DISTRIBUTED SYSTEMS SECURITY

Transcription

1 DISTRIBUTED SYSTEMS SECURITY Issues, Processes and Solutions Abhijit Belapurkar, Yahoo! Software Development India Pvt. Ltd., India Anirban Chakrabarti, Infosys Technologies Ltd., India Harigopal Ponnapalli, Infosys Technologies Ltd., India Niranjan Varadarajan, Infosys Technologies Ltd., India Srinivas Padmanabhuni, Infosys Technologies Ltd., India Srikanth Sundarrajan, Infosys Technologies Ltd., India WILEY A John Wiley and Sons, Ltd., Publication

2 Contents > List of Figures List of Tables Foreword Preface Chapter 1 Introduction 1.1 Background 1.2 Distributed Systems Characteristics of Distributed Systems Types of Distributed System Different Distributed Architectures Challenges in Designing Distributed Systems 1.3 Distributed Systems Security Enterprise IT - A Layered View Trends in IT Security 1.4 About the Book Target Audience References Chapter 2 Security Engineering 2.1 Introduction 2.2 Secure Development Lifecycle Processes - An Overview Systems Security Engineering Capability Maturity Model (SSE-CMM) Microsoft's Security Development Lifecycle (SDL) Comprehensive Lightweight Application Security Process (CLASP) Build Security In 2.3 A Typical Security Engineering Process Requirements Phase Architecture and Design Phase

3 viii Contents Development (Coding) Phase Testing Phase Important Security Engineering Guidelines and Resources Security Requirements Architecture and Design Secure Coding Security Testing Conclusion 39 References 40 Chapter 3 Common Security Issues and Technologies Security Issues Authentication Authorization Data Integrity Confidentiality AA Availability Trust Privacy Identity Management Common Security Techniques Encryption Digital Signatures and Message Authentication Codes Authentication Mechanisms Public Key Infrastructure (PKI) Models of Trust Firewalls Conclusion 53 References 54 Chapter 4 Host-Level Threats and Vulnerabilities Background Transient Code Vulnerabilities Resident Code Vulnerabilities Malware Trojan Horse Spyware Worms/Viruses Eavesdropping Unauthorized Access to Confidential Data - by Users Unauthorized Access to Protected or Privileged Binaries - by Users Unauthorized Tampering with Computational Results Unauthorized Access to Private Data - by Jobs Job Faults 62

4 Contents ix Resource Starvation Overflow Stack-Based Buffer Overflow Heap-Based Buffer Overflow Privilege Escalation Injection Attacks Shell/PHP Injection SQL Injection Conclusion 67 References 69 Chapter 5 Infrastructure-Level Threats and Vulnerabilities Introduction Network-Level Threats and Vulnerabilities Denial-of-Service Attacks DNS Attacks Routing Attacks Wireless Security Vulnerabilities Grid Computing Threats and Vulnerabilities Architecture-Related Issues Infrastructure-Related Issues Management-Related Issues Storage Threats and Vulnerabilities Security in Storage Area Networks Security in Distributed File Systems Overview of Infrastructure Threats and Vulnerabilities 96 References 98 Chapter 6 Application-Level Threats and Vulnerabilities Introduction Application-Layer Vulnerabilities Injection Vulnerabilities Cross-Site Scripting (XSS) Improper Session Management Improper Error Handling Improper Use of Cryptography Insecure Configuration Issues Denial of Service Canonical Representation Flaws Overflow Issues Conclusion 114 References 114 Further Reading 114

5 X Contents Chapter 7 Service-Level Threats and Vulnerabilities Introduction SOA and Role of Standards Standards Stack for SOA Service-Level Security Requirements Authentication Authorization and Access Control Auditing and Nonrepudiation Availability Confidentiality Data Integrity Privacy Trust Federation and Delegation Service-Level Threats and Vulnerabilities Anatomy of a Web Service Service-Level Attacks References Further Reading Known Bug Attacks SQL Injection Attacks XPath and XQuery Injection Attacks Blind XPath Injection Cross-Site Scripting Attacks WSDL Probing Enumerating Service from WSDL Parameter-Based Attacks Authentication Attacks Man-in-the-Middle Attacks SOAP Routing Attacks SOAP Attachments Virus XML Signature Redirection Attacks XML Attacks Schema-Based Attacks UDDI Registry Attacks Services Threat Profile Conclusion Chapter Host-Level Solutions Background Sandbc ixing Kernel-Level Sandboxing User-Level Sandboxing Delegation-Based Sandboxing File-System Isolation

6 Contents xi 8.3 Virtualization Full-System Virtualization Para Virtualization Shared-Kernel Virtualization Hosted Virtualization Hardware Assists Security Using Virtualization Future Security Trends Based on Virtualization Application Streaming Resource Management Advance Reservation Priority Reduction Solaris Resource Manager Windows System Resource Manager Citrix ARMTech Entitlement-Based Scheduling Proof-Carrying Code Memory Firewall Antimalware Signature-Based Protection Real-Time Protection Heuristics-Based Worm Containment Agent Defense Conclusion 166 References 166 Chapter 9 Infrastructure-Level Solutions Introduction Network-Level Solutions Network Information Security Solutions Denial-of-Service Solutions DNS Solution - DNSSEC Routing Attack Solutions Comments on Network Solutions Grid-Level Solutions Architecture Security Solutions Grid Infrastructure Solutions Grid Management Solutions Comments on Grid Solutions Storage-Level Solutions Fiber-Channel Security Protocol (FC-SP) - Solution for SAN Security Distributed File System (DFS) Security Comments on Storage Solutions Conclusion 199 References 200

7 xii Contents Chapter 10 Application-Level Solutions Introduction Application-Level Security Solutions Input Validation Techniques Secure Session Management Cryptography Use Preventing Cross-Site Scripting Error-Handling Best Practices Conclusion 215 References 215 Chapter 11 Service-Level Solutions Introduction Services Security Policy Threat Classification SOA Security Standards Stack Inadequacy of SSL for Web Services Standards in Depth XML Signature XML Encryption Web-Services Security (WS Security) Security Assertions Mark-Up Language (SAML) WS Policy WS Trust WS Security Policy WS Secure Conversation XKMS (XML Key Management Specification) WS Privacy and P3P Federated Identity Standards - Liberty Alliance Project and WS Federation WS-I Basic Security Profile Status of Standards Deployment Architectures for SOA Security Message-Level Security and Policy Infrastructure XML Firewalls Managing Service-Level Threats Combating SQL and XPath Injection Attacks Combating Cross-Site Scripting Attacks Combating Phishing and Routing Attacks Handling Authentication Attacks Handling Man-in-the-Middle Attacks Handling SOAP Attachment Virus Attacks Handling Parameter-Tampering Attacks XML Attacks Known-Bug Attacks 257

8 Contents ми 11.7 Service Threat Solution Mapping XML Firewall Configuration-Threat Mapping Conclusion 262 References 262 Further Reading 262 Chapter 12 Case Study: Compliance in Financial Services Introduction SOX Compliance Identity Management Policy-Based Access Control Strong Authentication Data Protection and Integrity SOX Security Solutions People Process Technology Multilevel Policy-Driven Solution Architecture Logical Architecture and Middleware Conclusion 277 References 277 Further Reading 277 Chapter 13 Case Study: Grid Background The Financial Application Security Requirements Analysis Confidentiality Requirement Analysis Authentication Requirement Analysis Single Sign-On and Delegation Requirement Analysis Authorization Requirement Analysis Identity Management Requirement Analysis Secure Repository Requirement Analysis Trust Management Requirement Analysis Monitoring and Logging Requirement Analysis Intrusion Detection Requirement Analysis Data Protection and Isolation Requirement Analysis Denial of Service Requirement Analysis Final Security Architecture 289 Chapter 14 Future Directions and Conclusions Future Directions Cloud Computing Security Security Appliances 292

9 xiv Contents Usercentric Identity Management Identity-Based Encryption (IBE) Virtualization in Host Security Conclusions 297 References 300 Further Reading 300 Index 303