The Physical Layer

Document Sample
The Physical Layer Powered By Docstoc
					WEB SECURITY
WEB ATTACK TYPES
                   WEB Attack Types




                       Attacks




Buffer Overflows    XML Injections    Session Hijacking
                           Buffer Overflows


Common Effects: DOS (Denial of Service), data corruption, malicious code
execution.

An attacker can craft XML data causing the XML to call upon itself
repetitively therefore constantly increasing in size. This causes a memory
overflow, or trigger error messages which reveal information about the
application.

A DOS attack can be caused by forcing a server to parse an abnormally long
XML file, which in essence uses up much more resources then actually
generating one, and can crash the application. Another type of attack
consists of sending a block of data to an application, which is stored in a
buffer of insufficient size. This block of data can then overwrite genuine
data and cause a function return which gives control to the malicious code
in the hacker’s data block.
                            XML Injections


Common Effects: Command execution, data theft and deletion, schema
poisoning.

SQL Injection is a high-risk exploit which may be performed using SOAP
messages. If a server does not validate data correctly, a SOAP message can
easily be used to create XML data which inserts a parameter into an SQL
query and have the server execute it with the rights of the Web Service. SQL
Injection is only one of the threats a server is exposed to if data is not
validated.

Another such example is Schema Poisoning. A schema file is what an XML
parser uses to understand the XML’s grammar and structure, and contains
essential preprocessor instructions. An attacker may damage the XML
schema or replace it with a modified one which would then allow the
parser to process malicious SOAP messages and specially crafted XML files
to inject OS commands on the server or database.
                            Session Hijacking


Common Effects: Obtaining of user privileges within application or
network.

Session hijacking involves gaining illegal control of a legal user’s session
state. It occurs when an attacker steals a valid session ID (valid session
cookie), and uses it to gain that particular user’s privileges in the
application. By intercepting or sniffing SOAP messages, an attacker can
hijack a user’s session in the same ways as with normal web application
attacks, however once a hacker is authenticated as a valid user he may
perform more dangerous activities.
WEB SECURITY
        Web Security

           Threats
       Secure Naming
SSL – The Secure Sockets Layer
    Mobile Code Security
             Secure Naming




(a) Normal situation. (b) An attack based on breaking
        into DNS and modifying Bob's record.
Secure Naming (2)




How Trudy spoofs Alice's ISP.
                    Secure DNS




An example RRSet for bob.com. The KEY record is Bob's
public key. The SIG record is the top-level com server's signed
has of the A and KEY records to verify their authenticity.
        Self-Certifying Names




A self-certifying URL containing a hash of server's
                 name and public key.
                             SSL



 Two protocol is dominant today for providing security
 at the transport layer


Topics discussed in this section:
SSL Services
Security Parameters
Sessions and Connections
Four Protocols
Transport Layer Security
Location of SSL and TLS in the Internet model
              SSL—The Secure Sockets Layer




Layers (and protocols) for a home user browsing with SSL.
                            SSL (2)




A simplified version of the SSL connection establishment subprotocol.
       SSL (3)




Data transmission using SSL.
SSL cipher suite list
SSL cipher suite list (continued)
                         Cryptographic Secrets

 Client needs one key for message authentication
 Client needs one key for encryption
 Client needs one Initiation Vector (IV) for block encryption

 Server needs one key for message authentication
 Server needs one key for encryption
 Server needs one Initiation Vector (IV) for block encryption
Note

   The client and the server have six
    different cryptography secrets.
Creation of cryptographic secrets in SSL
                     Cryptographic Secrets

 The client and server exchange two random numbers; one is
  created by the client and the other by the server.

 The client and server exchange one premaster secret by using
  one of the key-exchange algorithms we discussed previously.

 A 48-byte master secret is created from the premaster secret by
  applying two hash functions (SHA-1 and MD5).

 The master secret is used to create variable-length secrets by
  applying the same set of hash functions and prepending with
  different constants.
                  Question 1




What steps are involved in the SSL Record Protocol
Transmission?
                  Answer 1


What steps are involved in the SSL Record Protocol
Transmission?

Answer:
Fragmentation.
Compression.
Add MAC.
Encrypt.
Append SSL record header.
                 Connection & Session

 Connection: A connection is a transport (in the OSI layering
model definition) that provides a suitable type of service. A
connection can be established and broken several times during
a session. For SSL, such connections are peer-to-peer
relationships. The connections are transient. Every connection is
associated with one session.

 Session: An SSL session is an association between a client and
a server. A session between two systems is an association that
can last for a long time. Sessions are created by the Handshake
Protocol. Sessions define a set of cryptographic security
parameters, which can be shared among multiple connections.
Sessions are used to avoid the expensive negotiation of new
security parameters for each connection.
                         Question 2




What is the difference between a session and a connection in SSL?
                         Answer 2


What is the difference between a session and a connection in SSL?

Answer:
Connection: A connection is a transport (in the OSI layering
model definition) that provides a suitable type of service. For SSL,
such connections are peer-to-peer relationships. The connections
are transient. Every connection is associated with one session.

Session: An SSL session is an association between a client and
a server. Sessions are created by the Handshake Protocol.
Sessions define a set of cryptographic security parameters, which
can be shared among multiple connections. Sessions are used to
avoid the expensive negotiation of new security parameters for
each connection.
Four SSL protocols
                       Question 3




What protocols compromise SSL?
                       Answer 3



What protocols compromise SSL?

Answer:
SSL handshake protocol.
SSL change cipher spec protocol.
SSL alert protocol.
SSL record protocol.
                Four Protocols
 Handshake Protocol: provides security parameters for the
Record Protocol. It establishes a cipher set and provides keys and
security parameters. It also authenticates the server to the client
and the client to the server (if needed), and to exchange
information for building the cryptographic secrets. The
handshaking is done in four phases, as shown in Figure.
Handshake Protocol
                    Four Protocols
 ChangedCipherSpec Protocol: is used for signaling the
readiness of cryptographic secrets.

 Alert Protocol: is used to report abnormal conditions.

 Record Protocol: caries message from the upper layer
(Handshake Protocol, ChangeCipherSpec Protocol, Alert
Protocol, or application). The message is fragmented and
optionally compressed; a MAC is added to the compressed
message by using the negotiated hash algorithm. The compressed
fragmented and the MAC are encrypted by using the negotiated
encryption algorithm. Finally, the SSL header is added to the
encrypted message. Figure shows this process at the sender. The
process at the receiver is reversed.
Processing done by the Record Protocol
                         Question 4




What services are provided by the SSL Record Protocol?
                         Answer 4


What services are provided by the SSL Record Protocol?

Answer:
Confidentiality: The Handshake Protocol defines a shared secret
key that is used for conventional encryption of SSL payloads.

Message Integrity: The Handshake Protocol also defines a
shared secret key that is used to form a message authentication
code (MAC).
How Do You Want Protect Your Network System




           Thank You

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:5
posted:7/14/2011
language:English
pages:38