DOC PREVIEW
U of I CS 498 - Host Security Review and Physical Keys

This preview shows page 1-2-3 out of 10 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Host Security Review and Physical KeysFirst portion of courseSecure CodingUser IdentityPhysical Key PaperPin Tumbler KeysMaster KeysThe problemThe key insightThe algorithmHost Security Reviewand Physical KeysCyber SecuritySpring ‘05First portion of course•Access control–Discretionary ACL’s in Windows–Mandatory access control through type enforcement in SELinux•Least privilege–Set UID in Unix/Linux–Explicit privilege manipulation on Windows–Impersonation on WindowsSecure Coding•Considered at three levels–Design: e.g., analyze communication algorithms against common attacks like man in the middle–Implementation: e.g., run buffer overflow checking tools.–Operation: e.g., Turn off unnecessary services•Echoes most good software engineering practices or common sense–Checklists can help remind us of these thingsUser Identity•Overview of directories–Unifies information needed by many applications in an enterprise–Source of certificates used by PKI–Not a complete panacea, •Overview of network AAA servers–Integrate authentication with network security enforcement devices–Evolved from Dial up technology•Limited cross device authentication•Xauth mechanism configured on enforcing device can be used to use AAA server for IPSec client authentication–Can redirect authentication to other sources–Will examine in greater detail during the network portion of the coursePhysical Key Paper•Analysis of master keyed physical locks from a CS perspective.–“Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks”, Matt Blaze, http://webtools.uiuc.edu/survey/NonSecureSurvey?id=9931496Pin Tumbler Keys•Most common type of keys•Key cylinder is held in place by a number of pins–P which ranges from 4 to 7•In a single keyed lock each pin is cut in one of D locations–D ranges from 4 to 10•The key is correspondingly cut. Inserting the right key pushes up the pins so the cut part matches the cylinder.–P^D possible keysMaster Keys•In many environments, there is a master key that opens all doors–Or there can be a hierarchy of master keys–The master key that opens all locks is called the Total Master Key (TMK)•In a master key scenario, each pin is cut in two places–One set of cuts occur in all locks in the installationThe problem•Create a master key from an ordinary key and lock in the system–Assume your have access to key blanks and appropriate key cutting devices–And some privacyThe key insight•Cross keys–While the design intended only keys that match the master cutting or the specific cutting, keys with a combination of both cuttings will work on your example lock–You can test each bit in isolation•Moving from a P^D problem to a P*D problem.The algorithm•Take a blank, and cut P-1 of the bits to the bitting of the custom key.–For the P’th bit, create D-1 keys that try all cuts except the one of the custom key–Or just start with shallowest cut and re-cut the same physical key–The one that works has the correct cut for that bit on the TMK•Do the same thing for all P bits•Don’t do this at


View Full Document

U of I CS 498 - Host Security Review and Physical Keys

Documents in this Course
Lecture 5

Lecture 5

13 pages

LECTURE

LECTURE

39 pages

Assurance

Assurance

44 pages

LECTURE

LECTURE

36 pages

Pthreads

Pthreads

29 pages

Load more
Download Host Security Review and Physical Keys
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Host Security Review and Physical Keys and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Host Security Review and Physical Keys 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?