Scribd
Upload
51 views

Cryptography and Network Security

This document discusses firewalls and network security. It covers the different types of firewalls including packet filters, stateful packet filters, application-level gateways, and circuit-level gateways. It also discusses firewall configurations, access control, trusted computer systems models like Bell-LaPadula, reference monitors, evaluated computer systems standards like TCSEC and Common Criteria. Common Criteria defines security requirements and evaluation criteria to assess security products.

Uploaded by

Anonymous 1ioUBbN
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
51 views

Cryptography and Network Security

This document discusses firewalls and network security. It covers the different types of firewalls including packet filters, stateful packet filters, application-level gateways, and circuit-level gateways. It also discusses firewall configurations, access control, trusted computer systems models like Bell-LaPadula, reference monitors, evaluated computer systems standards like TCSEC and Common Criteria. Common Criteria defines security requirements and evaluation criteria to assess security products.

Uploaded by

Anonymous 1ioUBbN
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 30

Cryptography and

Network Security
Chapter 20
Fourth Edition
by William Stallings
Lecture slides by Lawrie Brown

Chapter 20 Firewalls
The function of a strong position is to make
the forces holding it practically
unassailable
On War, Carl Von Clausewitz

Introduction

seen evolution of information systems


now everyone want to be on the Internet
and to interconnect networks
has persistent security concerns

cant easily secure every system in org

typically use a Firewall


to provide perimeter defence
as part of comprehensive security strategy

What is a Firewall?
a choke point

of control and monitoring


interconnects networks with differing trust
imposes restrictions on network services

only authorized traffic is allowed

auditing and controlling access

can implement alarms for abnormal behavior

provide NAT & usage monitoring


implement VPNs using IPSec
must be immune to penetration

Firewall Limitations
cannot protect from attacks bypassing it

eg sneaker net, utility modems, trusted


organisations, trusted services (eg SSL/SSH)

cannot protect against internal threats

eg disgruntled or colluding employees

cannot protect against transfer of all virus

infected programs or files

because of huge range of O/S & file types

Firewalls Packet Filters


simplest, fastest firewall component
foundation of any firewall system
examine each IP packet (no context) and

permit or deny according to rules


hence restrict access to services (ports)
possible default policies

that not expressly permitted is prohibited


that not expressly prohibited is permitted

Firewalls Packet Filters

Firewalls Packet Filters

Attacks on Packet Filters


IP address spoofing

fake source address to be trusted


add filters on router to block

source routing attacks

attacker sets a route other than default


block source routed packets

tiny fragment attacks

split header info over several tiny packets


either discard or reassemble before check

Firewalls Stateful Packet Filters


traditional packet filters do not examine

higher layer context

ie matching return packets with outgoing flow

stateful packet filters address this need


they examine each IP packet in context

keep track of client-server sessions


check each packet validly belongs to one

hence are better

able to detect bogus


packets out of context

Firewalls - Application Level


Gateway (or Proxy)
have application specific gateway / proxy
has full access to protocol

user requests service from proxy


proxy validates request as legal
then actions request and returns result to user
can log / audit traffic at application level

need separate proxies for each service

some services naturally support proxying


others are more problematic

Firewalls - Application Level


Gateway (or Proxy)

Firewalls - Circuit Level Gateway


relays two TCP connections
imposes security by limiting which such

connections are allowed


once created usually relays traffic without
examining contents
typically used when trust internal users by
allowing general outbound connections
SOCKS is commonly used

Firewalls - Circuit Level Gateway

Bastion Host

highly secure host system


runs circuit / application level gateways
or provides externally accessible services
potentially exposed to "hostile" elements
hence is secured to withstand this

hardened O/S, essential services, extra auth


proxies small, secure, independent, non-privileged

may support 2 or more net connections


may be trusted to enforce policy of trusted
separation between these net connections

Firewall Configurations

Firewall Configurations

Firewall Configurations

Access Control
given system

has identified a user


determine what resources they can access
general model is that of access matrix with

subject - active entity (user, process)


object - passive entity (file or resource)
access right way object can be accessed

can decompose by

columns as access control lists


rows as capability tickets

Access Control Matrix

Trusted Computer Systems

information security is increasingly important


have varying degrees of sensitivity of information

subjects (people or programs) have varying


rights of access to objects (information)
known as multilevel security

cf military info classifications: confidential, secret etc

subjects have maximum & current security level


objects have a fixed security level classification

want to consider ways of increasing confidence


in systems to enforce these rights

Bell LaPadula (BLP) Model

one of the most famous security models


implemented as mandatory policies on system
has two key policies:
no read up (simple security property)

a subject can only read/write an object if the current


security level of the subject dominates (>=) the
classification of the object

no write down (*-property)

a subject can only append/write to an object if the


current security level of the subject is dominated by
(<=) the classification of the object

Reference Monitor

Evaluated Computer Systems


governments can evaluate IT systems
against a range of standards:

TCSEC, IPSEC and now Common Criteria

define a number of levels of evaluation

with increasingly stringent checking


have published lists of evaluated products

though aimed at government/defense use


can be useful in industry also

Common Criteria

international initiative specifying security


requirements & defining evaluation criteria
incorporates earlier standards

eg CSEC, ITSEC, CTCPEC (Canadian), Federal (US)

specifies standards for

evaluation criteria
methodology for application of criteria
administrative procedures for evaluation, certification and
accreditation schemes

Common Criteria
defines set of security requirements

have a Target Of Evaluation (TOE)

requirements fall in two categories

functional
assurance

both organised in classes of families &

components

Common Criteria
Requirements
Functional Requirements

security audit, crypto support, communications,


user data protection, identification & authentication,
security management, privacy, protection of trusted
security functions, resource utilization, TOE access,
trusted path

Assurance Requirements

configuration management, delivery &


operation, development, guidance documents,
life cycle support, tests, vulnerability
assessment, assurance maintenance

Common Criteria

Common Criteria

Summary
have considered:

firewalls
types of firewalls
configurations
access control
trusted systems
common criteria

You might also like