Case study-System Security

Case study-System Security Table of Contents

• 1 case study-System Security
  • 1.1 Access Control and PMI permission management
  • 1.2 Network Security
    • 1.2.1 Information System Security Threats
    • 1.2.2 network-level security protection
  • 1.3 Orange Book
  • 1.4 Vulnerabilities

1 case study: System Security 1.1 Access Control and PMI permission management

Access control is also called Identity Authentication. Table authentication is required based on what users know (password), what they own (private key and token), and what they are (biological characteristics. There are three common authentication methods in computer network systems:

• Password Authentication: insecure, easily causing password leakage and Interception
• Token Authentication: it can be divided into question response token and time stamp token. The difference is that the question response token is used. The authentication server sends a random number to the client, and the client uses PKI technology, use the private key to encrypt the random number. While the timestamp token uses the current time, the client uses the private key to encrypt the current time (PKI)
• Biometric identification technology: divided into physical characteristics and behavioral characteristics

PMI

PMI permission management can be divided into the following four methods:

• Independent access control model DAC, which describes permissions from the user's perspective
• Access list control model ACL, which describes permissions from a functional perspective
• Mandatory Access Control Model Mac, user-level judgment of Permissions
• Role-Based Access Control Model RBAC, a group of users belong to a role

1.2 Network Security 1.2.1 Information System Security Threats

Network threat refers to the potential use of network security defects, which may lead to unauthorized access, information leakage, resource depletion, resource theft and resource destruction, network security threats include: eavesdropping, counterfeiting, replay, traffic analysis, unauthorized access to resources, damage to data integrity, Trojans and traps, denial of service, viruses, and slander.

For information systems, network threats are embodied in the following aspects: physical environment, communication link, network system, operating system, application system, and management system.

• Physical security threats: threats to the devices used by the system, including data loss and information leakage caused by natural disasters, power supply faults, equipment theft or destruction, operating system boot failures, and database data damage.
• Communication link security threats: Installation of eavesdropping devices on transmission lines or interference with communication links
• Network security threats: a serious security threat to internal networks due to the openness and international nature of the Internet and the absence of security management.
• Operating system security threats: the backdoor and security threats of the operating system, such as Trojans and traps.
• Security threats of application systems: security threats of network systems and business systems, such as system vulnerabilities
• Full threat of management systems: vulnerabilities in personnel management and various security management systems

1.2.2 network-level security protection

Security protocols for each network layer

• Network Layer: Use isolation (for wired networks) to prevent eavesdropping (interception)
• Data link layer: PPTP, L2TP, and l2f link encryption protocols are used for VPN secure tunnel technology.
• Network Layer: Use firewall to ensure security and use IPsec protocol to encrypt IP Packets
• Transport Layer: TLS, SET protocol
• Application Layer: PGP (mail encryption), https (Web) SSL (spanning four layers: Transport Layer-Session Layer-presentation layer-Application Layer)
• TLS

  The TSL secure transport layer protocol is used to provide confidentiality and data integrity between two communications applications. The latest version of TLS (Transport Layer Security Protocol) is a new protocol developed by IETF (Internet Engineering Task Force, Internet Engineering Task Group, it is based on the SSL 3.0 protocol specification and is a later version of SSL 3.0.

  There is a significant difference between TLS and SSL3.0, mainly because they support different encryption algorithms, so TLS and SSL3.0 cannot interoperate. Using the TLS Encryption Algorithm on SMTP uses the SSL Algorithm on HTTP, but SSL and TLS are not inherently different. For example, after SSL is upgraded to 3.1, it is called TLS.

• Set

  The Set (Secure Electronic Transaction) protocol provides security measures for credit card-based electronic transaction applications. A Technical Standard jointly developed by Visa and MasterCard to ensure the financial support of the open network.

• IPSec

  IPSec works at the network layer, which has two encryption methods. IPSec provides transparent security services for IP network communication, protecting TCP/IP communication from eavesdropping and tampering, and effectively resisting network attacks while maintaining ease of use. IPSec has the basic goal of protecting IP packet security and providing protection measures against network attacks. IPSec achieves these two goals through the password protection service, security protocol group, and dynamic key management, which not only provides powerful and flexible protection for network communication, but also can filter specific data streams.

  IPsec can significantly reduce and prevent the following Network Attacks:

  • Sniffer: prevents sniffer eavesdropping
  • Data tampering: IPSec calculates a data check and for each IP packet. Any tampering with the IP packet data will change the check and
  • Identity spoofing, password theft, and application-layer attacks: IPsec authentication and data exchange mechanisms do not expose any information and allow attackers to take advantage of them.
  • Man-in-the-middle attack: IPSec combined with two-way authentication and shared key is sufficient to defend against man-in-the-middle attacks
  • Denial-of-Service (DoS) attacks: Based on the IP packet filtering method, IPSec determines which packets can pass and which packets need to be intercepted Based on the IP address range, protocol, and protocol port number.
• PGP

  PGP is a mail encryption protocol based on the RSA public key cryptography system.

• SSL

  HTTP Communication is non-encrypted communication. All information is transmitted in plain text, which brings three major risks: eavesdropping, tampering, and impersonation. SSL is designed to solve three major risks: encrypted transmission, verification mechanism, and identity authentication. SSL is a protocol working on the transport layer and above it, providing security support for data communication. The SSL protocol consists of the SSL handshake protocol, SSL record agreement, and SSL alarm protocol. The SSL handshake protocol is used to establish an security mechanism between the client and the server transmission application layer data. the SSL record protocol encrypts and compresses the data sent from the application layer based on the parameters determined by the handshake protocol, then, it is sent to the other party through the transmission layer. The SSL alarm protocol is used to transmit SSL error messages between the client and the server.

  Before encrypted communication starts, the client and server must establish a connection and exchange parameters. This process is called handshake ). Assume that the client is Alice and the server is Bob. The entire handshake process can be described as follows:

SSL

1. Alice provides the Protocol version number, the random number (client random) generated by a client, and the encryption method supported by the client.
2. Bob confirms the encryption method used by both parties and provides a digital certificate and a server-generated random number (server random)
3. Alice confirms that the digital certificate is valid, then generates a new random number (premaster secret), uses the public key in the digital certificate, encrypts the random number, and sends it to Bob
4. Bob uses his private key to obtain the random number (premaster secret) from Alice)
5. Alice and Bob use the preceding three random numbers to generate a session key based on the agreed encryption method, which is used to encrypt the next conversation process.

1.3 Orange Book

The full name of orpi is the benchmark for evaluation of trusted computer systems. orpi divides the computer security level from high to series into four levels: a B C D.

• Level D: minimum protection level, such as DOS and ipvds
• Level C: autonomous access control. The security feature of this level is that the system object can be defined by the system subject, such as UNIX, Linux, and WindowsNT.
• Level B: mandatory access level. This level of security features that the system objects define security labels and grant them access permissions to each object according to the user's security level.
• A: verifiable Access Control. The system has formal analysis and mathematical proof.

1.4 Vulnerabilities

Vulnerabilities refer to the specific implementation of hardware, software, and Protocols and the defects in system security policies, so that attackers can access or damage the system without authorization.

Vulnerabilities may affect a wide range of hardware and software devices, including the operating system and its supporting software, network customer and service software, network routers and firewalls, these different hardware and software devices can have different security vulnerabilities, and the leakage issue is closely related to time.

Date: 11:48:29

Author:

Org version 7.8.06 with Emacs Version 23

Validate XHTML 1.0

Case study-System Security