Chapter 4
Logistic Security Approaches
 Logistic approaches are based on
management techniques to provide the
security measurements
 Typical approaches:







password,
Key management protocols,
access control,
convert channel,
composing security,
privileges and roles,
security kernel
4.1 Passwords
 Is the only explicit protection used to
authenticate identity for access to a
computer system
 most common techniques are:



user generated password
computer generated password
tunable password
4.1.1 User Generated Password
 Created by user for his own use
 selected passwords are normally pleasant or
enjoyable images of their mind
 require no writing down of passwords more safe
 but is quite easy to guess
 can be cracked by electronic search because
high percentage are words in Dictionary
Example from Internet Attack 1988
with passwords start with ‘a’
Aaa
Anything
Airplane Arrow
Andromache
Aerobics
Anvils
Amorphous
Albatross
Ariadne
Albert
Atmosphere Aria
Alexander Athen
Ama
Academia
Arthur
Alphabet
Azure
Anchor
Albany
aztecs
animals
analog
answer
Aliases
Obvious Personal Attributes
 Spouse’s name, children’s name, pet name,
birthday
 license plate number, telephone number
 initials
 year of marriage
 female surname or name (are sufficient to
get into various account in Bell Labs)
Keyboard Patterns






Ghghgh
bbbbb
123-09
qwppo
1qaz
etc
Re-used passwords
 Normal users with access to various
systems will maintain the same password
pattern
 if attacker crack a password in a less
secured environment, this password may be
used to crack some more secured system
4.1.2 Computer Generated
Password




Created by computer to be less predictable
poor password can be removed from system
normal a choice of password is provided
to prevent possible attack, password aging
technique is used, that is new password is
generated periodically
 disadvantage: difficult to remember
4.1.3 Tunable Password
 Compromise approach for user and computer
generated password
 allows system administrator to provide users
with part of a password
 user can use this to construct a new password
according to specified rules
 Example: computer generated w5G and user
can provide prawn5GRAND or why55_Go60
 advanatge: of both user and CG password
4.1.4 Dynamic Password
 Similar to tunable password
 the CG password part is generated by
computer and a tag (portable device) and
user part is the same
 require synchronization of Password
Generation
 Advantage: prevent tapping the static
password via the network
4.1.5 Password Cracking
 Critical consideration for selecting
password protection scheme should be more
difficult for a determined attacker in
cracking the password with automatic
assistance
 present state of computer (3-400 MIPS) is
capable of cracking 4-char length of 128
character sets of ASCII data in few seconds.
4.1.6 Password Encryption
 Required if the attacker can simply steal the
stored password
 use of encryption will help reducing the
chance of being cracked
 can be attacked by using encrypted
password as entry for electronic search
instead of the raw password extracted from
dictionary
4.1.7 Password salt
 Technique is based on adjusting the
password by adding some random
characters before encryption takes place
 this technique can confuse electronic
search because a similar tunable password
is applied
 Example : scrap is modified to scrap7^ for
encryption
4.1.8 Example: Unix Password
Management
 Allow user to define their password
 password is stored in file called etc/passwd
 the data stored are encrypted version with
loging name and administrative information
 Example:
root:vBbddfRT56x34,M.y8:0:0:admin:/:/bin/sh
4.2 Key Management Protocol
 Computer system requires to communicate
remotely to other systems via
communications network
 it may not be useful to type in password or
use a smart card
 approaches are developed to identifying and
authenticating the systems
 techniques are called key management
protocols
4.2.1 Attacks to Remote
Communications
 The most popular attacks are:



disclosure to unauthorized listener
receipt of message from a masquerading sender
corruption or blocking of sent messages
Disclosure to Unauthorized Listener
 When messages are passed by sending entity
along some communications medium to a remote
receiving entity, the possible emerges that a third
malicious entity (an intruder) could read these
messages by simply observing and interpreting the
data traveling along the medium
sender
messages
receiver
“observe”
intruder
 Attacks require that the intruder has the ability to
decipher the information being transmitted along
the tapped medium
 As a result, encryption will provide a useful means
for mitigating the effect of this type of attack
 Key management protocols will ensure such an
attack cannot occur by encrypting messages with
keys that are only known by the appropriately
authorized entities
Receipt of Message from
Masquerading Sender
 Some sending entity masquerading as another sender
results bad messages were sent from an intruder
sender
receiver
Bad messages
intruder
 avoided by providing a mean for senders to uniquely
identify themselves when messages are sent
Corruption or blocking of sent
messages
 This attack involves a message sent by a
sender being corrupted or blocked by an
intruder
sender
Good
messages
receiver
Bad messages
intruder
 difficult to encounter, possible to use check
sum
4.2.2 Private Key Protocol
 A private key protocol involves a single key
that is known by two entities who wish to
communicate
 Advantages: provides solution for disclosure
protection and authentication and work well
with DES
 Disadvantages: entity needs to maintain a
separate key for each remote entity and key
distribution can be a problem too
Send
Message
M
[M]k
Compute
[M]k
Compute
[[M]k]k]
Sender
Private Key Protocol
Receive
message
M
Receiver
4.2.3 Public Key Protocol
 A public key protocol involves a key pair,
i.e the secret and public keys, that are held
separately by two entities who wish to
communicate
 Advantages: allow system communications
without the need for the storage and
maintenance of many private keys
 Disadvantages: more complex and
computational intensive
Send
Message
M
[[M]SB] PA
Compute
[[M]SB] PA
Compute
[[[[M]SB] PA]SA]PB]
Sender(B)
Receive
message
M
Receiver(A)
Public Key Protocol
SA,PA = Secret and Public keys of A
SB,PB = Secret and Public keys of B
4.2.4 Example: Secure
Terminal/Host Communication
 System consists of a host that communicates
with a collection of terminals in a manner that
uses key managed encryption protocols to
ensure secrecy of all information passed
 The host maintains a collection of session
keys that dynamically generated for each
communication session with a terminal and a
collection of terminal keys that are fixed for
the set of terminals
 Each terminal has its fixed terminal keys
 The host maintains a cryptographic facility
that contains master keys to encrypt and
decrypt terminal and session keys
 Each terminal maintains its own
cryptographic facility
 Notation:


Ek(cleartext) is cleartext encrypted using key K
and
Dk is ciphertext decrypted using key K
Silent characteristics
 The terminal communicate directly with the
host and a new session key is generated for
each communication session
 Since the host and each terminal contain the
terminal key, it is used in private key
protocol to distribute the session key. Both
the host and terminal can encrypt and
decrypt the terminal key using the master
terminal key or the specific terminal key at
each terminal. Each session is established.
 Each time a new session is established, the
host updates its session key table with a new
encrypted entry Emsk(new session key) where
msk is the secret master key for session keys
 communication between host and terminal can
thus follow a simple key managed protocol
using the session key, where messages sent
from the host to a terminal i would be of the
form Eski(message) [where ski is the session
key for i] and messages received from a
terminal i would be deciphered by computing
Dski(message)
Step 6:
recover message
Dski(Eski(Mih))
Step 4:
Dmsk(Emsk(ski))
or
Dtki(Etki(ski))
Step 1: transmission of
msk or Tki via secure means
Host
hold: msk, Tk’s and sk’s
Terminal i
Tki or msk
generate
Step 2:
Session key
Step 6:
recover message
Dski(Eski(Mhi))
Step 3:
Emsk(ski)
or
ETki(ski)
Eski(Mhi)
Eski(Mih)
Step 5:
Message M
Secure Terminal/Host Communications
(Repeat steps 2 to 6 for new transmission)
4.2.5 RSA Implementation
 Select two large prime numbers p and q
each about 100 digits long
 compute n = pq and =(p-1)(q-1)
 chosse an integer E between 3 and  which
has no common factors with 
 select an integer D, such that DE mod  =1
 Make E and n public and keep p,q,D and 
secret
Example:
 P = 5 and q = 7
 n = 35 and = 24 choose E = 11 since 3 <
7<24 and HCF(7, 24) = 1
 select D = 7 where 7x7 =49 and 49 mod 24
=1
 Let the message = 3, C = 37 mod 35 =2187
mod 35 = 17
 P = 177mod 35 = 410338673 mod 35 = 3
4.2.6 Arbitrated Protocols with
Third Party
 An alternative for point to point key
management protocols between senders and
receivers is an arbitrated protocol that utilizes
a third party to ensure authentication between
communication entities
 Two possible schemes


arbitrated routing protocol
arbitrated communication establishment protocol
Arbitrated Routing Protocol
 This scheme requires that the routing not
introduce any security problem such as
routing a secret message through a party
that should not have access to such
information
 example: message is passed to a router and
user associated with that router have access
to the message
Arbitrated Communication
Establishment Protocol
 This involves the third party arbiter
establishing authentication between the
senders and receivers so that
communication can proceed without
continued involvement of the arbiter
 this scheme often involves the creation of
tickets by the arbitrator that allows for
subsequent secure communication
Arbitrator
A
Message to C
from A
Routed message
to C from A
B
C
Arbitrated Routing Protocol
Arbitrator
(1) request
communications
from C
A
B
(2) establish
communications
(3) communications
between A and C
Arbitrated Communications
Establishment Protocol
C
4.2.7 Key Distribution
 Key distribution is a key issue for the
establishing of a secured key management
protocol
 Key distribution is normally achieved via a
Key Distribution Centre (KDC) via a secure
channel
Sender
Encrypted
Message
Receiver
key
key
KDC
Secured channel
normal channel
Centralized Key Distributor
4.2.8 Digital Signatures
 Public Key Protocol is applied to “digital
signatures”
 Digital Signature is useful for direct
communication or
 as a third party authenticating systems
 DS can be included as part of the message
protocol for identity purpose
Concept
 Step 1: Sender A transmits the digitally signed
message (H, M, [Checksum(M)]SA) to B
where H is the ID, M is the message and
[Checksum(M)]SA is encrypted checksum
 Step 2: Receiver computes the checksum and
compared with the decrypted “encrypted
checksum” [[Checksum(M)]SA ]PA
 if both checksum are equal, the sender must be
H and no message was corrupted during
delivery
4.3 Access Control
 Access control provide a degree of
protection from malicious attacks
 it is defined as comprising those mechanisms
that enforce mediation on subject requests
for access to objects as specified in the
security policy
 Two main types of access control:


discretionary access control (DAC)
mandatory access control (MAC)
4.3.1 Discretionary Access
Control
 A DAC mechanism is defined as comprising
those procedures and mechanisms that enforce
the specified mediation at the discretion of
individual users
 This provide users with flexibility to protect
their files and resources by setting DAC
parameters as they see fit
 However DAC parameters are easily changed
and thus subject to Trojan Horse attack
4.3.2 Mandatory Access Control
 MAC is defined as comprising those procedure
and mechanisms that enforce the specified
mediation, not at the discretion of individual
users but by the system administration
 Restriction imposed make it easier to establish
an enforceable security policy
 Do not allow users to change access control
parameters and thus helps to reduce Trojan
Horse attacks
4.3.3 Access Matrices and
permission mechanism
 Access matrices are used to define the
access rights of the corresponding subjects
(people) to the corresponding objects
(resources)
Subjects
S1
.
.
.
SN
Access
Right
O1
02
…
Objects
OM
 Permission Mechanisms:




e.g. owner/group/other in UNIX
(rwx) (rwx) (rwx) all groups with
read/write/execute permission
(r-x) (r-x) (r-x) all groups with read/execute
permission only
special program setuid (set user identification)
allows user to perform some task for which
they would normally not have proper
authorization
4.3.4 ACL and Capability
Mechanism
 Another ways is by use of access control list
(ACL)
 Example:Subjects X,Y, Z and objects A,B,C
X: A,B
Y:A
Z:A,B,C
 Capacities are represented conceptually as the
reverse of ACLs about the specific access
4.3.5 Examples - MAC Implementation
user
Invocation
of command
Open(a,b)
Underlying open
routine sequence
System
call
interface
Operation
disallowed and
sequence completes
Call to MAC
routine
Operation allowed
and sequence
completes
MAC routine
4.3.6 Attacks Countered by
Access Control
 Attacks:


Malicious attempts to attack certain resources
inadvertent requests that could cause harm to
resources on the system
 MAC provides a more effective means for
countering such attacks
4.4 Covert Channel
 A covert channel is defined as existing
whenever some computer system mechanism is
used in an unexpected manner to provide a
means by which information can flow to an
unauthorized individual
 A perfect channel is defined as having a sender,
a receiver and a perfect communication path
that passes message between the two entities.
Overt channel
Sender
Overt Information
flow mechanism
receiver
Mechanisms Not
Intended for
Information Flow
Covert Channel
Overt and Covert Channels
4.4.1 Covert Storage Channel
 One type of covert channel exists is called
covert storage channel.
 In covert storage channel, information are
passed unexpected and unauthorized manner
from a high (secure) user to a low (secure) user
 Example: ls commands in UNIX
where low user can find out the name of the high user
files and initial some attacks..
It can be avoided by hiding the filenames to low
user
4.4.2 Covert Timing Channels
 Another is called a covert timing channel where
some resources are shared between both high
and low users
 Normally, a monitor program such as
cpu_monitor is used to monitor the access
control, auditing and authentication of the
resources of both types of users.
 Attacker (low user) may remove the
cpu_monitor program or introduce some noise
in confusing the detection of states in order to
prolong the processing time and initiate attacks
4.4.3 Resource Matrix Approach
 To analysis possible existence of covert
channel, a resource matrix approach is used
 The matrix is composed of resources as row
and lowest level operation as column.
 The contents of the matrix elements are M
or/and R which denotes modification and
read respectively
 The presence of M represents a high
potential of establishing a covert channel.
4.4.5 Computers as the Weakest
Link
 Because computer can be access by both
high and low users, the establishment of
covert channel is high.
 Normally cover channels are fixed if
vulnerabilities exist. The simplest way to
remove covert channel is by using hardcopy
instead of electronic transfer which may not
be viable in the IT age.
4.5 Composing Security
 When two or more secure systems are
connected together, they may not compose
into a secure system as expected.
 Because non-deducibility and noninterference security are normally not exist
 Compositional analysis must be carried out
to ensure two/more systems are connected
securely.
 The presence of covert channels will further
weaken the security properties.
4.6 Privileges and Roles
 A privilege is defined as a collection of
related computer system operations that can
be performed by users of that systems. By
operations, we mean low-level system
activities.
 A role is defined as a collection of related
privileges.
 Privileges can exist in multiple different
roles. This implies that if a given privilege
is required, then in some cases, a choice of
which role should be allocated
 A role might contain only one privilege.
 A role might be defined to include every
privilege.
role
role
Priv
Priv
Priv
Priv
Priv
role
4.6.1 Role based attacks
 Attacks arises when security is not considered
in the allocation of roles to users
 Example a user was granted with a supervisor
role in UNIX based system
 This will results a more potentially destructive
power to a user then is desired
 An attack may occurs if some user is granted a
role that contain certain privilege that the user
should not have.
 The possibility is high if the number of
roles is smaller and the associated privilege
is larger.
 As a results, privileges and roles must be
designed in a manner that maximizes the
granularity of privilege allocation without
so many roles that their administration and
allocation becomes overly complex.
4.6.2 Principle of Least Privilege
 The principle of least privilege states that
users should only be granted privileges to
perform operation for which they have a
legitimate need.
 Designer based on this rule should ensure
the granularity of role is fine enough to
allow for different types of allocations.
4.6.3 Transformation and
Revocation
 By transformation, we imply that some
change is being associated with the
privileges allocated to a user. The
transformation of privilege may occur
internally to a single user in which certain
roles and privilege are changed.
 Transformation may also occur externally to a
single user in which a user transfer a role or
privilege to another user. Usually, external
transformation occurs when a user is
associated with a role or privilege that allows
for such transfer to another user.
 Privilege or role revocation is a special type of
privilege transform that involves the timely
removal of the ability to perform certain
operations, presumably because of some event
that changes the job requirements.
 Example:
if a user associated with some privilege or
role and is found to be a malicious intruder
with motivation to harm the system, then
immediate revocation of that user’s role and
privilege may be necessary.
 Examples: commands in UNIX
$ su
$ su adduser
$ su deluser
4.7 Security kernels
 A security kernel is defined as an isolated
portion of a computer system that is
designed to enforce the security policy of
the system.
Users and Application
Operating System
Security Kernel
Hardware
Security Kernel Organization
4.7.1 Principles of Kernel Design
 Avoidance of Tampering: must protect from
malicious or inadvertent tampering.Explicit
attention must be placed on ensuring the
security kernel is tamper-proof.
 Avoidance of Bypass: Kernel must be
designed in a manner that ensures complete
avoidance of security kernel bypass by a
subject requesting some service.
 Provision for Assurance: Convincing
evidence is needed to assure a system is
secure:




demonstrated secure usage over a period of
time
full documentation on security mechanisms,
development methods, relevant information to
ensure proper attention is addressed
results of security tests - ensure security
results of penetration tests - ensure all possible
attack


Formal methods to prove
evaluation, certification or accreditation from
authority individual or agency
 Hardware Mechanisms: hardware to
implement certain portions of security
kernel functionality presents some
advantages



provide memory protection
protect integrity of executing processes
provide security support for I/O operations
 Minimization of Complexity: if system is
large and complex, the formal proof will be
hindered. Minimizing the size of kernel is
critical.
 Fault tolerance: must designed to resist
against any classes of faults because
recovery from fault is always complicated
and needs human intervention.
References:
 Amoroso: chapters 19,21-26