• No results found

VIRTUAL PRIVATE NETWORKS SECURITY

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "VIRTUAL PRIVATE NETWORKS SECURITY"

Copied!
20
0
0

Loading.... (view fulltext now)

Download now ( 20 Page )

Full text

(1)

Auerbach Publications

© 1999 CRC Press LLC 08/99

DATA SECURITY MANAGEMENT

V

IRTUAL

P

RIVATE

N

ETWORKS

S

ECURITY

John R. Vacca

I N S I D E

Public Key Encryption; Public Key-Based Certificates; Audit Verification between Discovered Security Policy and Service Policy Definition; Automatic Discovery of Inter-VPN Connectivity and Exclusivity; Automatic Cross-Policy Audit to Ensure that Service or Configuration Changes Do Not Affect Other Policies;

Centralized Reporting of Group Memberships; Automatic Implementation of Selected, Custom Security Services, Such as Encryption; Secure Access to Management Data; Secure Access to Control; Multiple Levels of Authorization; Logging, Reporting, and Auditing of Changes; Advanced Security Features;

Symmetric Encryption vs. Asymmetric Encryption (Private Key vs. Public Key); Certificates; Extensible Authentication Protocol (EAP); IP Security (IPSec)

INTRODUCTION

With the explosive growth of the Internet, enterprises are beginning to ask: How can we best exploit the Internet for our enterprise? Initially, en-terprises were using the Internet to promote their enterprise’s image, products, and services by providing World Wide Web access to enterprise Web sites. Today, however, to improve overall efficiency and gain a com-petitive advantage, enterprises are moving toward Internet-enabled en-terprise processes. As a result, enen-terprises are considering virtual private network (VPN) solutions that take advantage of the Internet’s extensive, cost-effective access, while ensuring data security. In this article, one will learn how to help enterprises transition to this Internet-enabled prise model, and how to obtain standards-based secure access to enter-prise computing resources. One will also learn how to securely and cost-effectively extend the reach of applications and data across the world through the implementation of

virtu-al private network (VPN) solutions. Finally, this article will cover public key encryption and public key-based certificates (since these will play a role in the new EAP and IPSec secu-rity features now in development by Microsoft, IBM, Cisco, and other soft-ware suppliers).

P A Y O F F I D E A

When organizations discovered the efficiencies and cost-effectiveness of using the capabilities of the Internet to conduct business, they realized the need to protect sensitive information transiting unsecured areas. The implementation of virtual private networks provided the mechanism to achieve this needed protection. This article cov-ers the use of virtual private networks and their re-lated encryption technologies.

(2)

Security for virtual private networks (VPNs) must go beyond simply controlling secure access to network resources. It must also provide mechanisms for managing the implementation and enforcement of the policies that define partitioning between VPNs. Most VPN-aware net-works extend traditional VPN concepts of intranet and extranet service to enable valuable services based on sophisticated policies of separation and designated intercommunication; security policy management be-comes a valuable component to the success of VPN deployment.

New standards are being set by tools that enable easy specification, implementation, management, and enforcement of security policies. While initially focused on intra-VPN separation and intercommunication, network management functionality will be enhanced to support other value-added services such as encryption, data sharing, and broadcast dis-tribution between customers and secure remote access.

Generally, provider operators need to control access and visibility into network elements, control points, management systems, and data so that their networks cannot be sabotaged and sensitive information compro-mised. VPN services that support network management add a new twist to security management functional requirements in that visibility and control of a VPN subset of the provider network can now extend beyond the provider to the subscriber.

Traditionally, only service provider operators required authorization to their own network management systems and data. However, regular network management subscribers need access to information that pro-vides insight into how they use VPN services. Customers want to know the performance of the transport over the provider backbone and receive indicators when, or before, there are problems with the service. As net-work management applications mature, customers will control how they use the service (e.g., how service responds to data classification), and they will be able to change or procure new services.

To ensure correct partitioning of management data such that visibility, delivery, control, and access of the appropriate information are given only to authorized customers/owners of the data; and because the Inter-net facilitates the creation of VPNs from anywhere, Inter-networks need strong security features to prevent unwelcome access to private networks and to protect private data as it traverses the public network. User authenti-cation and data encryption are strong security features, but there are stronger authentication and encryption capabilities that will be available with Extensible Authentication Protocol (EAP) and Internet protocol se-curity (IPSec).

WHY VPN SECURITY?

A virtual private network (VPN) is an extension of an enterprise’s private intranet across a public network such as the Internet, creating a secure

(3)

private connection, essentially through a private tunnel. VPNs securely convey information across the Internet, connecting remote users, branch offices, and enterprise partners/suppliers into an extended enterprise net-work, as shown in Exhibit 1. Internet service providers (ISPs) offer cost-effective access to the Internet (via direct lines or local telephone num-bers), enabling enterprises to eliminate their current, expensive leased lines, long-distance calls, and toll-free telephone numbers. A 1997 VPN Research Report, by Infonetics Research, Inc. (based in San Jose, CA), es-timates savings from 20 percent to 47 percent of wide area network (WAN) costs by replacing leased lines to remote sites with VPNs. And, for remote access VPNs, savings can be 60 percent to 80 percent of enterprise remote access dial-up costs. Additionally, Internet access is available worldwide, where other connectivity alternatives may not be available.

The technology to implement these VPNs, however, is just becoming standardized. Some networking vendors today are offering non-stan-dards-based VPN security solutions that make it difficult for an enterprise to incorporate all its employees or enterprise partners/suppliers into an extended enterprise network. However, VPN security solutions based on Internet Engineering Task Force (IETF) standards will provide support for the full range of VPN security scenarios, with more interoperability and expansion capabilities.

The key to maximizing the value of VPN security is the ability of en-terprises to evolve their VPNs as their enterprise needs change and to easily upgrade to future TCP/IP technology. Vendors that support a broad range of hardware and software VPN security products provide the

(4)

flexibility to meet these requirements. VPN security solutions today run mainly in the IPv4 environment, but it is important that they have the ca-pability of being upgraded to IPv6 to remain interoperable with an enter-prise partner’s or supplier’s VPN security solutions. Perhaps equally critical is the ability to work with a vendor that understands the issues of deploying VPN security. The implementation of a successful VPN securi-ty solution involves more than technology. The vendor’s networking ex-perience plays heavily into this equation.

Now consider the role that software suppliers like IBM and Microsoft are playing with regard to the VPN security solution. Public key encryp-tion and public key-based certificates will also be considered because they play a role in the new EAP and IPSec security features now in de-velopment by Microsoft, IBM, Cisco, and other software suppliers.

UNDERSTANDING IBM VPN SECURITY

IBM uses IPSec (an open, IETF-standard security technology) as an inte-gral element in it eNetwork VPN security solutions. IPSec provides cryp-tography-based protection of all data at the IP layer of the communications stack. It provides secure communications transparently, with no changes required to existing applications. IPSec is the IETF-cho-sen, industry-standard network security framework for use in both the IPv4 and IPv6 environments. It is also currently the technology of choice for more than a dozen networking vendors, such as Sun, Attachmate, and Bay Networks. IPSec protects data traffic in three ways, using robust cryptographic techniques:

• authentication: the process by which the identity of a host or end point is verified

• encryption: the process of hiding information while in transit across the network in order to ensure privacy

• integrity checking: the process of ensuring that no modifications were made to the data while in transit across the network

In addition, as described next, IPSec can address the security require-ments of all key VPN enterprise security scenarios and provides a growth path covering VPN expansion and security requirement changes. In 1997, the IETF Security Working Group completed the initial work on IP-Sec extensions that provide automated Internet IP-Security Association and Key Management Protocol (ISAKMP) capabilities combined with a key distribution protocol (Oakley). This solution includes both a mechanism for negotiating security associations to achieve the degree of protection needed (enabling automated tunnel setup) and a mechanism for auto-mated secure distribution and refresh of strong cryptographic keys. Ac-cording to IBM, by supporting IPSec with ISAKMP/Oakley, IBM

(5)

eNetwork VPN security offerings will minimize manual configuration and thus provide a more robust, user-friendly, maintenance-free solution.

At the April 1998 IETF meeting, the IPSec Working Group agreed to advance all of the base IPSec documents to proposed standards. Having completed work on the base IPSec functions (authentication, encryption, integrity, key management, and security association management), the IPSec Working Group will now turn its attention to developing new pro-tocols to complement the base set. For example, it will consider ease-of-use issues such as VPN policy databases, extended authentication meth-ods for use with ISAKMP/Oakley, and interoperability across several cer-tificate authorities.

IPSec can also be used in conjunction with security protocols that may already exist in other layers of the communications stack. According to IBM, they also support the Secure Electronic Transaction (SET) protocol, Secure Sockets Layer (SSL), and a variety of other security technologies that can be incorporated into an IPSec-based VPN security solution. Ob-ject-layer security such as SET can be used to secure electronic payment transactions over the Internet, and SSL technology can be used to secure specific applications. However, independent of whether any application-level security such as SSL has been implemented, IPSec can provide an authenticated and encrypted tunnel that protects all IP traffic.

IPSec can also provide robust security in conjunction with other tun-neling protocols, such as the Layer 2 Tuntun-neling Protocol (L2TP) used in remote access dial-up configurations. L2TP, which is also an IETF stan-dard, has the capability of establishing dial-up connections from clients using the point-to-point protocol (PPP). In addition, L2TP can be used to carry multiprotocol traffic, such as NetBIOS. However, L2TP lacks strong security properties. When IPSec is used in conjunction with L2TP, cryp-tographically strong access control is provided. IPSec will provide au-thentication, integrity checking, and encryption for each packet transmitted. It also provides automated key management functions and can protect data all the way to the target server. According to IBM, its VPN customer security scenarios (IBM eNetwork VPN offerings) are de-signed to allow enterprises to easily construct solutions that meet its en-terprise needs. Consider three enen-terprise scenarios well-suited to the implementation of a VPN security solution:

• enterprise partner/supplier network • branch office connection network • remote access network

Enterprise Partner/Supplier Network

Industry-leading enterprises will be those that can communicate inex-pensively and securely with their enterprise partners, subsidiaries, and

(6)

vendors. Many enterprises have chosen to implement Frame Relay or purchase leased lines to achieve this interaction. But this is often expen-sive, and geographic reach may be limited. VPN security technology of-fers an alternative for enterprises to build a private and cost-effective extended enterprise network with worldwide coverage, exploiting the Internet or other public network.

Suppose one is a major parts supplier to a manufacturer. Because it is critical to have the specific parts and quantities at the exact time required by the manufacturing firm, one always needs to be aware of the manu-facturer’s inventory status and production schedules. If handling this in-teraction manually, and finding it to be time consuming, expensive, and maybe even inaccurate, perhaps there is an easier, faster, and more effec-tive way of communicating. However, given the confidentiality and time-sensitive nature of this information, the manufacturer does not want to publish this data on its enterprise Web page or distribute this information monthly via an external report.

To solve these problems, the parts supplier and manufacturer can im-plement an eNetwork secured VPN, as shown in Exhibit 2. A secured VPN can be built directly between a client workstation (in the parts supplier’s intranet) and the server residing in the manufacturer’s intranet. The clients can authenticate themselves either to the firewall protecting the manufac-turer’s intranet, directly to the manufacmanufac-turer’s server (validating that they are who they say they are), or to both, depending on the supplier’s secu-rity policy. Then, a tunnel could be established, encrypting all data pack-ets from the client, through the Internet, to the required server.

With the establishment of this secured VPN, the parts supplier can have global, online access to the manufacturer’s inventory plans and pro-duction schedule at all times during the day or night, minimizing manual errors and eliminating the need for additional resources for this commu-nication. In addition, the manufacturer can be assured that the data is se-curely and readily available to only the intended parts supplier(s).

According to IBM, one way to implement this scenario is for the en-terprises to purchase Internet access from an Internet service provider (ISP) (such as IBM Global Services, etc.). Then, given the lack of security of the Internet, either an IPSec-enabled firewall or a server with firewall functionality can be deployed as required to protect the intranets from intruders. If end-to-end protection is desired, then both the client and server machines need to be IPSec-enabled as well.

Through the implementation of this VPN security technology, the manufacturer would easily be able to extend the reach of its existing en-terprise intranet to include one or more parts suppliers — essentially building an extended enterprise network — while enjoying the cost-ef-fective benefits of using the Internet as its backbone. And, with the flex-ibility of open IPSec technology, the ability for this manufacturer to incorporate more external suppliers is limitless.

(7)
(8)

Yet, inherent in network expansion are concerns of manageability. Tools should be implemented to ensure that one’s network remains easy to maintain. Management functions to be included in eNetwork VPN se-curity solutions are: policy management, automated ISAKMP/Oakley key management capabilities (previously mentioned), certificate manage-ment, secure domain name server (DNS), and lightweight directory ac-cess protocol (LDAP) support. When implementing a VPN, a set of security configuration criteria must be established. Decisions such as which security algorithms are to be used by each IPSec-enabled box and when the keys are to be refreshed are all aspects of policy management. And, with respect to key technology, almost all of today’s currently pop-ular security protocols begin by using public key cryptography. Each user is assigned a unique public key. Certificates, in the form of digital signatures, validate the authenticity of one’s identity and one’s encryp-tion key. These certificates can be stored in a public key database, such as a secure DNS, that can be accessible via a simple protocol, such as the Lightweight Directory Access Protocol (LDAP).

An automated IP address management system is especially important for secured VPNs in order to assign and manage one’s network’s IP ad-dresses. Also, along the lines of managing IP addresses is the network address translation (NAT) (available today in IBM AIX Firewall). It allows one to use a globally unique (public) address on the Internet, while en-abling the use of private IP addresses within one’s own intranet.

Branch Office Connection Network

The branch office scenario, unlike the enterprise partner/supplier network scenario, securely connects two trusted intranets within an enterprise. This is a key difference, because the security focus is on both protecting the en-terprise’s intranet against external intruders and securing the enen-terprise’s data while it flows over the public Internet. This differs from the enterprise partner/supplier network, where the focus is on enabling the enterprise partners/suppliers access to data in the enterprise intranet.

For example, suppose an enterprise headquarters wants to minimize the costs incurred from communicating to and among its own branches. Today, the enterprise might use Frame Relay or leased lines, but wants to explore other options for transmitting its internal confidential data that will be less expensive, more secure, and globally accessible. By exploit-ing the Internet, branch office connection secured VPNs can easily be es-tablished to meet the enterprise’s needs.

As shown in Exhibit 3, one way to implement this VPN security con-nection between the enterprise headquarters and one of its branch offic-es is for the enterprise to purchase Internet accoffic-ess from an ISP (such as IBM Global Services). According to IBM, eNetwork firewalls, or routers with integrated firewall functionality, would be placed at the boundary

(9)
(10)

of each of the intranets to protect the enterprise traffic from Internet hackers. With this scenario, the clients and servers need not support IP-Sec technology because the IPIP-Sec-enabled firewalls (or routers) would be providing the necessary data packet authentication and encryption. With this approach, the inventory and pricing information would be hid-den from untrusted Internet users, with the firewall hid-denying access to po-tential attackers. And, as previously described in the secured VPN enterprise partner/supplier network scenario, eNetwork secured VPN management functions can also be used to manage the VPN branch of-fice connection network.

With the establishment of branch office connection secured VPNs, the enterprise headquarters will be able to communicate securely and cost-effectively with its branches, whether located locally or miles away. Through VPN security technology, each branch can also extend the reach of its existing intranet to incorporate the other branch intranets, building an extended, enterprisewide network. And, as in the enterprise partner/supplier network scenario, this enterprise can easily expand this newly created environment to include its enterprise partners, suppliers, and remote users — through the use of open IPSec technology.

Remote Access Network

A remote user, whether at home or on the road, wants to be able to com-municate securely and cost-effectively back to his or her enterprise intra-net. Although many still use expensive long-distance and toll-free telephone numbers, this cost can be greatly minimized by exploiting the Internet. For example, the user is at home or on the road, but needs a confidential file on a server within the intranet. By obtaining Internet ac-cess in the form of a dial-in connection to an ISP, the user can communi-cate with the server in the intranet and access the required file.

One way to implement this scenario is to use an eNetwork VPN IPSec-enabled remote client and firewall, as shown in Exhibit 4. The client ac-cesses the Internet via dial-up to an ISP, and then establishes an authen-ticated and encrypted tunnel between itself and the firewall at the intranet boundary. By applying IPSec authentication between the remote client and the firewall, one can protect the intranet from unwanted and possibly malicious IP packets. And by encrypting traffic that flows be-tween the remote host and the firewall, one can prevent outsiders from eavesdropping on the information. Once again, the previously described eNetwork VPN security management capabilities can also be utilized.

UNDERSTANDING MICROSOFT VPN SECURITY

Microsoft VPN uses proven Windows NT RAS security. Enterprises can ensure secure communication between remote users and the private net-work using Windows NT RAS encryption and authentication protocols.

(11)
(12)

Windows NT RAS supports password authentication protection (PAP), the more sophisticated Challenge Handshake Authentication Protocol (CHAP), a special Microsoft adaptation called MS-CHAP, as well as RSA RC4 and DES encryption technologies.

Authentication And Encryption

Client accounts are validated against the Windows NT 4.0 and Windows 2000 (formerly Windows NT 5.0) user database, and only those with val-id permissions are allowed to connect. The keys used to encrypt data are derived from user credentials, and are not transferred on the wire. When authentication is completed, the user’s identity is verified, and the au-thentication key is used for encryption. Windows 2000 uses 40-bit RC4 encryption. For the United States and Canada, Microsoft will provide an optional add-on pack for 128-bit encryption, which provides security so tight that exporting it elsewhere is prohibited today by U.S. law.

Understanding PPTP Security

PPTP extends the strict authentication and encryption security available to computers running RAS under Windows 2000 Server and Windows 2000 Workstation to PPTP clients on the Internet. PPTP can also protect the PPTP server and the VPN by ignoring all but PPTP traffic. Despite the strict security, it is very simple to use PPTP with existing firewalls. This section will help understand and plan the following:

• authentication and access control • data encryption

• PPTP packet filtering • using third-party firewalls

Authentication. Initial dial-in authentication may be required by an ISP network access server. If this authentication is required, it is strictly to log on to the ISP network access server. It is not related to Windows 2000-based authentication. Check with the ISP for its authentication require-ments. One applies these requirements in the Dial-Up Networking entry for that ISP.

On the other hand, if the Windows 2000 Server is configured as a PPTP server, it controls all access to the VPN. That is, the PPTP server is a gate-way to the VPN. The PPTP server requires a standard Windows 2000-based log-on. All PPTP clients must supply a user name and password. Therefore, remote access log-on using a computer running under Win-dows 2000 Server or WinWin-dows 2000 Workstation is as secure as logging on from a Windows 2000-based computer connected to the local LAN.

Authentication of remote PPTP clients is accomplished using the same PPP authentication methods used for any RAS client dialing directly to a

(13)

RAS server. Microsoft’s implementation of the Remote Access Service (RAS) supports the Challenge Handshake Authentication Protocol (CHAP), the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), and the Password Authentication Protocol (PAP) authentica-tion schemes.1

As with all user accounts, the user accounts of remote users reside in the Windows 2000 Server directory service and are administered through User Manager for Domains. This provides centralized administration that is integrated with the existing user accounts on the VPN. Only accounts that have been granted specific access to the network through a trusted domain are permitted. Careful user accounts management is necessary to reduce security risks.

Having a secure password model in place is critical to the successful deployment of PPTP because Internet connections are more susceptible to speed or demon dialer programs, which can literally crunch through thousands of password and username combinations. The only way to minimize this type of attack is to implement secure password policies. Passwords should be difficult to guess. For example, one can require passwords to contain upper case letters, lower case letters, numbers, and special characters. It is recommended that at least three different types of characters be required in order to ensure password uniqueness.

Access Control. After authentication, all access to a private LAN contin-ues to use the Windows 2000-based security model. Access to resources on NTFS drives, or to other network resources, requires the proper per-missions. It is recommended that the NTFS file system be used for file re-sources that are accessed by PPTP clients.

Data Encryption. For data encryption, PPTP uses the RAS shared-se-cret encryption process. It is referred to as a shared seshared-se-cret because both ends of the connection share the encryption key. In the Microsoft imple-mentation of RAS, the shared secret is the user password. Other encryp-tion methods base the encrypencryp-tion on some key available in public. This second method of encryption is known as public key encryption.

PPTP uses the PPP encryption and PPP compression schemes. The CCP (Compression Control Protocol) used by PPP is used to negotiate encryption.

The user name and password of the PPTP client is available to the PPTP server and supplied by the PPTP client. An encryption key is de-rived from the hashed password stored on both the client and server. The RSA RC4 standard is used to create this 40-bit session key, based on the client password. This key is used to encrypt all data that is passed over the Internet, keeping the remote connection private and secure.

The data in PPP packets is encrypted. The PPP packet containing a block of encrypted data is then encapsulated into a larger IP datagram for

(14)

routing over the Internet to the PPTP server. If an Internet hacker inter-cepted your IP datagram, he or she would find only media headers, IP headers, and then the PPP packet containing a block of encrypted data. It would be indecipherable.2

PPTP Packet Filtering. PPTP filtering is an important security feature. An administrator can decide to only allow PPTP-enabled users to connect to the enterprise network from the Internet. Filtering out non-PPTP pack-ets avoids the risk of somebody attacking the enterprise network through the PPTP gateway server.

Network security from malicious activity can be enhanced by enabling PPTP filtering on the PPTP server. When PPTP filtering is enabled, the PPTP server on the VPN accepts and routes only PPTP packets from au-thenticated users. This prevents all other packets from entering the PPTP server and the VPN. In conjunction with PPP encryption, this ensures that only authorized encrypted data enters or leaves the private LAN. PPTP filtering is enabled on the PPTP server using the Protocols tab in the Net-work option of Control Panel.

Using PPTP with Firewalls and Routers. PPTP traffic uses TCP port 1723, and IP protocol uses ID 47, as assigned by the Internet Assigned Numbers Authority (IANA). PPTP can be used with most firewalls and routers by enabling traffic destined for port 1723 to be routed through the firewall or router.

Firewalls ensure enterprise network security by strictly regulating data that comes into the VPN from the Internet. An enterprise can deploy a PPTP server running Windows 2000 Server behind its firewall. The PPTP server accepts PPTP packets passed to the VPN from the firewall and ex-tracts the PPP packet from the IP datagram, decrypts the packet, and for-wards the packet to the computer on the VPN.

Front-End Processors

PPTP is designed to allow front-end processors (FEPs) to be connected with Windows 2000 servers, so clients that call into the FEP have trans-parent access to the server’s network. This means the client will not no-tice whether it is going straight to the server, or to an FEP that is tunneling through the server. According to Microsoft, because its secure VPN provides transparent access to a PPP client, it can work with UNIX, Win 16, MS-DOS®, Macintosh, and other clients.

FEPs can be operated by telephone companies because FEPs do not allow access to the data exchange between the client and the server. The FEP is just a pass-through that lacks the intelligence to evaluate the infor-mation passing through it. From a security standpoint, this means an en-terprise will not lose control of who gets access to its network. Data

(15)

privacy is maintained. This is very important for enterprises that out-source dial-up access because they need their data to be secure.

Another important point is to keep control of who has access to the server on the server itself, rather than on the FEP. The server authenti-cates the clients calling in; the FEP only looks at the callers identity and establishes the tunnel to the server. Because the FEP has a passive role, security is tight.

Advanced VPN Security Features

Because the Internet facilitates the creation of VPNs from anywhere, net-works need strong security features to prevent unwelcome access to pri-vate networks and to protect pripri-vate data as it traverses the public network. User authentication and data encryption have already been dis-cussed. This final part of the article provides a brief look ahead to the stronger authentication and encryption capabilities that will be available with EAP and IPSec. One can begin with an overview of public key en-cryption and public key-based certificates because these will play a role in the new EAP and IPSec security features now in development by Mi-crosoft and other software suppliers.

Symmetric Encryption vs. Asymmetric Encryption (Private Key vs. Public Key). Symmetric, or private key, encryption (also known as con-ventional encryption) is based on a secret key that is shared by both communicating parties. The sending party uses the secret key as part of the mathematical operation to encrypt (or encipher) plaintext to cipher-text. The receiving party uses the same secret key to decrypt (or deci-pher) the ciphertext to plaintext. Examples of symmetric encryption schemes are the RSA RC4 algorithm (which provides the basis for Mi-crosoft Point-to-Point Encryption (MPPE), Data Encryption Standard (DES), the International Data Encryption Algorithm (IDEA), and the Skip-jack encryption technology proposed by the U.S. government (and im-plemented in the Clipper chip).

Asymmetric or public key encryption uses two different keys for each user: one is a private key known only to one user; the other is a corre-sponding public key, which is accessible to anyone. The private and public keys are mathematically related by the encryption algorithm. One key is used for encryption and the other for decryption, depending on the nature of the communication service being implemented.

In addition, public key encryption technologies allow digital signa-tures to be placed on messages. A digital signature uses the sender’s pri-vate key to encrypt some portion of the message. When the message is received, the receiver uses the sender’s public key to decipher the digital signature as a way to verify the sender’s identity.

(16)

Certificates. With symmetric encryption, both sender and receiver have a shared secret key. The distribution of the secret key must occur (with adequate protection) prior to any encrypted communication. However, with asymmetric encryption, the sender uses a private key to encrypt or digitally sign messages, while the receiver uses a public key to decipher these messages. The public key can be freely distributed to anyone who needs to receive the encrypted or digitally signed messages. The sender needs to carefully protect the private key only.

To secure the integrity of the public key, the public key is published with a certificate. A certificate (or public key certificate) is a data structure that is digitally signed by a certificate authority (CA) — an authority that users of the certificate can trust. The certificate contains a series of val-ues, such as the certificate name and usage, information identifying the owner of the public key, the public key itself, an expiration date, and the name of the CA. The CA uses its private key to sign the certificate. If the receiver knows the public key of the CA, the receiver can verify that the certificate is indeed from the trusted CA, and therefore contains reliable information and a valid public key. Certificates can be distributed elec-tronically (via Web access or e-mail), on smart cards, or on floppy disks. Therefore, public key certificates provide a convenient, reliable meth-od for verifying the identity of a sender. IPSec can optionally use this method for end-to-end authentication. Remote access servers can use public key certificates for user authentication, as described next.

Extensible Authentication Protocol (EAP). As stated pre v i o u s l y , most implementations of PPP provide very limited authentication methods. EAP is an IETF-proposed extension to PPP that allows for arbitrary authentication mechanisms to be employed for the valida-tion of a PPP connecvalida-tion. EAP was designed to allow the dynamic addition of authentication plug-in modules at both the client and server ends of a connection.

This allows vendors to supply a new authentication scheme at any time. EAP provides the highest flexibility in authentication uniqueness and variation. EAP is also implemented in Windows 2000.

Transaction-Level Security (EAP-TLS). EAP-TLS has been submitted to the IETF as a draft proposal for a strong authentication method based on public key certificates. With EAP-TLS, a client presents a user certifi-cate to the dial-in server, while at the same time, the server presents a server certificate to the client. The first provides strong user authentica-tion to the server; the second provides assurance that the user has reached the server he or she expected. Both systems rely on a chain of trusted authorities to verify the validity of the offered certificate.

The user’s certificate could be stored on the dial-up client PC, or stored in an external smart card. In either case, the certificate cannot be

(17)

accessed without some form of user identification (PIN number or name/password exchange) between the user and the client PC. This ap-proach meets the something-you-know-plus-something-you-have criteria recommended by most security experts.

EAP-TLS is the specific EAP method that will be implemented in Win-dows 2000. Like MS-CHAP, EAP-TLS will return an encryption key to en-able subsequent data encryption by MPPE.

IP Security (IPSec). Internet Protocol Security (IPSec) was designed by the IETF as an end-to-end mechanism for ensuring data security in IP-based communications. IPSec has been defined in a series of RFCs, nota-bly RFCs 1825, 1826, and 1827, which define the overall architecture, an authentication header for verifying data integrity, and an encapsulation security payload (ESP) for both data integrity and data encryption.

IPSec defines two functions that ensure confidentiality: data encryp-tion and data integrity. As defined by the Internet Engineering Task Force, IPSec uses an authentication header (AH) to provide source au-thentication and integrity without encryption, and the encapsulated secu-rity payload (ESP) to provide authentication and integsecu-rity along with encryption. With IPSec, only the sender and recipient know the security key. If the authentication data is valid, the recipient knows that the com-munication came from the sender, and that it was not changed in transit. IPSec can be envisioned as a layer below the TCP/IP stack. This layer is controlled by a security policy on each machine and a negotiated se-curity association between the sender and receiver. The policy consists of a set of filters and associated security behaviors. If a packet’s IP ad-dress, protocol, and port number matche a filter, then the packet is sub-ject to the associated security behavior.

Negotiated Security Association. The first such packet triggers a ne-gotiation of a security association between the sender and receiver. ISAK-MP/Oakley is the standard protocol for this negotiation. During an ISAKMP/Oakley exchange, the two machines agree on authentication and data security methods, perform mutual authentication, and then gen-erate a shared key for subsequent data encryption.

After the security association has been established, data transmission can proceed for each machine applying data security treatment to the packets that it transmits to the remote receiver. The treatment can simply ensure the integrity of the transmitted data, or it can encrypt it as well. These options are discussed next.

Authentication Header. Data integrity and data authentication for IP payloads can be provided by an authentication header located between the IP header and the transport header. The authentication header in-cludes authentication data and a sequence number, which together are

(18)

used to verify the sender, ensure that the message has not been modified in transit, and prevent a replay attack.

The IPSec authentication header provides no data encryption. Clear text messages can be sent and the authentication header ensures that they originated from a specific user and were not modified in transit.

Encapsulation Security Header. For both data confidentiality and protection from third-party capture, the encapsulation security payload (ESP) provides a mechanism to encrypt the IP payload. ESP also provides data authentication and data integrity services. Therefore, ESP headers are an alternative to AH headers in IPSec packets.

CONCLUSION AND SUMMARY

A primary concern must be whether the public Internet can possibly be secure enough to carry enterprise-sensitive information. The answer lies not in the network itself, but in the measures taken to secure information both at the boundaries of the enterprise and in transit across the Internet. There is a wide range of affordable security technologies that can pro-tect the enterprise’s need for privacy and access control — while exploit-ing all the benefits of speed and global reach each offered by the worldwide network. Encryption products ensure privacy; authentication devices and techniques can prove user identities; and, there is a vast ar-ray of firewall products to give the customer detailed access control.

With a wide range of affordable security technologies on the market, an Internet VPN is certainly an attainable goal. Encryption products en-sure privacy. Authentication devices and techniques can prove user iden-tities. And there is a vast array of firewall products to give the customer detailed access control.

Suppliers know that to get the enterprise community on to the Inter-net, security is an absolute priority. Conventional private WANs have at-tracted much less scrutiny than Internet-based solutions — and still tend to use insecure address-based authentication and access control for re-stricting user activity. With carefully designed architecture, Internet VPNs can be made as secure as traditional WAN implementations. And, one must not forget that the most security breaches come from inside an en-terprise’s own perimeters.

This article has covered, in depth, the concepts behind the definition and the implementation of a secure VPN and described the value of IBM eNetwork VPN security solutions based on IPSec. However, given the multitude of network environments and enterprise needs, all scenarios are beyond the scope of this article. It is quite possible, for example, that an enterprise may require elements of all three VPN security scenarios described. For instance, what if one needs to run multiple VPNs — one for the enterprise’s internal communications (the branch office

(19)

connec-tion scenario) and another for the external enterprise communicaconnec-tions (the enterprise partner/supplier network scenario)? Or, what if one wants to incorporate remote users into the supplier network? Or, what if one is a smaller enterprise and needs only a small firewall to protect employees from Internet hackers? Or, when might one require secure VPN-enabled routers in the network?

These are all complex questions that should be discussed with expe-rienced networking and security experts. According to IBM, the eNet-work VPN security solutions provide capabilities that can link IT assets with Web technology to build secure E-enterprise (electronic enterprise) solutions. With the implementation of an eNetwork VPN security solu-tion, one should be able to cost-effectively extend the reach of the net-work, the applications, and the data. One can easily incorporate enterprise partners and suppliers, remote branch offices, and remote us-ers — enabling improved communication and enhanced enterprise pro-cesses. One can reduce enterprise expenses, both by exploiting the Internet or other public networks (instead of expensive private leased lines, dial-up lines, or toll-free telephone numbers) and by using VPN se-curity management capabilities to minimize VPN maintenance costs.

On the other hand, Microsoft’s Virtual Private Network (VPN) security technology is based on the industry-standard Point-to-Point Tunneling Protocol (PPTP). It allows users to achieve secure connectivity between remote clients and the VPN via the Internet or other public carriers. Ac-cording to Microsoft, their VPN security provides enterprises with an eco-nomical and easy-to-implement strategy for securely using the Internet as an extension of their private network. The security, reliability, ease of use, and speed of PPTP-enabled Windows 2000 Servers, combined with the DNS infrastructure, provides significantly enhanced enterprise-to-en-terprise communications across the Internet.

The movement to the open PPTP protocol standard signals an oppor-tunity for remote access system vendors, ISPs, and firewall vendors to provide great value-added benefits for their customers. PPTP-enabled systems can be deployed now with the confidence that will ensure com-patibility with the PPTP standard as it evolves through the IETF and into the future.

Clearly, the future of VPN security activity must take account of these exciting developments. As Internet technology emerges, so does the compelling case for Internet-based VPN security. And, that is what this article is all about.

John Vacca is an information technology consultant and internationally known author based in Pomeroy, OH. Since 1982, John has authored 27 books and more than 330 articles in the areas of Internet and intranet security, programming, systems development, rapid application development, multimedia, and the Internet. John was also

(20)

a configuration management specialist, computer specialist, and the computer security official for the NASA space station program (Freedom) and the International Space Station Program, from 1988 until his early retire-ment from NASA in 1995. His most recent books include Internet Security Secrets (IDG Books/Published Date: 1-96/Translations: Russian, German, Spanish and French); VRML: Bringing Virtual Reality to the Internet (AP Pro-fessional/Published Date: 4-96/Translations: German); JavaScript Development: Bringing Development and Customization to Intranets and the Internet (AP Professional/Published Date: 11-96/Translations: German); Of-ficial Netscape LiveWire Pro Book (Ventana/Published Date: 3-97); Intranet Security (Charles River Media/Pub-lished Date: 8-97/Translations: Russian); VRML Clearly Explained, 2nd edition (AP Professional/Published date 1-17-97); The Cabling Handbook, (Prentice Hall/Publication date: 9-98); and, MCSE: Implementing and Sup-porting Microsoft Systems Management Server 2.0 (Prentice Hall/Publication date: 2-99). John can be reached on the Internet at [email protected].

Notes

1. MS-CHAP authentication supports the MD4 hash as well as the earlier authentication scheme used in Mi-crosoft LAN Manager.

2. Users in the United States and Canada can obtain a 128-bit session key through a cryptography pack for use inside the United States.

References

Download now ( PDF - 20 Page - 133.77 KB )

Related documents

Doro PhoneEasy 632. English

Select Reset all to delete phone settings and content such as con- tacts, number lists and messages (SIM memory is not affected)!. Enter the phone code and press OK

Mining Advertiser-specific User Behavior Using Adfactors

The figure was constructed using the data from the “Backward Markov” model, in which every user query is represented by multiple nodes in the graph, depending on its distance from

North Atlantic and Rio Tinto Joint Venture Potash Project in Saskatchewan, Canada. Resource Summary

The summary resource report prepared by North Atlantic is based on a 43-101 Compliant Resource Report prepared by M. Holter, Consulting Professional Engineer,

GM Is Still Writing Its Social CRM

LEFT: Jim Moloney, general director of customer assistance and relationship services (CARS), stands alongside advisors in the GM Social Media Command Center.. RIGHT: Alicia

The Social Media Glossary

Online community: A group of people using social media tools and sites on the Internet OpenID: Is a single sign-on system that allows Internet users to log on to many different.

LOUISIANA MADE INCORRECT MEDICAID ELECTRONIC HEALTH RECORD INCENTIVE PAYMENTS

These errors occurred because (1) State agency instructions on the hospital incentive payment and patient-volume calculations were incorrect or lacked needed information, (2)

Planning Grant for Healthcare and Public Health Sector Cybersecurity Information Sharing

All of the proposed costs listed, whether supported by Federal funds or non-Federal match, must be reasonable, necessary to accomplish project objectives, allowable in accordance

Chorionic thickness and PlGF concentrations as early predictors of small-for-gestational age birth weight in a low risk population

A statistically significant negative correlation was dem- onstrated in the study cohort between the maternal serum PIGF levels, foetal heart rate (FHR), birth weight and length,