Operational Issues, Standards and Privacy

Transcription

1 Operational Issues, Standards and Privacy Sathya Rao, Telscom, Switzerland 10 May 2004, INET 2004, Barcelona Security for the pervasive computing world

2 The Security Picture Application Security Network Security Host Security Authentication Authorization PKI Content Filtering Dangerous code Encryption Signatures Biometrics SSL, SSH Payment Security Digital Rights Mgmt Database security Web services Firewalls Access Control Virus Protection Intrusion Detection Encryption Integrity checks Sign-on IPSEC Sniffers Log aggregation Managed Services Routers, switches, Monitors Operating systems System calls Disk utilities Encryption Sign-on Passwords APIs Device drivers User permissions Configurations Software bug Patches 2

3 What happens on the network Known attacks Unknown attacks Worm-generated traffic Normal Application traffic Internal breaches Outsiders sniffing Unknown harmless traffic Erroneously routed traffic Incomplete connections junk Administration And Management traffic Network Events 3

4 Towards a Better Network Security intelligence technologies will supply organizations with better understanding and therefore better management of their networks Security as well as productivity call for networks to manage traffic better - Security feature is desired by all users - Trust built by providing secure network and application, network infrastructure can make a lot of difference in winning customers Application models moving faster than the security models The jump from client-server applications to web-based applications came with a large increase in security breaches The current security model still lags behind the needs of the web. The overall security of the system now would depend on the security of many more networks and protocols: SEINIT addresses these The overall security goes way beyond VPN and IPSEC 4

5 Trust and the New World How do we trust: individuals, machines, networks, applications,. Transitive trust is a big problem in Internet-based applications Hacking patterns tell us: Networks are very vulnerable Most networks are mis-configured Attacks don t make use of an open Internet, rather they make use of badly-run networks connected to the Internet - Application implementations do not provide for an end-to-end authentication - The overall trust level depends on every node being un-compromised - The security issue is that if any node is compromised then the trust is basically lost 5

6 Managing Security Operational View The operational aspect of security is the cause of the vast majority of security problems Mis-configured computers Wrong patch levels applied Careless or non-existent policies for users and machines Day-to-day managing of the important assets needs more attention 6

7 Identifying the security weaknesses inherent within the IP protocol Open Transport Policy of IP-Protocol: Nothing in the IP protocol stack limits the set of hosts that can establish connectivity to another host on an IP network. Attackers rely upon this fact to establish connectivity to upper-layer protocols and applications on internetworking devices and end hosts. Security Features of the Internet Protocol are mostly late additions and optional in their use: - authentication - encryption - security enforcement 7

8 Identifying the security weaknesses inherent within the IP network Security Policies therefore have only limited scope in the network and need to be enforced at central points in the network Problem: Architecture, Implementation, Interoperation, Operation Most attacks are targeted at application layer Stack overflow attacks (on network services such as BIND, and other programs) Platform monoculture Poorly secured network protocols (plaintext passwords, weak authentication mechanism such as in SNMP) Collapsed control and data plane 8

9 Attacks on Network Protocols Different kind of attacks on network protocols: Reconnaissance Analysis of infrastructure (subnet host population) Traffic analysis Intrusion Attacker is gaining unauthorised access to available network services in order to exploit/make illegitimate use of these services Disruption of Service Exploit weaknesses in implementations/protocols to cause service disruption for legitimate users 9

10 Attacks on Network Protocols General Protection Measures: Reconnaissance Hide network configuration from attacker Encrypt traffic that needs to pass untrusted networks Filter ICMP Messages Implement IPv6 with much larger Subnet Size Deploy IPSec 10

11 Attacks on Network Protocols General Protection Measures: Intrusion Harden network protocols that might be abused Deploy only necessary services Keep up-to-date with latest security issues (CERT) Use effective authentication and access control Use Firewalls and Access Control Lists to control legitimate access Implement Network Edge and Host based solutions Use IPv6 site-local addressing for services that do not need global connectivity Deploy IPSec for critical infrastructure 11

12 Attacks on Network Protocols General Protection Measures: Disruption of Service Structure network in protective domains Monitor network usage patterns Hide access to network services that need not be available from outside Deploy Intrusion Detection Systems (IDS) Use Firewalls and Access Control Lists to control legitimate access Implement Network Edge and Host based solutions Use IPv6 site-local adressing for services that do not need global connectivity Implement Network Ingress Filtering (RFC 2827) 12

13 Threats in UMTS UMTS Universal Mobile Telecommunications System Universal Mobile Telecommunications Security 3rd Party Service Provider 3rd Party VPN Server Gateways Core Network UTRANMobile Terminal Personal Area Network Personal Gadgets Link Layer Encryption 13

14 Threats - Extended Growing Number of features and network usages introduces new security threats: 1. Access to services for roaming/visiting users/business customers/internet users 2. WLAN and UMTS integration 3. MPLS network provisioning 4. Provisioning of Standard Components 5. Mobile IP 14

15 Access to Services Access to services for roaming/visiting users/business customers/internet users Makes it difficult to draw up protective domains Usage patterns are difficult to monitor and maintain Exposure of internal services to external threats 15

16 Access to Services Internet Packet Filter Web Server DNS Server Application Firewall DMZ Intranet Conventional approach: Draw up zones of protection, fence of these zones Limit: It is increasingly difficult to define perimeters in large clustered networks and guard them without disrupting service 16

17 Access to Services - Firewalls Packet Filter vs. Application Layer Gateways Packet Filter/Access Lists are easily deployed and supported by a wide range of equipment Application Layer Gateways provide more sophisticated inspection for malicious content and enforcing policies on visited host sites, etc.. However they need to be up-to-date and are a serious bottleneck for large scale deployment Ingress vs. Egress Filtering Normal firewall provisioning operates under the clear distinction between inside and outside networks Such distinction becomes meaningless in Mobile Networks where potential danger also comes from users on the inside. Policies need to reflect this issue. Distributed Firewalls might be needed. 17

18 WLAN-Integration WLAN networks mostly wide open to snooping and attacks Ideal starting point for network reconnaissance and active attacks Provided by 3 rd Parties Strict authentication of users difficult Threat potential depends on level of integration with existing 3G infrastructure: Authentication VPN-type access 18

19 WLAN-Integration with VPN type access IP Client IP-VPN Client VPN IPSec tunnel IP traffic 3G Operator WLAN Internet VPN Gateway X 3G Service Area 19

20 Encryption Understanding and solving the security : WLAN-Integration Secures Data Traffic in transit against tampering and inspection Authenticates the source of the traffic Provides proof that data originates from specific sender But: Does not help against security breaches in other areas/malicious code on host platform Encryption on network level captures most traffic, but is least user specific and vice versa Content filtering on encrypted traffic is difficult May affect network management 20

21 WLAN-Integration Application Layers (5-7) Application-Layer Security (SSL) Transport/Network Layers (3-4) Link/Physical Layers (1-2) Network-Layer Encryption (IPSec) Link-Layer Encryption Link-Layer (Kasumi) Encryption 21

22 MPLS network provisioning MPLS service provided by different Service Providers Core MPLS networks needs to be trusted Strict filtering (RFC3031) must be implemented at PE router to prevent label spoofing Adress space separation between different VPN users Routing protocol between CE and PE router might be a security risk Different MPLS scenarios have different security implications (draft-behringer-mpls-security-06.txt) 22

23 MPLS network provisioning MPLS VPN Security Virtual Circuits, not encrypted/authenticated VPNs architectural equivalent to a Layer 2 VPN (ATM/FR) Hiding the MPLS core structure/cloud from customers by using filtering, Packets are confined to respective VPN VPN partitioning done at routing layer - separate Virtual Routing and Forwarding instance (VRF), one routing table per VPN - on PE router, might be memory problem Deployment of IPSec for untrusted MPLS core (draft-guichard-cece-ipsec-00.txt) No protection against attacks, misconfiguration from/in the core, sniffer on core-router can see all traffic of the different VPN 23

24 MPLS network provisioning Inter Provider Backbone Inter-Provider Backbones (RFC 2547bis) form a single zone of trust Service Provider can insert traffic into wrong VPN Interconnection of networks using point-to-point link, as shared Layer 2 medium introduces potential security risks RR-A RR-B AS A CE1 PE1 LDP VPN A MP- ibgp LDP VPN B PE-ASBR1 PE-ASBR2 MP- ebgp LDP VPN A VPN AB MP- ibgp VPN B AS B PE2 CE2 24

25 Provisioning of Standard Components Intrusion Detection might be the right tool to monitor security incidents in Mobile Transmission Networks Conventional IDS have the problem of high noise/signal ratio in network log files. Slow and distributed attacks might be lost in between other data. Mobile Network have the advantage of clear identification of the users, comparatively low traffic Sensors in different network regions gather use statistic and log s, combined evaluation necessary to capture distributed attacks Underlying rules for capturing incidents must be flexible and adaptable Setting up Honey Traps to capture new attacks 25

26 Understanding and solving the security : Mobile IP Mobile IP is the way to handle mobility in All-IP networks However: Extended functionality introduces new security risks Stealing of sessions Denial of service Man-in-the-middle attacks Not yet reliably deployed and implemented 26

27 Security Analysis of Mobile IPv6 Possible Attack Scenario (1/2) Mobile IPv6 Attack by Spoofing of Binding Update Mobile Node Mobile Node: Sends BU to register his care-of address (CoA( CoA) Traffic can flow directly between Mobile Node and Correspondent ent Node Attacker Correspondent Node Attack Node: Sends spoofed BU to re-register register care-of address (CoA( CoA) ) of Mobile Node and changes Routing for the Traffic fic between Mobile Node and Correspondent Node 27

28 Security Analysis of Mobile IPv6 Possible Attack Scenario (2/2) Mobile IPv6 Attack by Spoofing of Binding Update Can be used as: DOS Attack (against Mobile Node and/or 3rd Party) Redirect Traffic Compromise Data Correspondent Node Mobile Node Mobile Node: direct communication is lost X Attacker Correspondent Node: Sends traffic to attacker or any other system on the Internet Victim of DOS attack 28

29 Security Analysis of Mobile IPv6 Proposed Security Measures Standardisation Status: IETF Draft (draft-ietf-mobileip-ipv6-24.txt) Requires the use of security mechanisms: Protection of Mobile IPv6 Signaling between Mobile Node and Home Agent (draft-ietf-mobileip-mipv6-ha-ipsec-06.txt) Registration of Care-Of Address with Home Agent secured via IPSec Return-Routablity Test for the authentication of Binding Updates send to the Correspondent Node Payload Packets Payload packets exchanged with mobile nodes can be protected in the same way as stationary hosts can protect them 29

30 Security Analysis of Mobile IPv6 Return Routeability: Step 1 Home Network Correspondent Node Home Agent Home Test Init sends Home Init Cookie via HA to CN IPSec Tunnel between HA and MN Mobile Node Care of Test Init sends Care-of Init Cookie directly to CN Foreign Network 30

31 Security Analysis of Mobile IPv6 Return Routeability: Step 2 Home Network A 20 byte Node Key is used to generate the crypto token Correspondent Node Home Agent IPSec Tunnel between HA and MN CN sends Home Test includes Home Init Cookie and Home Keygen Token Foreign Network Mobile Node Care of Test Includes Care-of Init Cookie and Care-of Keygen Token 31

32 Security Analysis of Mobile IPv6 Return Routability: Step 3 Binding Update: Correspondent Node Returned tokens are used to generate binding management key: Kbm = SHA1( home keygen token care-of keygen token) The binding update is generated and signed with Kbm The Correspondent Node can evaluate the Received Binding Update Mobile Node MN sends Binding Update to CN 32

33 Security Analysis of Mobile IPv6 Standardisation Issues: Challenges: IPSec Configuration: Traffic between must be routed via IPSec: Strict Filtering on Mobile IP-Message Level Currently only loose integration of Mobile IP and IPSec implementations, can not filter Home Address Destination option IPSec not generally deployed Draft requests an IPSec API to redirect Security Associations as Mobile Host moves potential security hole Computational burden: Conflict with 3G Mobile Node requirements Home Agent must be scalable and performant 33

34 Security Standards Most of the Internet Security standards are made in IETF - There are multiple working groups working - PKIX - PKI standards based on X.509, - IPSec - IP layer, Crypto-secure VPNs via AH and ESP - Key management protocol (IKE with authentication certificates) - Security policy language, negotiation, remote user access - TLS - IETF version of SSL (https(ms/netscape standard) is used - Transport certificates for server and client authentication - S/MIME - Support for certificates, secure based - Other activities - DNSSEC, V6OPS, etc.. 34

35 Standards Usage Though many standards are available usage of security protocols by users are limited due to interoperability problems -One of the best used security protocol is SSL/TLS(https) - Usage is mainly web based in e-commerce - Lots of open source tool kits - In-built into most of the browsers - No external help is required - Usage of SSH is also good - Well used among UNIX users - Can be deployed without external help - Mutual trust between the users -IPSec - Widely implemented but usage is limited (for VPNs) 35

36 Privacy Issues Authentication Vs. Anonymity - Trusted parties mutual authentication (can be anonymous) Consent Vs. Choice - Consent necessary for primary use of data Retention vs. Deletion -Retention for primary use of data - Deletion in the face of legal, regulatory and audit request Unharmonised Global legislation - Lack of uniform definitions (Spam, cookies, ) - Varying filing requirements - Nation, state level different legislation 36

37 Privacy Issues: Location based services - User identifiers and locations may be sensitive information - IP address is both identifier and location - Incidental spotting vs. systematic tracking - Simple technical measures often prevent systematic tracking; complete anonymity is a dream 37

38 Conclusions -Security is a very important feature for all - Should be easily visible, usable by the user to build the trust - Plug and play feature to be built to make it acceptable - Identifying the security threats and finding a solution - Most serious threats, possible fixing with low cost to use -The wireless and web-services directions call for more attention to securing data - at an order of magnitude difference - Present Security Standards are not accepted widely - Privacy is a matter of no answer 38