Structure
14.0 Objectives 14.1 Web Security 14.2 IP Security 14.3 Summary 14.4 Keywords 14.5 Questions 14.6 References
14.0 OBJECTIVES
After going through the contents discussed in this unit you will
Learn about challenges in securing web
Come to know about potential threats
Learn about relationship between layers and kind of security
Know applications and benefits of securing IP
Services provided by IP security
14.1 WEB SECURITY
The World Wide Web is nothing but client/server application running on the TCP/IP intranets. All the security tools discussed so far are useful for web also. But web poses new challenges which have not been addressed in computer and network security. We highlight here these new challenges exclusively to be addressed in securing web.
1. Unlike traditional environments, internet is two way. Hence web is vulnerable to attacks on the web servers over the internet.
2. Web is more and more used by Corporate for product information and business transactions. Reputation can be damaged and money can be lost if web servers are subverted.
196
3. Web browsers are easy to use; web servers are easy to manage, content on the web can be developed easily. Underlying software which makes these tasks easy are highly complex and possibly having security flaws. The brief history of web is filled with many examples of security attacks in spite of upgraded systems properly installed.
4. Web servers are often used as launching pad for an organization‟s computing systems. If this server is subverted, an attacker can have access to organization‟s secure data, although this is not part of the web.
5. Casual and untrained users are common clients for web based services. Such people may not be aware of security risks and quiet often do not have tools or knowledge to take effective counter measures.
Web security threats is summarized in table 14.1
Threats Consequences Countermeasures
Integrity • Modification of user data
• Trojan horse browser
Confidentiality • Eavesdropping on the net
• Theft of info from server
Table 14.1: A Comparison of Threats on the Web
197
Another way to classify Web security threats is in terms of the location of the threat: Web server, Web browser, and network traffic between browser and server. Issues of server and browser security fall into the category of computer system security.
Traffic security will be addressed in this unit. There are a number of approaches to provide Web security. The various approaches that are discussed are similar in services they provide and, to some extent, in the mechanisms that they use, but they differ with respect to their scope of applicability and their relative location within the TCP/IP protocol stack.
Figure 14.1 illustrates this difference. One way to provide Web security is to use IP security (IPsec) (Figure 14.1a).The advantage of using IPsec is that it is transparent to end users and applications and provides a general-purpose solution. Furthermore, IPsec includes a filtering capability so that only selected traffic need incur the overhead of IPsec processing.
Another relatively general-purpose solution is to implement security just above TCP (Figure 14.1b). The foremost example of this approach is the Secure Sockets Layer (SSL) and the follow-on Internet standard known as Transport Layer Security (TLS). At this level, there are two implementation choices. For full generality, SSL (or TLS) could be provided as part of the underlying protocol suite and therefore be transparent to applications. Alternatively, SSL can be embedded in specific packages. For example, Netscape and Microsoft Explorer browsers come equipped with SSL, and most Web servers have implemented the protocol.
Application-specific security services are embedded within the particular application.
Figure 14.1c shows examples of this architecture. The advantage of this approach is that the service can be tailored to the specific needs of a given application.
Figure 14.1: Relative Location of Security Facilities in the TCP/IP Protocol Stack
198 SSL Architecture
SSL is designed to make use of TCP to provide a reliable end-to-end secure service. SSL is not a single protocol but rather two layers of protocols, as illustrated in Figure 14.2.
The SSL Record Protocol provides basic security services to various higher layer protocols. In particular, the Hypertext Transfer Protocol (HTTP), which provides the transfer service for Web client/server interaction, can operate on top of SSL. Three higher-layer protocols are defined as part of SSL: the Handshake Protocol, the Change Cipher Spec Protocol, and the Alert Protocol.
Two important SSL concepts are the SSL session and the SSL connection, which are defined in the specification as follows.
Connection: A connection is a transport (in the OSI layering model definition) that provides a suitable type of service. For SSL, such connections are peer-to-peer relationships. The connections are transient. Every connection is associated with one session.
Session: An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters which can be shared among multiple connections. Sessions are used to avoid the expensive negotiation of new security parameters for each connection.
Between any pair of parties (applications such as HTTP on client and server), there may be multiple secure connections. In theory, there may also be multiple simultaneous sessions between parties, but this feature is not used in practice.
There are a number of states associated with each session. Once a session is established, there is a current operating state for both read and write (i.e., receive and send). In addition, during the Handshake Protocol, pending read and write states are created. Upon successful conclusion of the Handshake Protocol, the pending states become the current states.
Transport layer security (TLS)
TLS is an IETF standardization initiative whose goal is to produce an Internet standard version of SSL. TLS is defined as a Proposed Internet Standard in RFC 5246. RFC 5246 is very similar to SSLv3. In this section, we highlight the differences between TLS and SSL.
199
There are two differences between the SSLv3 and TLS MAC schemes: the actual algorithm and the scope of the MAC calculation. TLS makes use of the HMAC algorithm defined in RFC 2104.
TLS makes use of a pseudorandom function referred to as PRF to expand secrets into blocks of data for purposes of key generation or validation. The objective is to make use of a relatively small shared secret value but to generate longer blocks of data in a way that is secure from the kinds of attacks made on hash functions and MACs. The PRF is based on the data expansion function as given in the following steps.
P_hash(secret, seed)= HMAC_hash (secret, A(1) || seed) ||
HMAC_hash (secret, A(2) || seed) ||
HMAC_hash (secret, A(3) || seed) || . . . where A( ) is defined as
A(0) = seed
A(i) = HMAC_hash (secret, A(i – 1))
14.2 IP SECURITY
To provide security, the IAB (Internet Architecture Board) included authentication and encryption as necessary security features in the next-generation IP, which has been issued as IPv6. Fortunately, these security capabilities were designed to be usable both with the current IPv4 and the future IPv6. This means that vendors can begin offering these features now, and many vendors now do have some IPsec capability in their products. The IPsec specification now exists as a set of Internet standards.
Applications of IP security
IPsec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. Examples of its use include:
• Secure branch office connectivity over the Internet: A company can build a secure virtual private network over the Internet or over a public WAN. This enables a business
200
to rely heavily on the Internet and reduce its need for private networks, saving costs and network management overhead.
• Secure remote access over the Internet: An end user whose system is equipped with IP security protocols can make a local call to an Internet Service Provider (ISP) and gain secure access to a company network. This reduces the cost of toll charges for traveling employees and telecommuters.
• Establishing extranet and intranet connectivity with partners: IPsec can be used to secure communication with other organizations, ensuring authentication and confidentiality and providing a key exchange mechanism.
• Enhancing electronic commerce security: Even though some Web and electronic commerce applications have built-in security protocols, the use of IPsec enhances that security. IPsec guarantees that all traffic designated by the network administrator is both encrypted and authenticated, adding an additional layer of security to whatever is provided at the application layer.
The principal feature of IPsec that enables it to support these varied applications is that it can encrypt and/or authenticate all traffic at the IP level. Thus, all distributed applications (including remote logon, client/server, e-mail, file transfer, Web access, and so on) can be secured.
Figure 14.2 is a typical scenario of IPsec usage. An organization maintains LANs at dispersed locations. Non-secure IP traffic is conducted on each LAN. For traffic offsite, through some sort of private or public WAN, IPsec protocols are used. These protocols operate in networking devices, such as a router or a firewall, that connect each LAN to the outside world.
The IPsec networking device will typically encrypt and compress all traffic going into the WAN and decrypt and decompress traffic coming from the WAN; these operations are transparent to workstations and servers on the LAN. Secure transmission is also possible with individual users who dial into the WAN. Such user workstations must implement the IPsec protocols to provide security.