?
He’s a good guy!
I shouldn’t say more…
That’s not in the script …
15
Separation of privilege
• Goal: avoid exploitation of privilege• Run different actions in different modes• Example:
– network.py needs to go through the firewall– view.py does not– Open port only for network.py
16
Complete mediation
• Make sure every access is permitted
Accesscontrol
data
Frodo’s path
Mordor checkpoints
So easy …
17
Fail-safe defaults
• Deny access if explicit permission is absent• Be paranoiac
I don’t trust him, Mr Frodo.
18
Access control
• Decide whether access to a protected resource should be granted or denied
• Discretionary access control– Based on the identity of the requestor, the
resource, and whether the requestor has permission to access
• Mandatory access control– Policy based
19
Discretionary Access ControlDatabase A Component Q Interface F
Alice Read-Write; Always
Bend Yes
Bob Read-Write;Between 9 and 5
Fold No
Charles No access Spindle No
Dave No access Mutilate Yes
Eve Read-only; Always
None No
20
Mandatory Access Control
• Bob: Secret• Alice: Confidential• Tom: Top Secret
21
TRUST BETWEEN USERS
22
23
Example: Ebay
• Open decentralized application
• Independent buyers/sellers
• Potentially malicious participants
• Need to counter threats Marvin
(malicious)
Carol
Bob
Alice
Mallory(malicious)
DecentralizedAuctioning
24
Trust and security
• Trust is not binary– You trust some people– About some topics– For some time
• Many security threats exploit human nature– Social engineering
25
Security and trust
No trust Blind trust
Computermeasures
Socialmeasures
26
ImpersonationBob
Alice
Mallory(malicious)
“I am Bob”
Bob is reliable and everyonehas a good opinion about Bob
27
Fraudulent Actions
Alice “buyer”
Alice paysfor the items
Marvin “seller”(malicious)
Marvin doesnot ship the items
28
MisrepresentationBob
Alice
Mallory(malicious)
“Bob is unreliable”
Bob is reliable and everyonehas a good opinion about Bob
29
Collusion (!= collision)Bob
Alice
Mallory(malicious)
“Bob is unreliable”
Bob is reliable and everyonehas a good opinion about Bob
Marvin(malicious)
30
Addition of UnknownsCarol
(new entrant in the system)
Bob Alice
Bob has no informationabout Carol; he is not sure
whether to interact with Carol
Carol is new and does notknow Alice; she is not sure
whether to interact with Alice
31
PRACTICAL GUIDELINES
32
In practice
• Never-ending game of:– Find vulnerability– Attack– Fix– Repeat
• No system is 100% secure• Least common denominator: A system is as
secure as its least secure component
Intermezzo: MD5
• Message Digest algorithm 5• Transforms an arbitrary-length message into a
128-bit value– One way function
• MD5("The quick brown fox jumps over ") = 9e107d9d372bb6826bd81d3542a419d6
• MD5("The quick brown fox jumps over.") = e4d909c290d0fb1ca068ffaddf22cbd0
34
Intermezzo: MD5 dictionary attack
• Goal: recover passwords from their encryption• Brute-force
– Given 9e107d9d372bb6826bd81d3542a419d6– Iterate over MD5(words) and compare the hash
• Dictionary attack– Rainbow tables: map MD5 to common passwords
• { 9e107d9d: ‘password’, 6826bd85: ‘qwerty’, … }– http://www.cbsnews.com/news/the-25-most-com
mon-passwords-of-2013/
35
Least common denominator: example
• MD5 encryption for passwords• Hash of passwords stored in DB• But root DB password is ‘password’ • Dictionary attack• Attacker knows all passwords
36
Solutions
• MD5 with salt – MD5(password + salt) instead of MD5(password)– Prevent rainbow attack– But need to keep the salt around
• How do you protect the salt?
• Better password• MD5 has collisions: use SHA1 instead of MD5
37
HTTPS = HTTP + SSL
• Send HTTP request to server• Problem: Eavesdropping• Problem: Man-in-the-middle
– Malicious server pretends to be your server• Solution: encrypt transmitted data
POST /home/login HTTP/1.1Hostname: …Content-Type: jsonContent-Length: 26{ name:foo, password:OMG }
1d5fs#d3R6[5wgfr48rs&g=24fg+3t2fgfdC5.3gdf*453gdfg241df3%2gdDf1we&4w*e348sf48q6xwBas2Aa213dJE
SSL
Encrypt headers and payload, but not (IP, port) (the attacker already knows my IP and that of the server to do a MITM attack)
38
Practicality
• Sometimes the human is the least common denominator
39
Password reuse
40
Password vs passphrase
41
Sanitize inputs
Solution: escape dangerous characters (replace ‘ by \’ or by space)PHP: mysql_real_escape_string
42
Think about the problem first …
Voting machines download executables from the Internet???Yes, because they run on normal computers, with Windows OS, not as purpose-built embedded systems like ATMs.