Upload
elfrieda-berry
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
1
Security potpourri
INF 123 – Software [email protected]
(Slides from Dick Taylor and Crista Lopes)
4
Outline
• Definitions• Common security design decisions• Trust between users• Practical guidelines
6
Security
• Non-functional property• Protection aimed at preserving the system’s:
– integrity, – availability, – and confidentiality.
• (Definition from the National Institute of Standards and Technology)
8
Integrity
• Authorized parties can manipulate information only in the authorized ways
• Corruption
Denethor is only a steward, but he acts like a king.(He should not.)
9
Availability
• Authorized parties can access resources on all appropriate occasions
• Denial of service
11
Common security design decisions
• Principle Of Least Authority – POLA• Separation of privilege• Complete mediation• Fail-safe defaults• Access control• …
12
POLA
• AKA Principle of Least Privilege• Do not give to a component more privilege
(data, visibility, CPU time, bandwidth, …) than it needs
14
POLAWhat do you think of Sauron?
He’s a good guy!
I shouldn’t say more…
That’s not in the script …
15
Separation of privilege
• Goal: avoid exploitation of privilege• Run different actions in different modes• Example:
– network.py needs to go through the firewall– view.py does not– Open port only for network.py
16
Complete mediation
• Make sure every access is permitted
Accesscontrol
data
Frodo’s path
Mordor checkpoints
So easy …
17
Fail-safe defaults
• Deny access if explicit permission is absent• Be paranoiac
I don’t trust him, Mr Frodo.
18
Access control
• Decide whether access to a protected resource should be granted or denied
• Discretionary access control– Based on the identity of the requestor, the
resource, and whether the requestor has permission to access
• Mandatory access control– Policy based
19
Discretionary Access ControlDatabase A Component Q Interface F
Alice Read-Write; Always
Bend Yes
Bob Read-Write;Between 9 and 5
Fold No
Charles No access Spindle No
Dave No access Mutilate Yes
Eve Read-only; Always
None No
23
Example: Ebay
• Open decentralized application
• Independent buyers/sellers
• Potentially malicious participants
• Need to counter threats
Marvin(malicious)
Carol
Bob
Alice
Mallory(malicious)
DecentralizedAuctioning
24
Trust and security
• Trust is not binary– You trust some people– About some topics– For some time
• Many security threats exploit human nature– Social engineering
26
Impersonation
BobAlice
Mallory(malicious)
“I am Bob”
Bob is reliable and everyonehas a good opinion about Bob
27
Fraudulent Actions
Alice “buyer”
Alice paysfor the items
Marvin “seller”(malicious)
Marvin doesnot ship the items
28
Misrepresentation
BobAlice
Mallory(malicious)
“Bob is unreliable”
Bob is reliable and everyonehas a good opinion about Bob
29
Collusion (!= collision)Bob
Alice
Mallory(malicious)
“Bob is unreliable”
Bob is reliable and everyonehas a good opinion about Bob
Marvin(malicious)
30
Addition of UnknownsCarol
(new entrant in the system)
Bob Alice
Bob has no informationabout Carol; he is not sure
whether to interact with Carol
Carol is new and does notknow Alice; she is not sure
whether to interact with Alice
32
In practice
• Never-ending game of:– Find vulnerability– Attack– Fix– Repeat
• No system is 100% secure• Least common denominator: A system is as
secure as its least secure component
Intermezzo: MD5
• Message Digest algorithm 5• Transforms an arbitrary-length message into a
128-bit value– One way function
• MD5("The quick brown fox jumps over ") = 9e107d9d372bb6826bd81d3542a419d6
• MD5("The quick brown fox jumps over.") = e4d909c290d0fb1ca068ffaddf22cbd0
34
Intermezzo: MD5 dictionary attack
• Goal: recover passwords from their encryption• Brute-force
– Given 9e107d9d372bb6826bd81d3542a419d6– Iterate over MD5(words) and compare the hash
• Dictionary attack– Rainbow tables: map MD5 to common passwords
• { 9e107d9d: ‘password’, 6826bd85: ‘qwerty’, … }
– http://www.cbsnews.com/news/the-25-most-common-passwords-of-2013/
35
Least common denominator: example
• MD5 encryption for passwords• Hash of passwords stored in DB• But root DB password is ‘password’ • Dictionary attack• Attacker knows all passwords
36
Solutions
• MD5 with salt – MD5(password + salt) instead of MD5(password)– Prevent rainbow attack– But need to keep the salt around
• How do you protect the salt?
• Better password• MD5 has collisions: use SHA1 instead of MD5
37
HTTPS = HTTP + SSL
• Send HTTP request to server• Problem: Eavesdropping• Problem: Man-in-the-middle
– Malicious server pretends to be your server• Solution: encrypt transmitted data
POST /home/login HTTP/1.1Hostname: …Content-Type: jsonContent-Length: 26{ name:foo, password:OMG }
1d5fs#d3R6[5wgfr48rs&g=24fg+3t2fgfdC5.3gdf*453gdfg241df3%2gdDf1we&4w*e348sf48q6xwBas2Aa213dJE
SSL
Encrypt headers and payload, but not (IP, port) (the attacker already knows my IP and that of the server to do a MITM attack)
41
Sanitize inputs
Solution: escape dangerous characters (replace ‘ by \’ or by space)PHP: mysql_real_escape_string