• Overview
• Windows NT 4.0 Security • Cryptography
• SSL
• CryptoAPI
• SSPI, Certificate Server, Authenticode • Firewall & Proxy Server
• Confidentiality and privacy:
– Protect business and personal information from unauthorized disclosure.
• Integrity:
– Protect information from unauthorized modification.
• Availability:
– Protect information and processing services from disruption and destruction.
• Accountability and non-repudiation:
http://msdn.microsoft.com/library/backgrnd/html/msdn_mssecure.htm
NT Security Features
Enabling Technologies
• Authentication
• Access control
• Cryptography
• Firewall
• System Integrity
• Auditing
• CryptoAPI
• P-Store, Wallet, PFX
• Smart Cards
• Security Support Provider, Secure RPC,
DCOM
• Certificate Server
• IIS
• Proxy Server
• SQL Server
• IE
• Exchange, Outlook
• SNA Server
• User Authentication
• Access Control
• Refs:
– http://www.microsoft.com/ntserver/security/tec hdetails/prodarch/CoopersLybrand.asp
• A domain is a logical group of computers that share a set of common user accounts
• The Domain Controller, a NT server, keeps the domain user account database, which is visible to all computers.
• Each local computer has its own isolated user account database.
• Local user accounts are not necessarily domain user accounts and vice versa.
• Local Logon: how
-– check the local user account database. – only the hashed password is stored.
• Remote logon: types
-– Remote Access Service (RAS): Dial-up
– Virtual Private Network (VPN): Internet-based – logon from local computer as a domain user
1. The domain controller is requested to set up a secure RPC session.
2. The controller issues a 16-byte one-time randomly generated number as the challenge.
3. The local computer produces a response by encrypting the hashed password and challenge together and sends it back a response.
4. The controller uses the challenge and the hashed password from the domain user account database to produce its own response.
• Each user ID is associated with an security ID (SID). – Each user may belong to one or more user’s groups,
and is given group SID. For simplicity, group SID are ignored from here on.
• An access token is created upon a user logon, which is attached to any process (or thread) the user invoked. • An access token is mainly comprised of two parts:
– the SID
• Similar to Daemon in UNIX
• It runs forever unless otherwise halted.
• Users may log on to an NT service without logon to the NT system.
• Examples: SQL Server, MS Exchange, IIS and other operating system functions such as WINS (Windows Internet Name Service).
• User may supply his/her own application as a service.
• An NT service may use the access token of
the client to acquire resources.
• An NT service may not logon to another NT
machine on the behalf of the client, because
NetLogon does not authenticate with any
• Each NT object is associated with an ACL
which has two components:
– Discretionary ACL: specifies the access permissions for each user.
– System ACL: for security logging and auditing
• NTFS ACL permissions for each directory
and file object:
• An ACE determines whether
– an entity X is allowed or not allowed to do activity Y (DACL)
– an attempt by entity X to do activity Y is or is not to be logged in the security event logs (SACL)
• Components in an ACE:
– SID (for entity X) – Type (for action)
• If DACL is empty, then no one is allowed
access to the object
• If DACL is deleted, then everyone is
allowed access to the object
• In traversing a DACL, the system stops
looking as soon as access is explicitly
granted or denied. For safety, denial ACEs
should appear in the ACL.
• Three major concerns:
– Privacy
• tool: Encryption/Decryption
– Authentication
• tool: digital certificate
– Integrity
• tool: digital signature (digital timestamp)
• Ref:
• Cipher is the procedure of encrypting a
message.
• Cipher usually has one or more parameters,
that are considered keys, i.e. the values may
be generated randomly.
• Cipher is not usually not the object to
protect; keys are.
• Symmetric:
– encryption key = decryption key – key is private
• Asymmetric:
– encryption key not equal to decryption key – one public key and one secret key
• Stream Cipher
• Block Cipher
– Input:a fixed-length block of plaintext – Parameter: the encryption key
– Output: a block of encrypted text of the same length
• Deciphers work in a reverse way, with the
same key.
• If a party intends to communicate with 5
other parties, it needs 5 different keys.
• Transmitting a private key over an insecure
communication channel is problematic.
• Lengths: 128/40 bits (North America/Export) • Strength:
– DES 56-bit key (the Data Encryption Standard) is too small for safety.
– US Govt. recommends 40/512 for adequate and strategic strengths – RSA, the most well-known vendor, recommends 80/768
• Safe transport of key
– Well known secret: password – Public-key cryptography
• E and D are the cipher and decipher
respectively, and M is the message.
• D(E(M)) = M
• Both E and D are easy to compute.
• D is a one-way function, if by revealing E
in public, there is no easy way for others to
compute D.
• E is a cipher with n as the parameter, where n is the product of two larger prime numbers p, and q. • D is a decipher with p and q as the parameters.
• Both D and E are well-known, albeit patented algorithms.
• n is the public key
• The p and q together is the private key
• A product of 2 large prime numbers is
129-digit long (about 435-bits)
• In early 90’s, it took eight months using
1,600 computers to derive the two prime
factors of this product.
• A (Alice) gets B’s (Bob) public key from
the directory, with which to encrypt the
message.
• The cipher-text is transmitted over an
insecure channel to Bob.
• Bob receives the message, and use his own
secret private key to decrypt the cipher-text.
• Public key cryptography offers increased
security and convenience
• Symmetric algorithms are much faster.
• In practice, public key cryptography is used
to pass the private key needed to run
• the output has a fixed length,
• H(x) is relatively easy to compute for any
given x ,
• H(x) is one-way,
• Bob computes the message digest MG, of the message M using a cryptographic hash function H, i.e. MG=H(M). • Bob encrypts MG with his private key DB, and sends
DB(MG) to Alice, together with the un-ciphered M.
• Alice uses Bob’s public key EB to decipher DB(MG) obtain MG’.
• Alice applies the same H to M, to obtained MG’’.
• If MG’ is equal to MG”, Alice now has proof the Bob signs the message.
SHA = A well-known cryptographic hash
• Hashing is not strictly necessary, but it will save time in the encryption.
• It may be extremely difficult to crack a one-way hash function, but it is (slightly) easier to produce a different message that is hashed to the same result.
• “Birthday Attack”: for a group of 23 or more people the probability that two or more people share the same
birthday > 50%.
• If a message M’ may be found such H(M’)=H(M), Bob may be perceived to have signed the message M’ as well.
• Bob computes his signature S for the message M using his private key DB, i.e. S=DB(M)
• Bob encrypts the signature with Alice’s public key, EA, and sends EA(S) to Alice, together with the unciphered M. • Alice uses her own private key DA to decrypt the
cipher-text, and then use Bob’s public key EB to obtain M’.
• If M’ is not equal to M, some one must have tempered the message, and/or Bob did not sign it.
• Certificate Authorities are created to certify the authenticity of a public key.
• A certificate contains at least the following:
– the public key
– the name of the owner
– the issuing CA digital signature
• CA keeps a list of revoked certificates which are declared invalid before they expire.
• To be effective, the user must have a high
level of trust in the CA which issues.
• CA may rely on its own certification by
other CA’s to establish a level of trust,
hence a hierarchy of trust.
• An organization may become a CA for
issuing certificates to its employees.
1. Key generation: the individual generates key
pairs of public and private keys.
2. Matching of policy information: the applicant
packages up the additional information
necessary for the CA to issue the certificate
3. Sending of public keys and information: the
applicant sends the public keys and information to the CA.
4. Verification of information: the CA applies
whatever policy rules it might require to verify that the applicant should receive a certificate.
5. Certificate creation: the CA creates a digital
document with the appropriate information (public keys, expiration date, other data) and signs it using the CA's private key.
6. Sending/posting of certificate: The CA may send
• Man-in-the-middle attack: garbled message
• Integrity of messages in plaintext (e.g. stock
price)
• Need to authenticate the message, but not
the sender or receiver: Digital coupon,
• Use cryptographic hash function to produce
a message digest
• Encrypt the digest with a secret key to
produce the MAC.
• The message may be optionally encrypted.
• The MAC can be decrypted only by the
• SSL is the most popular protocol for secure
communication over insecure channel.
• SSL is a layered protocol.
• SSL is application protocol independent.
– A higher level protocol can layer on top of the SSL Protocol transparently.
• The connection is private:
– Encryption is used after an initial handshake to define a secret key.
– Symmetric cryptography is used for data encryption
• The peer's identity are authenticated:
– Digital certificates are examined.
• The connection is reliable.
– Message transport includes a message integrity check using a keyed MAC.
• SSL Record Protocol
– is used for encapsulation of various higher level protocols, the Handshake Protocol.
– manages the CipherSpec, the state of SSL protocol
• SSL Handshake Protocol: It allows the server and client
– to authenticate each other
– to negotiate an encryption algorithm
• Web server needs 3 to 4 threads to process
the protocol set-up.
• During the message transmission, it takes
on average tens of instructions to process
each byte of the message.
• The window size for SSL is only 16K.
• SSL runs only in user mode.
• A firewall is a system that enforces an
access control policy between two
networks.
• It blocks or permits traffic one network to
another.
• Firewall acts a single “choke point” where
security and audit can be imposed.
• Firewall is a generic name for hardware, software, or its combination that used to protect internal
network from intruders. • Two types of firewalls:
– Network level – Application level
• application-level proxy service
• A router is a hardware that can perform
simple packet filtering at the network level.
• It implements rules that blocks or permit IP
packets, based on a number of factors:
– destination address – source address
– port number
• Bastion host architecture
• Filtering host architecture
• Filtering subset architecture
• Bastion host is usually a proxy server on NT platform.
• A bastion may have two network interface cards (with different IP addresses), which allows to be a dual-homed host, i.e. running on two networks. • The proxy server will relay the authorized traffic
between the two interfaces and block traffic that is denied.
• SSL provides a secure end-to-end session between the client and original server.
• The proxy server will become a tunnel, or a byte-forwarder in both directions.
– It cannot, and need not act as the application level proxy.
• Benefits:
– URL is hidden from the proxy server
• The proxy server is sent a HTTP request
with a
CONNECTmethod on a HTTP header.
• The proxy server will response either
positively, or negatively.
• The tunneling ceases to work when one side
drops the connection.
• The router can be configured to make the
proxy server as the only host that accesses
the router.
– All internal hosts will be forced to use the proxy server to reach external hosts.
• This architecture is more secure than the
bastion host one because it provides two
• The internal network is considered as a subnet.
• The perimeter network is considered as a filtering subnet.
• There is no internal information on the filtering subnet.
• Benefits:
– Provides specific security requirements to a subset of an organization (CSIL)
• CryptoAPI is an API that provides core cryptographic functionality to application developers.
• Features:
– cryptographic hashing,
– encrypting and decrypting data,
• private and public key cryptography
• A CSP contains implementations of
cryptographic standards and algorithms.
• Microsoft works with vendors such as RSA
Data Security Inc. to develop programs that
implements the features of CryptoAPI.
• Secure Support Provider Interface
• MS Certificate Server
• SSPI makes common network
authentication schemes available to
application developers via simplified
software libraries.
• A SSP is a library that manages a particular
scheme.
• User of SSPI may call its SSP directly or
use the secure options in DCOM or RPC.
• Kerberos
• NTLM (NT Lan Manager)
• SSL
• Certificate Server is a toolkit for building a
Certificate Authority (CA) for large networks. • It enables an organization to issue, renew, and
revoke certificates without having to rely on external certificate.
• Each site building a CA with Certificate Server may supply its own approval module to verify the certificate applicant, or use a market standard
• It uses simple cryptographic integrity
features to help ensure the authenticity of a
software module.
• Digital signature is generated by the
Authenticode software which is attached to
the code.
• This technology may be used to sign script,
COM objects, and programs in C++ or VB.
• Grant or deny access for both inbound and
outbound connections by:
– user
– service / port – IP domain
• Each port can be enabled or disabled for
communications by a specific list of users
or user groups.
• Local Address Table:
– A system table containing the IP internal IPs. – Use by Proxy Server to prevent IP spoofing.
• Packet alert: issue alerts for specific events, such as for dropped packets or packets sent to an
unused service port.
• IP address aggregation: requests to external hosts will use proxy’s external IP.
• Anonymous User: an NT user account
IUSR_xxxx, where xxxx is the server name,
will be assigned to the user.
• NT User:
– Basic authentication – Challenge/Response
• The access permission to objects in the Web application is determined by the user’s access token.
• The request by anonymous user to access the requested object will be denied if its’ ACL does not permit access by IUSER.
• HTTP will response with a failure return-code (HTTP Error 401), with an authenticate header:
– WWW-Authenticate: Basic – WWW-Authenticate: NTLM
• Procedure:
– The browser will gather the user account and password from the user.
– The information will be sent to the server in BASE64 code.
• Given a choice,
– Netscape browser will pick this method over NTLM, because it does not do NTLM
• IIS will impersonate the user when
accessing resources in the server.
• When IIS attempts to logon to a remote
database server:
– In case of the basic authentication, IIS will be able to do because it has the user id and
password.
<%If request.servervariables("REMOTE_ADDR") = "200.200.157.4" then Response.Buffer = TRUE Response.Status = ("401 Unauthorized") Response.End End If%>
<% Response.Clear Response.Buffer = True Response.Status = “401 Unauthorized” Response.AddHeader “WWW-Authenticate”, “NTLM” Response.End
• User may set different levels of security for the following classes of sites:
– Internet – Local Intranet – Trusted sites – Restricted sites • Major differences: – Prompt/No-prompt
