Login und Authentifizierung

Similar documents
We ve seen: Protection: ACLs, Capabilities, and More. Access control. Principle of Least Privilege. ? Resource. What makes it hard?

CS 392/681 - Computer Security. Module 5 Access Control: Concepts and Mechanisms

Protection and Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals

Server. Client LSA. Winlogon LSA. Library SAM SAM. Local logon NTLM. NTLM/Kerberos. EIT060 - Computer Security 2

CS 392/681 - Computer Security. Module 6 Access Control: Concepts and Mechanisms

CS 290 Host-based Security and Malware. Christopher Kruegel

Outline. Security. Security Ratings. TCSEC Rating Levels. Key Requirements for C2. Met B-Level Requirements

Security. Outline. Security Ratings. Ausgewählte Betriebssysteme Institut Betriebssysteme Fakultät Informatik

Operating system security models

Access Control. CMPSC Spring 2012 Introduction Computer and Network Security Professor Jaeger.

A Survey of Access Control Policies. Amanda Crowell

? Resource. Announcements. Access control. Access control in operating systems. References. u Homework Due today. Next assignment out next week

Jérôme Kerviel. Dang Thanh Binh

Secure Architecture Principles

Operating Systems Security Access Control

User Authentication. Modified By: Dr. Ramzi Saifan

Unix, History

CSE543 - Introduction to Computer and Network Security. Module: Operating System Security

User Authentication. Modified By: Dr. Ramzi Saifan

Data Security and Privacy. Unix Discretionary Access Control

What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.

Datasäkerhet/Data security EDA625 Lect5

Secure Architecture Principles

Secure Architecture Principles

Access Control Mechanisms

Protection. CSE473 - Spring Professor Jaeger. CSE473 Operating Systems - Spring Professor Jaeger

Discretionary Access Control

CIS 5373 Systems Security

Operating System Security. 0Handouts: Quizzes ProsoftTraining All Rights Reserved. Version 3.07

Operating systems and security - Overview

Operating systems and security - Overview

Module 4: Access Control

Computer Security: Principles and Practice

Secure Architecture Principles

CS 356 Lecture 7 Access Control. Spring 2013

Operating system security

Unit OS7: Security The Security Problem. Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze

Last time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control

Information Security Theory vs. Reality

Network Security: Kerberos. Tuomas Aura

Access Control. Discretionary Access Control

CS 161 Computer Security

IS 2150 / TEL 2810 Information Security and Privacy

O/S & Access Control. Aggelos Kiayias - Justin Neumann

RID HIJACKING Maintaining Access on Windows Machines.

Identification Schemes

P1L5 Access Control. Controlling Accesses to Resources

Outline. V Computer Systems Organization II (Honors) (Introductory Operating Systems) Language-based Protection: Solution

Chapter 4 Protection in General-Purpose Operating Systems

Protecting Information Assets - Week 10 - Identity Management and Access Control. MIS 5206 Protecting Information Assets

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Discretionary Vs. Mandatory

Introduction to Computer Security

Storage and File System

CSCI 420: Mobile Application Security. Lecture 7. Prof. Adwait Nadkarni. Derived from slides by William Enck, Patrick McDaniel and Trent Jaeger

Goals. Understand UNIX pw system. Understand Lamport s hash and its vulnerabilities. How it works How to attack

How to Configure Authentication and Access Control (AAA)

Advanced Systems Security: Multics

Advanced Systems Security: Ordinary Operating Systems

Access control. Frank Piessens KATHOLIEKE UNIVERSITEIT LEUVEN

Post-Class Quiz: Access Control Domain

Secure Architecture Principles

Access Control. Tom Chothia Computer Security, Lecture 5

CS-630: Cyber and Network Security

Discretionary Access Control (DAC)

Roadmap for This Lecture

Introduction to Security

CISNTWK-11. Microsoft Network Server. Chapter 4

? Resource. Outline. Lecture 9: Access Control and Operating System Security. Access control. Access control matrix. Two implementation concepts

Identity, Authentication and Authorization. John Slankas

n Describe the CEH hacking methodology and system hacking steps n Describe methods used to gain access to systems

Advanced Systems Security: Principles

Computer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018

COS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy

Storage and File Hierarchy

SELinux type label enforcement

COS 318: Operating Systems

CIS433/533 - Introduction to Computer and Network Security. Access Control

3. Operation Systems & Security

CIS 551 / TCOM 401 Computer and Network Security. Spring 2006 Lecture 13

CS System Security Mid-Semester Review

Improving the Granularity of Access Control for Windows 2000

AIT 682: Network and Systems Security

Authentication. Identification. AIT 682: Network and Systems Security

Authentication Objectives People Authentication I

Pre-Assessment Answers-1

5. Authentication Contents

Security and Authentication

Exercises with solutions, Set 2

IT Service Delivery And Support Week Four - OS. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao

Fundamentals of Linux Platform Security

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

ASC Chairman. Best Practice In Data Security In The Cloud. Speaker Name Dr. Eng. Bahaa Hasan

Hands-On Network Security: Practical Tools & Methods. Hands-On Network Security. Roadmap. Security Training Course

Hands-On Network Security: Practical Tools & Methods

Overview of Information Security

Computer Security. Access control. 5 October 2017

CSE 380 Computer Operating Systems

Chapter 4: Access Control

Transcription:

Login und Authentifizierung

security aspects Confidentiality: data should not be read by unauthorized parties. Integrity: data should not be changed by unauthorized parties. Availability: data should be accessible when they are needed. Authenticity: the identity of subjects may not be forged

Definitions: Trust (Vertrauen) is a property within a social organization with respect to handling information. Trust defines the requirements and the resulting policies defined by an application area concerning the proper usage of information in the temporal and functional domain. It reflects the flow of information in an organization and is specified in terms of rules between authorization of subjects and clearance of information. Security (Datensicherheit) is the property of an information processing system. Security defines the requirements useful for an owner and user of information to protect it against security threats. Basic requirements which have to be assured in spite of intentional and malicious attacks are the confidentiality, integrity, availability and authenticity of information. Protection (Zugriffsschutz) is the set of hardware and software mechanisms to enforce security in a system.

Terminology Trusted System: Mandatory access control. Rules defined by organization policy. Secure System: Discretionary, user defined access control. Rules defined by individual user. Goal: Flexibility, Expressiveness, Least Privilege. Protection System: Mechanisms in the hardware, firmware and the operating system to enforce access specifications.

Security vs. Privacy Security (Datensicherheit) protects data against misuse by individuals. Privacy (Datenschutz) protects individuals against the misuse of (their) data. Security is a necessary but not a sufficient condition for trust and privacy!

Authentication & Access Protection

The Login Process The login Procedure provides idenfication and authentication Login screen Authentication Login processes should be mandatory for users identification and it should not be subject to be disabled. Guarantee anti-spoofing by preventing to fool the user by simulating the login screen. Create Subject ID Create Priviledges Record Grant Access rights

Authentication: ensures that a user is the one she pretends to be. Authentication is based on a secret or on a non-forgable Identifier. On a standard OS, authentication is enforced by the Login procedure. On the OS-Level, processes act on behalf of a user. A process usually obtains the privileges which are granted for the user. Access Protection: ensures that an authenticated users (or the processes acting on behalf of the user) only have access to exactly the items they are allowed to use. This is enforced by memory and file protection mechanisms.

attacks from outside of the system The login procedure Stoll 89 LBL>telnet elxsi ELXSI AT LBL LOGIN: root PASSWORD:root INCORRECT PASSWORD, TRY AGAIN LOGIN: guest PASSWORD: guest INCORRECT PASSWORD, TRY AGAIN LOGIN: uucp PASSWORD: uucp WELCOME TO THE ELXSI COMPUTER AT LBL

From: William Stallings:Betriebssysteme, Prinzipien und Umsetzung, 4. Auflage, Pearson Studium, 2003

From: William Stallings:Betriebssysteme, Prinzipien und Umsetzung, 4. Auflage, Pearson Studium, 2003

passwd security /etc/passwd holds a list of <name, encoded passwd> passwd guessing: prepare a list of common passwd, encoded passwd read the /etc/passwd from some computer compare encoded passwd on match > store <name, passwd> salt: create entries: <name, random number, encoded passwd> to obtain a match, the cracker has to generate b n (b=base n=exponent) versions of each passwd. better passwd: longer names, not in a dictionary, numbers, special characters one-time passwd: only used once. (Lamports algrithm to generate the list)

Password mechanisms in Unix Passwd salt 56 Bit 12 Bit etc/passwd user-id, passwd crypt user-id salt encrypt. PW user-id salt encrypt. PW LOAD slow hash = generating the encrypted Passwd checking thepasswd

Vorteile von Salt: - Salt verhindert, dass doppelte Passwörter auftreten. - Salt verlängert das Passwort um 12 Bit. Dadurch wird es schwerer zu entschlüsseln. - Salt bewirkt, dass selbst, wenn der Nutzer dasselbe Passwort auf mehreren Maschinen benutzt, es nicht in derselben Weise verschlüsselt wird - das Kryptoverfahren ist aufwändig und langsam (innere Schleifen) und nicht durch Hardwarebeschleuniger zu realisieren. - Vorgefertigte Kryptoworte sind wertlos: Today s system uses a 32-bit salt. Because of this salt, the attacker s pre-calculated hashes (rainbow tables) are of too big.

Protection mechanisms in the OS subject A subject B O7 (r1, r2,..) O3 (r1, r2,..) O8 (r1, r2,..) O1 (r1, r2,..) O2 (r1, r2,..) O4 (r1, r2,..) O5 (r1, r2,..) subject C O6 (r1, r2,..) Protection Domains define the acess relations between Active system components: Subjects, e.g. users, processes,.. and Passive system components: Objects, e.g. files, devices,...

Access protection in the OS 1. Definition of Access Rights: Persistent objects: Files, Objects, Devices Volatile objects: Pages, Segments, Memory Areas 2. Enforcement of Access Rights: Files: Check of access rights performed by system calls on the first access. Memory: access rights need to be enforced for every access! Isolation: No process should be able to use data from another process in an unauthorized way. Controlled access (least priviledge): Accesses should have just the needed rights.

access protection Lampson's model: paper "Protection" first appeared in Proc. 5th Princeton Conf. on Information Sciences and Systems, Princeton, 1971, p 437. entities are distinguished as: subjects, taking the active role in the system, and objects, that are passive entities capability list for s 3 subjects s 1 s 2 s 3 s k s n o 1 R(o 1,s 1 ) R(o 1,s 2 ) R(o 1,s 3 ) R(o 1,s k ) R(o 1,s n ) o 2 R(o 2,s 1 ) R(o 2,s 2 ) R(o 2,s 3 ) R(o 2,s k ) R(o 1,s n ) ACL for o 2 objects o j R(o j,s 1 ) R(o j,s 2 ) R(o j,s 3 ) R(o j,s k ) R(o 1,s n ) o m R(o m,s 1 ) R(o m,s 2 ) R(o m,s 3 ) R(o m,s k ) R(o 1,s m )

Access Control List (ACL) user mode process process process U1 U2 U3 file A U1: RW U2: R kernel mode U3: R file B U1: R U2: RW file C U1: RX U2: RWX U3: RX

Capability List (C-List) user mode process process process U1 U2 U3 file A kernel mode file B A: RW B: R C: RX A: R B: RW C: RWX A: R C: RX file C C-list

Discussion: how to protect capabilities? Tagging Separation Encryption Sparse name space More Problems: Controlling and confining capability transfer. Revocation of rights (contradiction of terms according to Roger Needham (1992))

Security and access protection in W2K secure login and antispoofing discretionary access control privileged access control process address space protection prevention of data leaks by zeroing all new pages before loading security auditing

overall NT security model http://www.ciac.org/ciac/documents/ciac-2317_windows_nt_managers_guide.pdf

NT logon process Logon Windows NT logon processes provide mandatory logon for user identification and cannot be disabled. To protect against spoofing, the logon process begins with a Welcome message box that requests the user to press Ctrl, Alt and Del keys before activating the actual logon screen. LSA Authentication Package run Verify Authentication in SAM Database SAM returns SID(s) LSA creates Access Token LSA creates Subject

the access token header expir. groups standard owner group restricted time DACL SID SID SIDs privileges Security ID (SID): The SID is a variable length unique name (alphanumeric character string) that is used to identify an object, such as a user or a group of users in a network of NT/2000 systems. Expiration time: defines validity interval for the access token (currently not used) Discretionary Access Control List (DACL): Default ACL when they are created by a process and no other ACL is specified. Owner/group SID: indicates the user/group who owns the process. Restricted SID: enables the cooperation of trusted and non-trusted processes by constraining access for the latter. Privileges: enable to define "admin rights" in a more fine-grained fashion and associate these with user processes.

the security descriptor is associated with every object defines who may access the object with which operation file header owner SID group SID DACL SACL Process holds access token which is checked against the ACL. security descriptor Descritionary Access Control List System Access Control List header denied sam 110111 allowed bilbo 001100 allowed frodo 111111 allowed all 001000 header audit gandalf 111111 Access Control Element Access Control Element Access Mask

Zugriffsmaske Stallings: Betriebssysteme

SRM access validation

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback