Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Document

advertisement 
Access Control and Site
Security (Part 1)
Thursday 1/17/2008)
© Abdou Illia – Spring 2008
Learning Objectives
 Understand Main Security Goals
 Discuss Resources’ Access Control
 Discuss Password-Based Access Control
2
Security Goals
Break-in and Dialog attacks:
Security Goal

If eavesdropping, message alteration attacks are
successful, in which of the following ways the
victims could be affected?
a) Data files stored on hard drives might be deleted
b) Data files stored on hard drives might be altered
c) Corporate trade secret could be stolen
d) Competitors might get the victim company’s licensed info
e) Users might not be able to get network services for a
certain period of time
f)
The network might slow down
Confidentiality = Main goal in implementing defense
systems against eavesdropping and message alteration.
4
Malware attacks: Security Goal

If virus attacks are successful, in which of the
following ways the victims could be affected?
a)
Data files stored on hard drives might be deleted
b)
Data files stored on hard drives might be altered
c)
Corporate trade secret could be stolen
d)
Competitors might get the victim company’s licensed info
e)
Users might not be able to get network services for a
certain period of time
f)
The network might slow down
Integrity = Main goal of implementing defense systems
against malware attacks.
5
DoS attack: Security Goal

If a DoS attack is successful, in which of the
following ways the victims could be affected?
a)
Data files stored on hard drives might be deleted
b)
Data files stored on hard drives might be altered
c)
Corporate trade secret could be stolen
d)
Competitors might get the victim company’s licensed info
e)
Users might not be able to get network services for a
certain period of time
f)
The network might slow down
Availability = Main goal of implementing defense
systems against DoS attacks.
6
Security Goals
 Three main security goals:
Confidentiality of communications and
proprietary information
Integrity of corporate data
Availability of network services and
resources
CIA
7
Resources Access Control
Opening Question
 Which of the following action might be taken
in order to strengthen the confidentiality of
companies’ proprietary information?
a) Prevent employees from accessing files not needed
in their job
b) Limit the number of computers each employee could
use for logging onto the network
c) Encrypt any communications involving passwords
d) All of the above
9
What is Access Control?
 Access control is the policy-driven limitation
of access to systems, data, and dialogs
 Access control prevents attackers from
gaining access to systems’ resources, and
stopping them if they do
10
Managing Access Control: Steps
1)
Enumeration of (sensitive) resources

2)
Determination of sensitivity level for each resource

3)
E.g. HR databases, servers with trade secrets
E.g. mission-critical vs. non mission-critical
Determination of “Who should have access?”

Role-Based Access Control (RBAC):


Determine the roles (or categories) of users. Example: IT
employees, HR employees, Salesmen, etc.
List-Based Access Control (LBAC):

System administrator could in some case create lists of
employees (not based on roles) for general-purpose resources
11
Managing Access Control: Steps (cont.)
4) Determination of “What access rights should users have?”

For each Role-Resource and/or List-Resource:
Allow Deny
See
Browse/Read
Read/Modify
Delete
…
…
Full Control
5) Implementing Access Control

Use OS and other tools to configure access control




Mandatory Access Control: Administrator’s settings apply
Discretionary Access Control: owner of resource could share & set access rights
Harden the host computers: patches, firewalls, etc.
Perform security audits to test access control effectiveness
12
Managing Access Control: Steps (cont.)
6)
Determine/implement general access policies

Enumerate policies for each category of sensitive
resources. Examples:

Printers availability: M-F, 6:00 AM-8:00 PM

Server computers: only administrators and server
operators could logon locally

Remote Access servers: Callback enabled

Implement policies

Perform security audits to test policies effectiveness

Audit by internal employees

Audit by security firm
13
Password-Based Access
Control
Types of account/password
 Super account
 User can take any action on any resource
 Called Administrator (Windows), Supervisor
(Netware), root (UNIX)
 Hacking the super account = ultimate prize for
attackers
 Regular account
 Limited access based on setting by the admin
 Could gain super account status by elevating
the privileges.
15
Reusable Passwords
 Used to repeatedly to get access to a
resource on multiple occasions
 Bad because attacker could have time to
crack it
 Difficult to crack by guessing remotely

Usually cut off after a few attempts

However, if can steal the password file, can
crack passwords at leisure
16
Password Cracking
 With physical access or with password file in hand,
attacker can use password cracking programs
Program
Windows
L0phtcrack (now LC5)
√
Ophcrack
√
John The Ripper
√
√
RainbowCrack (uses lookup tables and hash functions)
√
√
√
Crack
Cain & Abel
Linux
√
 Programs usually come with "dictionaries" with
thousands or even millions of entries of several kinds
 Programs use brute-force cracking method
 Used by network admins to locate users with weak
password, and by attackers.
17
Brute-force password cracking
 Dictionary cracking vs. hybrid cracking
 Try all possible character combinations
 Longer passwords take longer to crack
 Combining types of characters makes cracking
harder
 Alphabetic,
no case (26 possibilities)
 Alphabetic, case (52)
 Alphanumeric (letters and numbers) (62)
 All keyboard characters (~80)
18
Figure 2-3: Password Length
Password
Length In
Characters
Alphabetic,
No
Case (N=26)
Alphabetic,
Case
(N=52)
Alphanumeric:
Letters &
Digits (N=62)
All Keyboard
Characters
(N=~80)
1
26
52
62
80
2 (N2)
676
2,704
3,844
6,400
4 (N4)
456,976
7,311,616
14,776,336
40,960,000
6
308,915,776
19,770,609,664
56,800,235,584
2.62144E+11
8
2.08827E+11
5.34597E+13
2.1834E+14
1.67772E+15
10
1.41167E+14
1.44555E+17
8.39299E+17
1.07374E+19
Q: Your password policy is: (a) the password must be 6 character long, (b) the password should
include only decimal digits and lower case alphabetic characters. What is the maximum number of
passwords the attacker would try in order to crack a password in your system?
19
Dictionary and Hybrid cracking

Dictionary cracking1




Try common words (“password”, “ouch,” etc.)
There are only a few thousand of these
Cracked very rapidly
Hybrid cracking2


Used when dictionary cracking fails
Common word with one or few digits at end, etc.
1
Also called dictionary attack
2 Also called to as hybrid attack
20
Password Policies
 Good passwords

At least 6 characters long

Change of case not at beginning

Digit (0 through 9) not at end

Other keyboard characters not at end

Example: triV6#ial
21
Password Policies (cont)
 Shared passwords

Not a good policy

Remove ability to learn who took actions; loses
accountability

Usually is not changed often or at all because of
need to inform all sharers
22
Questions
Q.1. ABC Inc. has a network with three users. The users have the following
usernames: aillia, jwillems, vhampton. A shared-password policy implemented by
the network administrator allowed the users to logon with the password abc123.
Last night someone committed an attack stealing sensitive corporate information
after elevating the privileges associated to the account they used to logon. Which
of the following is true? (Choose all that apply)
a)
b)
c)
d)
the audit log file could be checked to determine at what time the attacker logged in
the audit log file could be checked to determine which user account was used in
committing the attack
the audit log file could be checked to determine who committed the attack
all of the above.
Q.2. If your answer to Q.1 above indicates that at least one of the statements is not
true, explain why.
________________________________________________________________
________________________________________________________________
________________________________________________________________
23
Password Policies (cont)
 Disabling passwords that are no longer valid

As soon as an employee leaves the firm, etc.

As soon as contractors, consultants leave

In many firms, a large percentage of all accounts
are for people no longer with the firm
24
Password Policies (cont)
 Lost passwords

Password resets: Help desk gives new password
for the account

Opportunities for social engineering attacks

Leave changed password on answering machine
25
Reading Questions (Part 1)
 Answer Chapter 2 Reading Questions
(Part 1) posted to the course web site.
26
Summary Questions
 What are the three main security goals?
 What security goal is jeopardized by a successful





eavesdropping attack?
What is the difference between Role Based Access
Control and List Based Access Control?
What is the difference between Mandatory Access
Control and Discretionary Access Control?
What is a super account?
What is the difference between dictionary cracking
and hybrid cracking?
What is a shared password? Do you recommend
shared passwords? Why?
27
Related documents
How to start Whitepins - AMAS-Team
How to start Whitepins - AMAS-Team
Slide 1
Slide 1
TPR O-chem Chapter 2
TPR O-chem Chapter 2
Download
advertisement