20-771: Computer Security .


113 views
Uploaded on:
Category: Animals / Pets
Description
Almost All Consumers Have Concerns About Online Shopping ... individual information on Internet, yet advantages/comfort of utilizing Internet exceed concerns ...
Transcripts
Slide 1

20-771: Computer Security Lecture 11: Windows 2000 III Robert Thibadeau School of Computer Science Carnegie Mellon University Institute for eCommerce, Fall 2002

Slide 2

Today\'s address Windows 2000 Access II File Encryption/Decryption

Slide 3

This Week Read WS 10,11 XML Security More Windows Security

Slide 4

Windows C-2 Security Model It must be conceivable to control access to an asset by allowing or denying access to individual clients or named gatherings of clients. Memory must be ensured with the goal that its substance can\'t be perused after a procedure liberates it. So also, a safe document framework, for example, NTFS, must shield erased records from being perused. Clients must recognize themselves in an interesting way, for example, by secret word, when they sign on. All auditable activities must distinguish the client performing the activity. Framework executives must have the capacity to review security-related occasions. In any case, access to the security-related occasions review information must be constrained to approved managers. The framework must be shielded from outer impedance or altering, for example, alteration of the running framework or of framework records put away on circle.

Slide 5

Win 2000 Security A User/bunches Rights-e.g., assignment Active Directory DACLs for Authorization Files & Other Objects Internal Privacy : File Encryption YOU! Certs for Authentication username kerberos Services Some-other-time.. secret key Certs for Integrity Active Directory SACLs for Audit testament Other Machines Web Visitor Web Site IIS – IE5 Secure Network Privacy SSL & IPSec Windows 2000 IPAAA Model User Agents DACLs File Encrypt Kerberos Authenticode SACLs Smartcard IPSec

Slide 6

Domain Trees Domain Controller Prof Domain Controller Domain Controller Domain Controller Domain Controller Prof User Accounts Prof

Slide 7

Example AD for organization "reskit.com"

Slide 8

Some Hierarchies

Slide 9

Object Naming An item has precisely one name, the recognized name (DN). The DN particularly recognizes the article and contains adequate data for a customer to recover the item from the catalog. The DN of an article might be very long and hard to recollect. Additionally, the DN of an article may change. Since the DN of an item is made out of the RDN of the article and its predecessors, a rename of the article itself or any progenitor will change the DN. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/w2k/A_name.asp Object internationally one of a kind identifier (GUID) A 128-piece number, ensured to be exceptional. Objects have a GUID relegated when they are made. The GUID is never showed signs of change, regardless of the fact that the article is moved or renamed. Applications can store the GUID of an article and be guaranteed of recovering that question regardless of what the current DN is. Client Principal Name—Security Principals (clients and gatherings) each have a "friendly" name, the User Principal Name (UPN), which is shorter than the DN and less demanding to recall. The User Principal Name is made out of a "shorthand" name for the client and the DNS name of the space tree where the client object lives. For instance, client James Smith in the microsoft.com tree may have an UPN of "JamesS@Microsoft.com."

Slide 10

Windows Authorization

Slide 11

MSDN Links How DACLs work http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/how_dacls_control_access_to_an_object.asp File & Directory http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/base/file_security_and_access_rights.asp String for ACE http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/ace_strings.asp http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/access_mask.asp

Slide 12

Windows Default ACE request Denial ACEs first then Allow ACEs Within this, Specific to Object then non Specific

Slide 13

First Time Manager Mistake Something doesn\'t work You make yourself "everything" Still doesn\'t work. Issue : NT/2000 Security takes a gander at you and makes you the MINIMUM fit for your gatherings A Users gathering is really feeble Select your gatherings precisely to have the force you require

Slide 14

Fine Grained Permissions Give intending to "full", "alter", and so forth. Assembled ins Traverse organizer/execute record List envelope/read information Read characteristics Read developed qualities Create documents/compose information Create envelopes/affix information Write traits Write augmented properties Delete subfolders and records Delete Read authorizations Change consents Take possession

Slide 15

Special Identities System (just the OS of Local) : limited root for SUID sort activities. Maker Owner (like "self gathering" in unix : just an index!) Users get authorizations of CreatorOwner (like Special Bits) Everyone (a programmed bunch task for all clients including visitors) Network (a programmed bunch task for clients/visitors that are not Local and who have been conceded remote access) Interactive (Local clients/visitors who have been allowed access)

Slide 16

Features of Win 2000 Multiple strategies for validating inner and outside clients Protection of records through simple to utilize encryption Protection crosswise over system through straightforward encryption Per-property access control for articles (numerous more itemized uses than read, compose, and execute) Smart card support for confirmation and concealing private keys Transitive trust connections between areas Public Key Infrastructure (PKI – Certs took care of straightforwardly). Code itself is routinely verified as to its source utilizing PKI.

Slide 17

Complex Many Hierarchies Lots of How-To Learn just MS Use just MS 2000 Simple fundamental model MMC/Active Directory/ACLs Hierarchies are anything but difficult to skim/look Only ONE approach to arrange Good online docs, great HCI Bad News Good News

Slide 18

What is your suggestion? Machines must be 128 megabytes Think area trees. Legacy Build a root Build a division Add in different offices Web Servers Build a root Build a web server Add in different offices

Slide 19

Build a root? The root ought to incorporate A top-level space controller A top-level authentication server A top-level kerberos server Possibly, a top-level SQL Server Possibly, a trade server (mail) Possibly, a DNS server If Intranetting: an IIS server These servers don\'t need to be big-time machines however do need to be solid Disk reflecting is incorporated with NT/2000 Offsite reinforcement replication (IPSec) These machines ought to be under significant bolt and key. Passage ought to be neighborhood console albeit remote is bolstered in Windows 2000.

Slide 20

Win 2000 Security A User/bunches Rights-e.g., designation Active Directory DACLs for Authorization Files & Other Objects Internal Privacy : File Encryption YOU! Certs for Authentication username kerberos Services Some-other-time.. secret key Certs for Integrity Active Directory SACLs for Audit endorsement Other Machines Web Visitor Web Site IIS – IE5 Secure Network Privacy SSL & IPSec Windows 2000 IPAAA Model File Encrypt

Slide 21

Encrypting File Think like SSL and others: utilizes RSA for confirmation/approval and Private Session Key for genuine encryption/decoding This implies framework has private key that it can use for unscrambling Encrypted Data Recovery Policy (EDRP) Workgroup (LOCAL Domain) this is neighborhood In Domain, it is just with the Domain Administrator

Slide 22

One DESX Key , Many Certs FILE OR DIRECTORY Administrator CERT/Public Key M Symmetric/Private/DESX/Encrypt/Decrypt Key A UserQ CERT/Public Key Q Symmetric/Private/DESX/Encrypt/Decrypt Key A UserR CERT/Public Key R Symmetric/Private/DESX/Encrypt/Decrypt Key A Some can be certs in Data Decryption Field or Data Recover Field

Slide 23

File Encryption/Recovery Certificate The symmetric scrambling key is encoded utilizing the general population key got from your EFS declaration. The subsequent encoded information, alongside your presentation name and a hash of the declaration, is put away in a named stream in the record that contains EFS metadata. At the point when EFS decodes a record, it utilizes your private key to unscramble the symmetric scrambling key. EFS then uses the symmetric key to decode the information.

Slide 24

File Encryption is DES Actually DESX however the thought is the same: it works like XOR : the quantity of bits is the quantity of tries expected to figure the key savage power (without examined cryptoanalysis). 40 bits for International 56 bits for US 128 bits can be downloaded from MS Support File Encryption Key Uses a Random (40, 56 or 128 piece) Number (irregularity is presumably great, however not "figure quality") You can wager some person some place has portrayed the non-haphazardness as of now (haven\'t seen a production) This implies WHAT? You ought to know the response to this!

Slide 25

Sidebar 3000 piece encryption Answer: Yes, however… . It won\'t hurt however it presumably doesn\'t make a difference. 128 piece is 1.70141183460469e+38 1 in 170,141,834,604,690,000,000,000,000,000,000,000,000 tries Slightly superior to anything 6 in 9999 (your PIN on your financial balance)… 86,400 seconds in a day, 31,500,000 in a year. 3,150,000,000 in 100 years. Need 54,000, 000,000, 000,000, 000,000,000,000 Guesses a Second (div by 2) 54 billion trillion operations for every second with the desire that in 50 years you\'ll get it. Then again, feel free.

Slide 26

Process You right snap and set property to scramble a document/catalog If you don\'t have a client open/private keypair one is *automatically created in the background* in your space Done once, you are done until the end of time. You can have others – need administration The private/open key pair accesses the session key for the document.

Slide 27

When it won\'t work System bit set (framework records can\'t be scrambled) Compressed documents (records *marked* compacted). Perused Only documents (this is on the grounds that the record must be composed, incidentally, to be perused).

Recommended
View more...