第1章-网络安全概述2-计算机安全保密技术课程-教学课件.ppt

1、第1 章 网络安全概述第 2 讲内容n推荐参考文献n信息安全需求n信息保障技术n威胁举例n关于认证协议nWindows平台的认证协议Security in Computing third edition Charles P.Pfleeger信息安全的需求n保密性保密性Confidentialityn完整性完整性Integrityn系统完整性系统完整性n数据完整性数据完整性n可用性可用性Availabilityn真实性真实性 authenticityn认证认证n消息认证消息认证n身份认证：验证真实身份和所声称身份相符的过程身份认证：验证真实身份和所声称身份相符的过程多级签名 Nested sig

2、naturesnWorkflow systemsnSignature on some fields of papernCA hierarchical trees 关于信息安全的需求n信息安全的其他方面n真实性 authenticityn个体身份的认证，适用于用户、进程、系统等nAccountabilityn确保个体的活动可被跟踪nReliabilityn行为和结果的可靠性、一致性从信息安全到信息保障n通信保密（COMSEC）：60年代n计算机安全（COMPUSEC）：60-70年代n信息安全（INFOSEC）：80-90年代n信息保障（IA）：90年代-TCP/UDP ConnectionsI

3、dentified by 4 items in each message:Source IP AddressDestination IP AddressSource PortDestination Port 123.4.5.8Client123.4.5.30Server123.4.5.8-3097 to 123.4.5.30-23123.4.5.30-23 to 123.4.5.8-3097Telnet application exampleTCP/IPDoes not fully conform to the OSI 7-layer model-TCPIP PacketICMPIPUDPFT

4、P TELNET DNS NFS PINGApplicationlevelTransportlevelNetwork levelPhysical level安全层次安全的密码算法安全协议网络安全系统安全应用安全安全管理攻击类型图例：什么是信息保障nInformation Assurancen保护（Protect）n检测（Detect）n反应（React）n恢复（Restore）保护保护Protect检测检测Detect恢复恢复Restore反应反应ReactIAPDRRn保护（Protect）n采用可能采取的手段保障信息的保密性、完整性、可用性、可控性和不可否认性。n检测（Detect）n利用

5、高级术提供的工具检查系统存在的可能提供黑客攻击、白领犯罪、病毒泛滥脆弱性。n反应（React）n对危及安全的事件、行为、过程及时作出响应处理，杜绝危害的进一步蔓延扩大，力求系统尚能提供正常服务。n恢复（Restore）n一旦系统遭到破坏，尽快恢复系统功能，尽早提供正常的服务。信息安全法规、标准 （国际、国内）n数字化生存需要什么样的法规n信息内容安全n网上交易安全n电子信息权利n如何规制信息内容n如何规制网上行为恶意代码恶意代码 严重威胁严重威胁.n类型-Trojan Horse,Virus,Worm(bacteria,trap door,)n构成-Mission,Trigger,and Pr

6、opagatorn触发-Logic Bomb&Time BombMalicious code-简史:1948-Description of Self Reproducing Automata1970s-Multics Evaluation Early 80s-Apple VirusMid 80s-Dr.Cohens publications1988-The Morris Worm90s-Polymorphism and Macro Viruses恶意代码分类Trap doorsLogic BombsTrojan HorsesViruses Needs Host ProgramBacteriaW

7、ormsIndependentTaxonomy of Malicioius Programs(Bowles)1992-IEEE SpectrumPropagation componentTrap DoorsnA secret undocumented entry point into a program used to grant access without normal methods of access authentication.nUsed for many years in legitimate program development-e.g.,debugging modenMul

8、tics penetrations were accomplished be sending trap doors in OS updates.nDifficult to implement OS controls against trap doors-best to focus on software engineering practicesLogic BombnLogic embedded in a computer program that checks for a certain set of conditions to be present on the system.When t

9、hese conditions are met,one of more functions are executed resulting in unauthorized（未授权）actions.nAlso known as time bombnPredates viruses and wormsnExamples-presence or absence of certain files(or employee numbers)-license expiration causes disabling of program.Trojan HorsesnA computer program with

10、 an apparently or actually useful function that contains additional(hidden)functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of securitynOften found in a useful utility that when executed may also delete files or change file permissions or

11、corrupt data.nEspecially difficult to find in a compiler that inserts additional code.VirusesnCode embedded within a program that causes a copy of itself to be inserted in one or more other programs.In addition to propagation,the virus usually performs some unwanted function(but not always)nVirus co

12、de has a mission,trigger,and propagation component.nMoves by replicating itself in uninfected codeWormsnA program that can replicate itself and send copies from computer to computer across a network connection.Upon arrival,the worm may be activated to replicate and propagate again.May perform some u

13、nwanted function.nHas a mission,trigger,and propagation component -but no host.nCan behave as a virus or bacteria or implant a Trojan horseWormscontinuednNetwork facilities used to move may include:nElectronic Mail facilitynRemote execution capabilitynRemote login capabilitynPropagation Phase(exampl

14、e):nSearch for other systems to infect by examining host tables or similar repositories of remote addresses.nEstablish a connection with a remote systemnCopy itself to the remote system and cause the copy to be run(with controls wrt to previous infections)Bacteria nProgram that consumes system resou

15、rces by replicating itselfnSole purpose is replication（复制）-not damagenAn availability issue-consumes resources(memory,disk,processor capacity,etc.)The Nature of VirusesnCan do anything that other programs can do-within the authority of the programs permissions.nUsually OS specific-but could be writt

16、en for any OSnStagesnDormant Phase-idle and awaiting activationnPropagation Phase-copies itself onto other programs or into a disk areanTriggering Phase-Activated to perform its functionnExecution Phase-The function is performedTypes of VirusesParasitic-traditional,attaches to other programs and rep

17、licatesMemory Resident-lodges in main memory as part of a resident system program.Infects every program that executesBoot Sector-Infects a master boot record and spreads when the system is bootedStealth -designed to hide itself from detection by antivirus softwarePolymorphic-a virus that mutates mak

18、ing detection by signature very difficultMacro VirusesnFairly new-same technique but inserted in office application macrosnEstimates are that two thirds of virus are of this typenPlatform independent nInfect documents-not programsnEasily spread病毒：nPakistani“Brain”virus Lehigh UniversitynChristmas.ex

19、e Hebrew UnivnInternet WormnMS Word/Excel SpreadsheetQuestions on Malicious Code?信息认证信息认证n网络系统安全要考虑两个方面。用密码保护传送的信息使其不被破译 防止对手对系统进行主动攻击，如伪造，篡改信息等。n认证（authentication）防止主动攻击的重要技术，认证的主要 验证信息的发送者是真正的 信源识别；验证信息的完整性，未被篡改，重放或延迟等。保密和认证同时是信息系统安全的两个方面，n但它们是两个不同属性的问题n认证不能自动提供保密性，n保密性也不能自然提供认证功能。的模型如下图所示：信道窜扰者信宿

20、信源认证编码器认证译码器安全信道密钥源n首先要选好恰当的认证函数n设计合理的认证协议(Authentication Protocol)。一个安全的认证系统 认证函数认证函数（Authentication Functions)可用来做认证的函数分为三类：(1)信息加密函数(Message encryption)用完整信息的密文作为对信息的认证。(2)信息认证码MAC(Message Authentication Code)是对信源消息的一个编码函数。(3)散列函数(Hash Function)是一个公开的函数，它将任意长的信息映射成一个固定长度的信息。认证协议n基于对称密码算法的认证方案n是否需

21、要密钥分发中心(KDC)？n对于协议的攻击手法n认证的对象n消息发送方n消息本身n基于公钥密码算法的认证方案n公钥和身份的绑定基于对称密码算法的认证n消息认证nMAC码或者HMAC码n前提：存在共享密钥n密钥管理中心n或者用一个密钥交换协议n身份认证n依据n所知：口令、密钥，等n所有：身份证、智能卡，等n物理标识：指纹、笔迹、DNA，等n基于口令n证明是否知道口令n口令的强度n双向和单向认证n目的：分发密钥、签名有效性，通讯方式n两方通讯n一方发起通讯，另一方应答n双向和单向认证n有第三方介入的认证n第三方为可信任方，KDCn在线和离线n其他情形n多方认证n跨域认证n委托认证模型、信任模型为什

22、么需要认证协议n本地多用户认证nLogin：如何管理口令n远程用户认证n一次性n访问资源或者服务之前进行认证n多次访问资源或者服务n身份，获得credentialn利用credential访问资源或者服务Client与Proxy-Server之间的认证基于口令的认证+明文传输nTelnet远程登录n逐个字母发送，明文方式nPOP3邮件登录nFtp服务n认证协议：设计一个协议(一)n假设A和B要进行通讯，A和B有一个共享的密钥Kab,如何利用这个密钥进行认证，并且商定一个会话密钥Ks1 AB:(IDA|N1)2 BA:EKabKs,IDB,f(N1),N2)3 AB:EKsf(N2)这里的这里的f函数为某个确定的运算，比如函数为某个确定的运算，比如f(x)=x+1AKabB我是A告诉你Ks，以后就用它，别让别人知道好的，我用它试试，可我怎么知道你是B呢如果你知道Kab,那么你就知道Ks,我就知道你是A