SOLARIS 10 SECURITY. Technical Overview. Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH

Transcription

1 SOLARIS 10 SECURITY Technical Overview Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH

2 Solaris 10 Lizenzen Millions ~ 7M ZFS 7,0 6,5 6,0 5,5 Solaris Container 5,0 4,5 4,0 3,5 3,0 DTrace x64 / x86 2,5 2,0 1,5 1,0 0,5 0,0 3/05 4/05 5/05 6/05 7/05 8/05 9/05 10/05 11/05 12/05 1/06 2/06 3/06 4/06 5/06 6/06 7/06 8/06 9/06 10/06 11/06 12/06 1/07 #2

3 ~ 7 Mio. registrierte Lizenzen 125 Performance Weltrekorde 800+ x64/x86 Plattformen unterstützt ISV Anwendungen verfügbar Hunderte OpenSource Anwendungen integriert und unterstützt Enthusiasmus der Kunden und Partner für Solaris 10 #3

4 Solaris Security New New Digital Certificates Everywhere IP Filter Firewall Secure Execution User & Process Rights Mgmt. Cryptographic Framework Secure By Default Networking Trusted Extensions Solaris 10 Operating System #4

5 Agenda: Solaris 10 Security Process and User Rights Management Network Security and Encrypted Communications Password Management and Auditing Container Security File Integrity Validation Minimization and Hardening Labeled Security Security Certification #5

6 Process & User Rights Management

7 Reduce Application Privileges Process Rights Management allows you to distribute rights among applications with finer granularity: Eliminates need to run applications as super user Reduces customer exposure to security attacks Compatible with existing applications Always turned on #7

8 Process Rights Management = Least Privileges minimale Privilegien für Prozesse > Aufgabe von "alles oder nichts" Rechtevergabe > root vs. Rest der Nutzer > meist wird nur ein Bruchteil benötigt > Device Zugriff > reservierte Netzwerkports > RT Priorität #8

9 PRM Example: Apache Web Server net_priv_addr proc_fork proc_exec Super User Service Manager ('webserved') Web Server #9

10 User Rights Management User Rights Management allows you to distribute rights to management roles with finer granularity. Users can then assume these rolls. Decomposes super user role Roles stored in naming service for centralization Auditing records 'real' user no anonymous admin! # 10

11 User Rights Management Software Installation Dtrace Debugging Developer Audit Review File Integrity Verification Internal Auditor System Administrator Backup Operator Super User User Rights Management Sys. Admin. User Roles # 11

12 Network Security & Encrypted Communications

13 Network Protection Solaris Security now provides even tougher defenses for your network. New IP Filter Firewall > Allows selective access to ports based on IP > Compatible/manageable like open source IPF TCP Wrappers > Limits access to TCP/UDP service using domain name > Permits selective access for partners, suppliers, etc... Secure By Default Network > Disables or protects many network services from attack > Minimizes network exposure of system # 13

14 Cryptographic Framework Commercial App PKCS 11 Open Source Web Server Sun Java Web Server Java VM Application OpenSSL NSS Java Enterprise System JCE Java Crypto. Extensions Consumer Interface (PKCS 11) User-Level Cryptographic Framework Provider Interface (PKCS 11) Sun Software Crypto. Plug-in (DES, 3DES, AES, Blowfish, RSA, MD5, SHA_, RC4) Hardware Accelerator UltraSparc T1 Hardware Crypto. Accelerator 6000 Now the framework for cryptography is standardized and extensible. Your current cryptographic choices and any future technology can easily plug in and just work. 'Unbreakable' cryptographic strength Standards-based framework Same API, software or hardware Extensible for future technologies # 14

15 Secure Remote Access Solaris Secure Shell Standards-based encrypted remote access Kerberos Single Sign On Standards-based enterprise single sign on IPSec/IKE Transparently encrypted communications between systems; no app modification Remote Worker Internet Apps & Data # 15

16 Password Management & Auditing

17 Password Management Solaris adds more layers of password security Password Complexity Checks Password History (0 26 passwords) Banned Password List (Dictionary) Compliments LDAP-based password controls for nonlocal accounts # 17

18 Solaris System Auditing Records and monitors everything that happens on the system User Access Computer Possible Intrusion Date Selected Log Records who did what, when and how Exports audit records to XML format for analysis by tools or intrusion detection systems Essential for Audit and Compliance Officers # 18

19 Container Security

20 Container Security Reduce risk by isolating applications in separate containers yet administer centrally Containers provide file, network, process, and resource isolation Administer from a single Global Zone App Server Web Server DB Server Application OS Server # 20

21 File Integrity Validation

22 File Integrity Verification Tools Basic Audit and Reporting Tool (BART) > Generate checksums; compared periodically Solaris Fingerprint Database > Validate your system today using: > sunsolve.sun.com Solaris Secure Execution Provides tools to validate the OS and your data to catch hackers in action. # 22

23 Solaris Secure Execution Provides real-time verification of OS components to prevent virus outbreaks or use of unauthorized applications Solaris 10: Most digitally signed OS on the planet Manually verify systems today with 'elfsign' Future update will verify integrity at load time Prevents unauthorized applications and patches Helps meet auditing requirements # 23

24 Solaris Minimization & Hardening

25 Solaris Minimization 191 MB Reduce risk by using the Reduced Networking Metacluster: Small install of Solaris with no network services > Nothing listening to network to be attacked! Basic building block turn on only what you want Save disk space 191 MB vs. 3 GB Used during manual or jumpstart install of Solaris # 25

26 Hardening: Secure By Default Networking Reduce exposure by limiting how system listens for network connections Turns off many services or sets them to 'local only' Uses Solaris Service Manager to turn on only what is needed for use Only Solaris Secure Shell listening to the network Fully functional desktop impervious to external attack # 26

27 More Options for Securing Solaris Solaris Security Toolkit v 4.2 Hardening > Sets secure system parameters > Allows undo of previously applied hardening Minimize during install > Uses repeatable profiles > Jumpstart integration Download Today: # 27

28 Labeled Security

29 Solaris Trusted Extensions New Adds labeled security to Solaris 10 Multi-level networking, printing Multi-level Interfaces Leverages User & Process RM Uses Containers Runs all Solaris applications High level of certification Solaris 10 Operating System # 29

30 Solaris Trusted Extensions Feature ab Solaris 10 11/06 Zielsetzung > > > > Daten nach Sicherheitslevel isolieren Netzwerk Datenfluß einfach reglementieren Erfüllung von Sicherheitsrichtlinien Alle Solaris Anwendungen bleiben lauffähig (= Solaris) Labeled Security für Solaris 10 > Multi-Level Networking, Printing, GUI > CAPP, RBACPP, EAL 4+ Mandatory Access Control basierend auf Label # 30

31 Solaris Trusted Extensions All objects are labeled, based on sensitivity Access governed by label hierarchal relationship Commercial Hierarchy Government Hierarchy Non-Hierarchical Executive Management Top Secret VP and Above Directors All Employees Trusted Extensions Secret Net Inc. Music Online Daisy's Florists Solaris 10 or Trusted Extensions Confidential Classified Trusted Extensions Mandatory Access Control & Security Labels # 31

32 Security Certification

33 Independent Validation 3rd Party Certifications EAL4+ (C2) (CAPP & RBACPP) EAL3 or EAL3+ SGI Irix SuSE RedHat SuSE IBM AIX Windows 2003 Solaris 8 HP-UX Solaris 9 EAL4 or EAL4+ (C2) (CAPP) Solaris 10 Trusted Solaris 8 Solaris 10 w/trusted Extensions* EAL4+ (B1) (CAPP, RBACPP, LSPP) Based on data from # 33

34 SOLARIS 10 SECURITY Technical Overview

35 Access Control Enforced Everywhere Stripe showing 'Restricted' Stripe showing 'Internal' Attempts to 'drag-and-drop' data between windows fails because user is not authorized to do so. Enforced when transferring data anywhere to anything on the system. # 35

36 Trusted Java Desktop System Details World's only labeled GNOME-based interface shipped with an OS Workplace Switcher NEW Task Switcher Trusted Stripe and Trusted Path Menu # 36