Mestrado em Ciência da Informação Segurança da Informação 2013/2014 ACCESS CONTROL TO A NETWORKED COMPUTER SYSTEM André Pinto & Ricardo Silva
Summary 1 2 Introduction 1.1 Information Security 1.2 Work s Description Access Control 2.1 Authentication 2.2 Authorization 2.3 Accounting 2.4 Cookies
Summary 3 3.1 Security Systems 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.2 3.2.1 3.3 3.3.1 IDS - Intrusion detection system Network-Based IDS Network-Based IDS: Problems Host-Based IDS Host-Based IDS: Problems Disadvantages of Intrusion Detection System Software IPS - Intrusion prevention systems Software Firewall Disadvantages
Summary 4 5 6 3.4 TLS - Transport Layer Security & SSL - Secure Sockets Layer 3.4.1 Software 3.5 IPsec - IP Security Protocol 3.5.1 Software Theoretical-practice Approach and Conclusions Bibliographic References Figures Index
Introduction Information Security Two levels of security: physical and logical Confidentiality authorized personnel Integrity characteristics established by the creator Availability continuous access to information Tools that ensure Security
Introduction Work s Description In the last yeas information about new possible players for a club have been stolen and/or there are leaks of information which lead up to rivals stealing players discovered by other clubs. Build a system able to detect intrusions and prevent data loss, so players observed by a club are not "deflected" to the rival.
Access Control Common examples: door look; bodyguards. Access Control is divided in three big components: authentication, authorization and accounting. Advantages of Access Control: Access Control to some departments of a firm Register of visitants What did they do, when and for how much time. Access Control to car park Energy savings
Access Control - Authentication Answers to the question Who is? Authentication is based on: What the user knows (password) What the user has (smart card, credentials) Who is the user (fingerprint, voice) Where is the user (before or after the firewall) Username and password
Access Control - Authorization Answers to the question Which are the permissions of an user that has been identified? Permissions of reading, writing and execution Access Control Lists (ACL) Control the packages that are allowed and those that aren t (so they re blocked) in the interfaces of a router. There is only one host in a certain place How to configure a ACL? Creation of access lists (criteria) Access Lists application in interfaces
Access Control - Authorization Capabilities Pair (x, y) being x the name of an object and y a privilege set A subject has to present a capability or in order to access an object C-list (capability list) table with permissions and objects connections Cryptography
Access Control - Accounting Answers to the question What did the user do? Information retrieval about an user and dispatch of that information to a server or database Real time Accounting Batch Accounting Accounting is divided in two phases: Collection and organization of information Analysis of the information collected
Access Control - Cookies Most of them usually are text files designed to store information about the users so the administrator of the page the user has just visited can know what kind of information they are looking for or not. It also works out very well to memorize passwords and another data saving time for the user in the next time he visits the same webpage. May collect some personal information about the user which can be dangerous if the goes to the wrong hands.
Security Systems IDS IPS Firewall TLS & SSL IPsec
IDS Intrusion Detection System What is? Network-based Host-based Problems
IPS Intrusion Prevention System It is seen as an extension of the firewall that allows access to a system based on the content of the application you want to access on the system, offering a new form of security beyond the IP addresses and ports, services offered by firewalls.
Firewall A firewall is a mechanism that fosters the application of security rules at a point of a network within a network of computers, that point is usually a machine of a user associated with TCP / IP protocols. There is a great approximation between a firewall, IDS and IPS, which is essentially a firewall that combines the application and network levels and uses a reactive IDS, protecting the network.
TLS - Transport Layer Security & SSL - Secure Sockets Layer Used to check data integrity between systems on the web. Intended to encode information between two machines that are part of and are within the control network and may identify the responsible for the information to be transmitted. Provide security services to an email or navigation pages.
IPsec IP Security Protocol The IPsec works as an extension of the IP protocol, operating at the network layer, below the application and transport layers that the other systems previously viewed operate. Hashing Tunnel and Transport Modes
Theoretical and practical approach & Conclusion Registered machine Access Control IDS IPsec Problems and new system