Protection and SecurityAccess MatrixAccess Matrix (contd.)Access Matrix DetailsACLsWindows NT(W2K) SecurityAccess Token (per user/subject)Security Descriptor (per Object)Access Control ListAccess MaskAccess Control Using ACLsRSA EncryptionRSA Encryption (contd.)Application of RSAHow can you authenticate “sender”?Digital SignaturesDigest FunctionsAlice’s bank account certificateDigital signatures with public keysLow-cost signatures with a shared secret keyBR 1Protection and SecurityB. RamamurthyChapters 18 and 19BR 2Access MatrixA general model of access control as exercised by a file or database management system is that of an access matrix.Basic elements of the model are:Subject: An entity capable of accessing objects. The concept of subject equates that of a process.Object: Anything to which access is controlled. Ex: files, programs, segments of memory.Access right: The way in which an object is accesses by the subject. Examples: read, write, and execute.BR 3Access Matrix (contd.)userAuserBuserCFile 1File 2 File 3 File 4 Acct1 Acct2 Printer1OwnR, WOwnR, WOwnR, WOwnR, WRR,W RW RInquiryCreditInquiryCreditInquiryDebitInquiryDebitPBR 4Access Matrix DetailsRow index corresponds to subjects and column index the objects.Entries in the cell represent the access privileges/rights.In practice, access matrix is quite sparse and is implemented as either access control lists (ACLs) or capability tickets.BR 5ACLsAccess matrix can be decomposed by columns, yielding access control lists.For each object access control list lists the users and their permitted access rights.The access control list may also have a default or public entry to covers subjects that are not explicitly listed in the list.Elements of the list may include individual as well group of users.BR 6Windows NT(W2K) SecurityAccess Control Schemename/passwordaccess token associated with each process object indicating privileges associated with a usersecurity descriptoraccess control listused to compare with access control list for objectBR 7Access Token (per user/subject)Security ID (SID)Group SIDsPrivilegesDefault OwnerDefault ACLBR 8Security Descriptor (per Object)FlagsOwnerSystem Access Control List(SACL)Discretionary Access ControlList (DACL)BR 9Access Control ListACL HeaderACE HeaderAccess MaskSIDACE HeaderAccess MaskSID...BR 10Access MaskGeneric AllGeneric ExecuteGeneric WriteGeneric ReadAccess System SecurityMaximum allowedDeleteRead ControlWrite DACWrite OwnerSynchronizeGenericAccess TypesStandardAccess TypesSpecific Access TypesBR 11Access Control Using ACLsWhen a process attempts to access an object, the object manager in W2K executive reads the SID and group SIDs from the access token and scans down the object’s DACL.If a match is found in SID, then the corresponding ACE Access Mask provides the access rights available to the process.BR 12RSA Encryption To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form:N = P x Q Z = (P–1) x (Q–1)2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z).We illustrate the computations involved using small integer values for P and Q:P = 13, Q = 17 –> N = 221, Z = 192 d = 53. To find e solve the equation:e x d = 1 mod ZThat is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... . e x d = 1 mod 192 = 1, 193, 385, ...385 is divisible by de = 385/5 = 77BR 13RSA Encryption (contd.)To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024).k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 = 221), e = 77, d = 5:E'(e,N,M) = Me mod Nfor a message M, the ciphertext is M77 mod 221The function for decrypting a block of encrypted text c to produce the original plaintext block is:D'(d,N,c) = cd mod NThe two parameters e,N can be regarded as a key for the encryption function, and similarly d,N represent a key for the decryption function. So we can write Ke = <e,N> and Kd = <d,N>, and we get the encryption function: E(Ke, M) ={M}K (the notation here indicating that the encrypted message can be decrypted only by the holder of the private key Kd) and D(Kd, ={M}K ) = M. <e,N> - public key, d – private key for a stationBR 14Application of RSALets say a person in Atlanta wants to send a message M to a person in Buffalo:Atlanta encrypts message using Buffalo’s public key B E(M,B)Only Buffalo can read it using it private key b: E(p, E(M,B)) MIn other words for any public/private key pair determined as previously shown, the encrypting function holds two properties:E(p, E(M,P)) ME(P, E(M,p)) MBR 15How can you authenticate “sender”?(In real life you will use signatures: the concept of signatures is introduced.)Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key:E(B,E(M,a)) Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message:E(b, E(B,E(M,a)) E(M,a)E(A,E(M,a)) MBR 16Digital SignaturesStrong digital signatures are essential requirements of a secure system. These are needed to verify that a document is:Authentic : sourceNot forged : not fakeNon-repudiable : The signer cannot credibly deny that the document was signed by them.BR 17Digest FunctionsAre functions generated to serve a signatures. Also called secure hash functions.It is message dependent.Only the Digest is encrypted using the private key.BR 18Alice’s bank account certificate1. Certificate type: Account number2. Name: Alice3. Account: 62626264. Certifying authority: Bob’s Bank5. Signature: {Digest(field 2 + field 3)}KBprivBR 19Digital signatures with public keys{h}KpriMSigningVerifyingE(Kpri, h)128 bitsH(M)hMhH(doc)D(Kpub,{h}) {h}Kprih'h = h'?Msigned docBR 20Low-cost signatures with a shared secret keyMSigningVerifyingH(M+K)hh'H(M+K)hh = h'?KMsigned
View Full Document