《Web应用的安全模式》由会员分享,可在线阅读,更多相关《Web应用的安全模式(55页珍藏版)》请在金锄头文库上搜索。
1、Web应用的“外患”与“内忧” Based onSecurity models for Web-based applicationby James B.D.Joshi,Walid G.Aref,Arif GhafoorFebruary 2001/Vol.44.No.2 p38-44 Communication of ACM1本讲内容介绍基本的安全概念和基本的安全机制Web环境下的安全机制防火墙的工作原理常用的安全措施2Web应用安全“外患”“内忧”3“外患” Aspects of Security Authentication and Encryption Internet Firewalls
2、 and Packet Filtering Virtual Private Networks Secure HTTP (SHTTP) and Secure Socket Layer (SSL) Securing your Site4Main risks:信息被非法窃听:未经认可的用户对数据的非法访问假冒他人发送信息信息被非法修改拒绝服务病毒。5解决Data Integrity: refers to protection from change: Is the data received exactly the same as the data that was sent?Data Availa
3、bility: refers to protection against disruption of service: Does the data remain available for legitimate use?Data Confidentiality: refers to protection against unauthorized data access: Is data protected against unauthorized access?Privacy: refers to the ability of the sender to remain anonymous: I
4、s the senders identity revealed?67完整性机制防止偶然或故意破坏数据完整性的常用方法:n奇偶校验 ( parity bits)n校验和(checksum )n循环冗余校验( cyclic redundancy checks ,CRC).发送者以包的数据为函数计算出一个整数值。接收者从接收到的数据中重新计算出这个整数,并比较二者的结果。However, a attacker can create a valid checksum or CRC from the altered data.8完整性机制Several mechanisms against malici
5、ous(恶意) intentional change of intercepted data exist:用MAC (Message Authentication Code)来编码要发送的数据。n MAC基于无法破译或仿造的密码机制工作。n采用只有收发双方知道的secret key。n发送者用the secret key 来 scramble the data and the checksum or CRC9访问控制和口令在传统的计算机系统中,简单的口令即足以保护对系统的访问。Simple password mechanisms are vulnerable(易受攻击) on networks
6、 because they are susceptible to eavesdropping(偷听).Wiretapping(搭线窃听) is easy especially that passwords on telnet, HTTP are clear text.10“外患” Aspects of Security Authentication and Encryption Internet Firewalls and Packet Filtering Virtual Private Networks Secure HTTP (SHTTP) and Secure Socket Layer
7、(SSL) Securing your Site11你是谁?How do you know the customer is the customer he/she pretends to be?How do you know the server is the server it purports to be?Is it really the the web page I want to connect to?Is it really the company I want to make a transaction with?Is it really the customer I think
8、I am dealing with?12认证The process of making sure the server and the client are indeed the server and client they purport to be is called authentication.用户认证是计算机安全中最为困难的部分之一。Authentication is based on digital signaturesTo sign a message, the sender encrypts the message using a key known only to the s
9、ender13加密目的:即使消息被窃听( wiretapping)也仍可保持其confidentiality.方法:Sender Scrambles the bits of the message in a way that only the intended receiver can unscramble the message. Based on keys.结果: Intercepting a messages is useless since no information extraction.14对等加密The receiver and the sender share the sam
10、e secret keyThe sender encrypts the message with a key K and the receiver decodes the encrypted message with the same key K.Example: DES E= encrypt (Key,M) M=decrypt (Key,E) Mathematically decrypt is inverse of encrypt decrypt = encrypt-115对称加密缺陷n需要进行私钥交换n规模复杂n未知实体间通信困难16公钥密码机制由Deffie 和 Hellman发明:n“
11、New Directions in Cryptography”,1976原理nPublicly revealing an encryption key does not thereby reveal the correspongding decryption decryption.17重要结论No need to transmit keys.nonly the intended recipient can decipher the message.A message can be “signed” by a privately held decryption key.nSignatures c
12、annot be forged.nA signer cannot later deny the validaity of his signature.下面我们来看如何用这种机制来实现:n机密性和隐私性:privacy and confidentialityn数字签名:signaturen实体鉴别:authentication18Privacy and confidencialityBob向Alice发一个private message的过程:nGet the public key Ea from the public filenSend her Ea(M)nAlice decpher it :
13、Da(Ea(M)=M特点nNo need to establish private transactions(保证了私密性)nAn intruder listening in on the channel cannot decipher any messages. Since derive decryption keys from encryption keys is impossible.(保证了机密性)19数字签名SignaturesAlice首先用自己的私钥对要发给Bob的消息签名:s=Da(M)然后用Bob的公钥加密:Eb(S).并把结果发出.Bob先用自己的私钥解密得到S,然后用Al
14、ice的公钥解密得到M.20数字签名Signatures完整性:Bob或其他人不可修改M,对输入数据的任何修改都会引起输出的变化。不可否认性:Alice不可否认发给Bob消息,因为除了他没人能得到他的签名s=Da(M)。机密性:因为只有Bob才有他自己的私钥,别人无法获得。21Authentication简单的的缺陷:nReplay:重放攻击n例子:“阿里巴巴与四十大盗”基于公钥技术,采用“挑战-响应”协议和信息签名解决实体鉴别问题.nAlice challenge to Bob: a number 100nBob sign the number with his private key.nA
15、lice get the signed number and decpher it with Bobs public key,compare the result.nAlice的challenge每次都不一样,因此不可能重放攻击.22Certificates上面的讨论基于:nAlice认为他获得的Bob的公钥是“真的”。攻击者常会假冒因此需要一个方法来保证这一点,保证你得到的证书是可以信赖的。这个方法就是:证书机制,所有的证书都经过颁发者的私钥签名,因此是可以信赖的。发放证书的机构就是:PKI-公开密钥基础设施23Certificates证书是一种验证服务器身份的电子手段。n客户端可以通过检查
16、证书确认自己连接到了正确的服务器上。证书被预先存放在客户端数据库或一个证书权威( certificate authority)处,通过比较可以验证一个收到的证书是否正确。证书一般由第三方颁布。n证书有期限。n你可以颁布自己的证书并分发给允许访问你站点的用户。24PKI:公开密钥基础设施n证书管理n认证n完整性n机密性25“外患” Aspects of Security Authentication and Encryption Internet Firewalls and Packet Filtering Virtual Private Networks Secure HTTP (SHTTP)
17、 and Secure Socket Layer (SSL) Securing your Site26Internet firewall加密技术并不能解决所有的安全问题,还需要其他技术的配合.对内网的每台计算机都施加保护代价太大。 Better create a protective wall防火墙技术帮助保护内网不被unwanted Internet traffic所骚扰.防火墙通常放在内网与Internet之间,防止问题从Internet扩散到内部。27防火墙的要点所有进入内网的流量必须经过防火墙所有离开内网的流量必须经过防火墙防火墙拒绝任何违反内网安全规则的流量防火墙本身对安全攻击有免疫
18、力。 If an organization has multiple Internetconnections, a firewall should be placed on each28包过滤Packet filtering是防火墙采用的主要机制防火墙检查所有进出的IP包,从而控制内网与外界的联系,同时也控制外网与内网的通信。基于IP包中的源/目的地址来决定是否丢弃某个包。29过滤服务filtering service除了低级的IP地址包过滤,还可检查包的协议或其他高层服务即实施基于服务的过滤Example: allow HTTP and SMTP and 实现的方法:Can use a bo
19、olean combination of destination, source and services.30Firewall with Packet Filtering31“外患” Aspects of Security Authentication and Encryption Internet Firewalls and Packet Filtering Virtual Private Networks Secure HTTP (SHTTP) and Secure Socket Layer (SSL) Securing your Site32Private Networks33Plus
20、 & Minus of Private Networks专线连接站点:完全的安全性。 (completely private)n Nobody else has access or can read passing datan租用专线=昂贵代价Internet无法保证confidentiality,但很便宜: just get ISP on both ends.能否同时兼得二者的好处?34Virtual Private Network (VPN)VPN is implemented in software Each router runs a VPN software VPN software
21、 acts as a packet filterVPN software encrypts packets, all communication remains confidential35Tunneling技术将整个报文都加密传送?如果报头加密, routers wouldnt know who is the receiver如果报头不加密,信息可能泄露 (who is sending and who is receiving may be observed)VPN使用一种称为IP-in-IP tunneling的技术来完全隐藏信息。36IP-in-IP Tunneling37“外患” As
22、pects of Security Authentication and Encryption Internet Firewalls and Packet Filtering Virtual Private Networks Secure HTTP (SHTTP) and Secure Socket Layer (SSL) Securing your Site38Secure HTTP S-HTTP request header Secure * secure-HTTP/1.1 Content-Privacy-Domain PEM or PKS-7 Content-Type: applicat
23、ion/http Security-Scheme, Certificate-Info, Key-AssignS-HTTP response header Secure-HTTP/1.1 200 OK两个特点:协商、脆弱39NegotiationnS-HTTP允许交互双方就安全参数进行协商nS-HTTP allows both parties to negotiate their needs and preferences regarding security parameters (algorithm, key length,etc.)40VulnerabilityS-HTTP 容易受低层攻击
24、,因为它是一个应用层的协议。 S-HTTP is vulnerable since it is susceptible to low level attacks at the TCP or IP level. It is secure at the application level only.41Secure Socket Layer (SSL)为了解决这个问题,SSL在OSI模型的更低层实现。n因此,它不仅可用于HTTP,也可用于其他协议,如 FTP, telnet, NNTP, etc.SSL 建立并维护一个用于通信的安全通道(secure channel) Unlike HTTP, S
25、SL is stateful.42Secure Channel PropertiesChannel is authenticated: 服务器必须对客户端进行认证而客户端也可对服务器进行认证。认证的方法是采用 public/private key进行加密。 Channel is private: 先进行握手定义一个密钥,此后所有的消息传递都用它进行加密。加密方法是对等加密法。 Channel is reliable: Each message includes a message integrity check using a MAC43SSL Handshake During an SSL
26、session, some variables need to be defined. The server needs to determine:n Version of SSL supported(版本)n Encryption algorithm to be used(加密算法)n Session ID (each SSL session has a unique ID)(会话号)n Compression algorithm to be used (if needed)(压缩算法)n 2 random numbers以上参数在协商过程中确定下来。协商过程又称为 handshake (S
27、SL 握手协议) Authentication also occurs at the handshake44Handshake Protocol45Handshake Protocol1. 浏览器发一个 client hello 消息2. 服务器返回一个 server hello消息3. 如果客户端需要对服务器进行认证,服务器将自己的证书(certificate)发给对方。 同时可按彼此同意的加密算法发一个server key exchange消息。 4. 服务器向客户端请求证书(certificate)5. 服务器发server hello done消息6. 如果客户端发会证书或发回no c
28、ertificate alert消息,还将发送一个client key exchange 消息46Handshake Protocol7. 如果一切正常,客户端发送一个change cipher spec 消息,同时附带同意的参数。8.客户端发 finished 消息9. 服务器发自己的change cipher spec消息10. 服务器发 finished 消息47“内忧”对内部后台信息系统的保护n更难防备主要安全原则nLeast priviledge principlesnSeparation of DutynData abstraction完成机制: 访问控制(Access Contr
29、ol)48安全策略最早使用访问控制方法的两种:军用:MAC(Mandatory Access Controls)n军方应用的安全目标:preventing the unauthorized observation of classified information.民用:DAC(Discretinary Access Controls)nIntegrity deals with broader issues of secrity than confidentialityn特别是:funds transfer,clinical medicine,environmental research,ai
30、r traffic control等行业n每个企业都有自己唯一的安全需求,传统的DAC和MAC难以满足要求。49安全策略DAC的定义:na means of restricting access to objects based on the identity of subjects and/or groups to which they belong.nThe controls are discretinary in the sense that a subject with a certain access permission is capable of passing that per
31、mission(perhanps indirectly) on to any other subject(unless restrained by mandatory access control)n一言蔽之,DAC的特点是:用户可不经批准的把自己拥有的权限批准给其他人使用。50安全策略MAC的定义:na means of restricting access to objects based on the sensitivity(as represented by a label)of the information contained in the objects and the form
32、al authorization(I.e clearance) of subjects to access inforamtion of such sensitivity.n强调的是:严格限制什么级别的人访问什么级别的信息。51RBACPermissons are associated with roles and users are mad members of appropriate rols.更自然,符合组织管理方式.greatly simplifies management of permissions.与DAC的主要不同:The user cannot pass access per
33、missions on to other users at their discretion.更像MACwMAC关心的是who can read what information.信息绝对不可从高级流向低级权限.wRBAC更关心保护信息的Integrity,也就是“Who can perform what acts on what information”符合安全三原则52Securing your site:Basic Steps Make sure CGI scripts execute under ownership of fake user (nobody or www) which
34、has very little privileges All documents and programs should be writable only by owner Logs should not be writable or readable by the world Support usernames and passwords whenever needed. Always create index.html in all directories53Consider Problems with CGI Be careful what sort of scripts can be
35、uploaded on the server Validate input of Forms and be strict Ex: “/usr/lib/sendmail user” and user is “john.; rm index.html” In Perl or other languages, this could be executed by the system after sending the e-mail54summaryPKI技术可以有效防止用户的非法访问和修改数据等问题.但在浏览器客户端实施尚不完善要保护内部后台数据库的安全,可以实施RBAC的策略,如果要进一步提供基于工作流的访问控制,也可在RBAC的基础上完成.55
