Upload
barbara-rogers
View
215
Download
0
Tags:
Embed Size (px)
Citation preview
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
e-Health Security – An Overview
Faisal Karim Shaikh
DEWSNet GroupDependable Embedded Wired/Wireless Networks
www.fkshaikh.com/dewsnet
eHealth Security – An overview 2
Course Structure and Contact Info
www.muet.edu.pk/~shaikh/courses/
Schedule Monday 3-5 pm
Exams 2-3 mid exams (can be surprise :) Home assignments Presentations in class (voluntarily) Final Exam
Faisal K. Shaikh [email protected] Office Hours (TL125): Monday 10:00 – 11:00
by appointment
eHealth Security – An overview 3
Relevant Literature + Lecture Foils
Internet is open for all and for me too
Slides will be available on the lecture’s homepage I will try to upload the foils shortly before /after the lecture
Books Kaufman, Perlman and Speciner. Network Security: Private
Communication in a Public World. Stevens. TCP/IP Illustrated, vol. 1, the protocols. …….
eHealth Security – An overview 4
Course Overview
Network Security Introduction to network security
• Secure network services• Attacks
Secure channels/network layers• Introduction to cryptography• Authentication• Cryptographic Protocols
– Strong authentication, key exchange Analysis of protocols Standards
• SSL/TLS, SSH, IPSEC• Kerberos, S/Key
Public Key Infrastructures• PKI: X.509• PGP
–
eHealth Security – An overview 5
Course Overview
Packet filtering/Firewalls Intrusion detection Distributed Denial of Service attacks Network forensics/ vulnerability assessment
Data Security Body Area Networks Security
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
First concepts
Terminology
eHealth Security – An overview 7
What is Security?
Definitions from the Amer. Herit. Dict. : Freedom from risk or danger; safety. (NO!) Measures adopted … to prevent a crime such as burglary
or assault. (ALMOST!) Network security measures:
Mechanisms to prevent, detect, and recover from network attacks, or for auditing purposes.
eHealth Security – An overview 8
Terminology
Assets and liabilities Policies Security breeches Vulnerabilities Attacks Threats Threat Intensity
eHealth Security – An overview 9
A Secured Network
A network is “secured” if it has deployed adequate measures for prevention of, detection of, and recovery from attacks. Adequate = commensurate with the value of the
network’s assets and liabilities, and the perceived threat intensity.
– By Breno
eHealth Security – An overview 10
Security Goals
C onfidentialityI ntegrityA vailability
Other important security goals include auditability
eHealth Security – An overview 11
Security operations
Prevention against adversarial or accidental capture and/or modification of information.
Audit of data accesses/modifications, and of privileged operations.
Detection of all improper access to data and system resources.
Recovery from unauthorized access, restoring data values, system integrity, and identifying compromised data/resources.
Retaliation (legal, PR, info. warfare)
eHealth Security – An overview 12
Authentication
Used to prevent impersonation and detect unauthorized data modifications.
Some mechanisms to provide data integrity will not be considered: Enforcement of safe data manipulation methods
(file system protection mechanisms, database protection mechanisms).
eHealth Security – An overview 13
Availability
Continuous service, quality of service, resource wastefulness reduction Typical attack: DoS, DDoS
Prevention by removal of bottlenecks Detection of attacks Recovery of service provision ability Audit of service requests
eHealth Security – An overview 14
Concrete Security Measures
Securing an open network requires adoption of a myriad of measures: Policies, audit and evaluation Personnel training Physical security/ EM emanation shielding Authentication and access control Communication security: Cryptography-based
techniques.
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
Open Systems Interconnection
A standard-centric networking model
eHealth Security – An overview 16
Open Systems
Open Systems: general-purpose networks that support standardized
communication protocols and may accommodate heterogeneous sub-networks transparently.
Corporate Intranets:• Ethernet, Token Ring and Wireless subnets.
Internet
eHealth Security – An overview 17
Open Systems Interconnection Model
ISO’s layered approach to standardization
7. Application layer FTP, Telnet, SSH
6. Presentation layer MIME, XDR, SSH
5. Session layer NetBios, FTP, Telnet, SSH
4. Transport layer TCP,UDP,SSL/TLS
3. Network layer IP, ICMP, IPSEC
2. Data link layer Ethernet, PPP, ISDN
1. Physical layer pins, cabling, radio
eHealth Security – An overview 18
1-2. Physical/Data Link Layers
Physical layer: Radio, fiber, cable, pinsData link layer orchestrates the
signaling capabilities of the physical medium (unreliable, noisy channel) into reliable transmission of protocol data units (PDUs).
PDUs contain control information, addressing data, and user data.
Hardware-based encryption operates at 1+2.
eHealth Security – An overview 19
3. Network Layer
Exports a logical network interface, allowing for uniform addressing and routing over heterogeneous sub-networks. E.g.: IP can route between Ethernet- and 802.11x -
networks
eHealth Security – An overview 20
Internet structure
AS1
AS2
AS3
AS4
BGP routes(negotiated)
eHealth Security – An overview 21
4. Transport Layer
Permits connection and connectionless associations. Connections enable reliable transmission of data streams.
End-to-end security first becomes meaningful at this level. Security associations: An association is either a
connection or a connectionless transmission service at levels 4-7.
eHealth Security – An overview 22
Levels 5 and Higher
Application through session protocol layers. Many network applications implement their own
session management. Moreover, they typically depend on system libraries for presentation layer capabilities. Such applications, from a data-path viewpoint, may be considered a single layer: PDUs only typically appear at the session layer.
eHealth Security – An overview 23
Example: SSH
SSH provides services at all topmost three OSI layers. Application: Terminal/file transfer Presentation: Encryption Session: Connection, synchronization
Only at the session layer the data (encrypted buffers of user input) gets first packaged into a protocol data unit for transmission.
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
TCP/IP networking model
A data-path centric model
eHealth Security – An overview 25
TCP/IP network model ( TCP/IP Protocol)
TCP/IP Application Layer
7. OSI Application
6. OSI Presentation
5. OSI Session
TCP/IP Transport Layer 4. OSI Transport
TCP/IP Network Layer 3. OSI Network
TCP/IP Data Link Layer 2. OSI Data Link Layer
TCP/IP Physical Layer 1. OSI Physical Layer
eHealth Security – An overview 26
Protocol Data Wrapping
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
Fitting Security
How security measures fit into the network models
eHealth Security – An overview 28
Association Model
An association is either a connectionless data transmission service or a connection at any of OSI layers 4-7, or TCP/IP application /transport layers
An N-association is the data-path through which N+1 entities communicate: Generally at session layer or below. N+1-layer data packaged into N-PDUs
eHealth Security – An overview 29
Association Model (2)
V. L. Voydock and S. T. Kent
eHealth Security – An overview 30
Security at levels 1 - 3
Implemented at the host/network interface level (lack notion of association): Link-to-link security.
Encryption/authentication requires operations at each network node.
Each network node must be trusted. Impractical for Open Systems?
eHealth Security – An overview 31
Security protocols ≤ 3
Many VPN technologies work at level 2 PPTP, L2F, L2TP Rationale: Directed at dial-up VPN networks, (PPP is
level-2). Provide service to a variety of network-level protocols, such as IP or IPX.
IPSEC works at level 3, essentially extends IPv6/IPv4.
eHealth Security – An overview 32
Security above level 3
Most flexible security measuresEnd-to-end security: The security
policies and mechanisms can be based on associations between entities (applications, processes, connections), as opposed to host-based: In multi-user environments, or when hosts
are not physically secure, host-based policies are not sufficiently fine-grained.
eHealth Security – An overview 33
Summary
Security measures can take three main forms:1. End-to-end security at the TCP/IP application layer (5-7
OSI model layers)2. End-to-end security at the (TCP/IP,OSI) transport layer3. Link-to-link security at the network, data-link and
physical layers.
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
Attacks
A taxonomy
© Neeraj SuriEU-NSF ICT March 2006
DEWSNetDependable Embedded Wired/Wireless Networks
MUET Jamshoro
Attack Types
And their impact on end-to-end communication security mechanisms
eHealth Security – An overview 36
Passive Attacks
Observation of N+1-layer data in an N-layer PDU: release of data contents, or eavesdropping
Observation of control/ address information on the N-PDU itself: traffic analysis.
Transport/network boundary = End-to-end/ link-to-link boundary. Traffic analysis is least effective if N+1 = 4.
eHealth Security – An overview 37
Active Attacks
Impersonation Packet injection (attacker-generated PDU) Packet deletion/delay Packet modification/re-ordering Replay attacks
If a breech can be achieved by both active and passive attacks, which is more powerful? (problematic)