Indice del tema
• Introducción – Ciclo de vida de la Seguridad
– Modelo de escenario de Seguridad
• Servicios y mecanismos de seguridad
• Referencias bibliográficas
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 2
• Algunas definiciones de “Seguridad de la Información”
“Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and
maximize return on investments and business opportunities”
ISO/IEC 17799: Code of practice for information security management
“The protection of information assets through the use of technology, processes, and training”
Microsoft Security Glossary
“The ability of a system to manage, protect, and distribute sensitive
information” Software Engineering Institute, Carnegie Mellon University
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 4
• Un error en la fase de diseño, desarrollo o implementación puede producir, a posteriori, un fallo de seguridad – También llamado vulnerabilidad
• Como consecuencia, se viola la política de seguridad del sistema, y este queda en peligro – En una red como Internet, con las dimensiones,
números de hosts y número de usuarios actuales, el efecto devastador es exponencial
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 5
• La política de seguridad es el conjunto de reglas/requisitos que gobiernan el comportamiento del sistema, en lo que a seguridad se refiere
• Ejemplos de requisitos:
Fuente: “Handbook of Applied Cryptography”
Ciclo de vida de la Seguridad
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 6
• La política de seguridad es sólo una de las fases del ciclo de vida de la seguridad. El modelo general de ciclo de vida se incluye en el estándar ISO-7498-2, y consta de cinco pasos: 1. Definición de una política de seguridad que contiene una serie de
requisitos genéricos de seguridad para el sistema
2. Análisis de requisitos de seguridad, incluyendo el análisis de riesgos, y un análisis de los requisitos legales, gubernamentales y normativos
3. Definición de los servicios de seguridad necesarios para satisfacer los requisitos de seguridad
4. Diseño del sistema e implementación, así como la selección de los mecanismos de seguridad que van a proporcionarnos los servicios de seguridad definidos en la etapa anterior
5. Administración y mantenimiento de la seguridad
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 7
Modelo de escenario de Seguridad
8
• Es necesario un escenario básico para empezar a razonar sobre: – las amenazas que pueden existir y los ataques que se pueden sufrir
– las soluciones (servicios y mecanismos) de seguridad que podemos utilizar
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad
• ¿Quiénes pueden ser el emisor y el receptor en un escenario real? – Navegador web y Servidor web para transacciones electrónicas
(por ejemplo, compra on-line) – Banca on-line (cliente y servidor)
– Servidores DNS – Routers intercambiando tablas de enrutamiento – Dos usuarios en un chat, o enviándose e-mails, …
– Etc.
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 9
• Los ataques se pueden clasificar en activos y pasivos
• Más concretamente, se pueden considerar los siguientes cuatro tipos: – Intercepción (pasivo)
– Modificación (activo)
– Interrupción (activo)
– Generación (activo)
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 10
(a) Release of message contents
Bob
Darth
Alice
read contents ofmessage from Bobto Alice
(b) Traffic analysis
Figure 1.3 Passive Attacks
Bob
Darth
Alice
observe pattern ofmessages from Bobto Alice
Internet orother comms facility
Internet orother comms facility
Intercepción
(a) Masquerade
Bob
Darth
Alice
Alice
Message from Darththat appears to befrom Bob
(b) Replay
Figure 1.4 Active Attacks (page 1 of 2)
Bob
Darth Capture message fromBob to Alice; laterreplay message to Alice
Internet orother comms facility
Internet orother comms facility
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 11
(c) Modification of messages
Bob
Darth
Alice
Darth modifiesmessage from Bobto Alice
(d) Denial of service
Figure 1.4 Active Attacks (page 2 of 2)
Bob
Darth
Server
Darth disrupts serviceprovided by server
Internet orother comms facility
Internet orother comms facility
(c) Modification of messages
Bob
Darth
Alice
Darth modifiesmessage from Bobto Alice
(d) Denial of service
Figure 1.4 Active Attacks (page 2 of 2)
Bob
Darth
Server
Darth disrupts serviceprovided by server
Internet orother comms facility
Internet orother comms facility
Modificación Interrupción
Generación
SERVICIOS Y MECANISMOS DE SEGURIDAD
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 12
• Los servicios de seguridad ponen en funcionamiento las políticas de seguridad
• Algunas definiciones más precisas para este concepto:
“A processing or communication service that is provided by a system to give a specific kind of protection to system resources”
RFC 2828: Internet Security Glossary
"A service, provided by a layer of communicating open systems, which ensures adequate security of the systems or the data transfers"
ISO 7498-2: Basic Reference Model -- Part 2: Security Architecture
ITU X.800: Security Architecture for Open Systems Interconnection for CCITT Applications
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 13
• Los estándares ISO 7498-2 e ITU X.800 dividen los servicios de seguridad en cinco categorías, y a partir de ahí distinguen catorce servicios específicos
• Las categorías son: – Confidencialidad de datos
– Autenticación
– Integridad de datos
– No-repudio
– Control de acceso
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 14
15
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 16
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 17
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
18
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
19
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
Table 1.2 Security Services (X.800)
AUTHENTICATION
The assurance that the communicatingentity is the one that it claims to be.
Peer Entity AuthenticationUsed in association with a logical connectionto provide confidence in the identity of theentities connected.
Data-origin AuthenticationIn a connectionless transfer, provides assurancethat the source of received data is as claimed.
ACCESS CONTROL
The prevention of unauthorized use of aresource (i.e., this service controls who canhave access to a resource, under whatconditions access can occur, and whatthose accessing the resource are allowed todo).
DATA CONFIDENTIALITY
The protection of data from unauthorizeddisclosure.
Connection ConfidentialityThe protection of all user data on a connection.
Connectionless ConfidentialityThe protection of all user data in a single datablock
Selective-Field ConfidentialityThe confidentiality of selected fields within theuser data on a connection or in a single datablock.
Traffic-flow ConfidentialityThe protection of the information that might bederived from observation of traffic flows.
DATA INTEGRITY
The assurance that data received areexactly as sent by an authorized entity (i.e.,contain no modification, insertion,deletion, or replay).
Connection Integrity with RecoveryProvides for the integrity of all user data on aconnection and detects any modification,insertion, deletion, or replay of any datawithin an entire data sequence, with recoveryattempted.
Connection Integrity without RecoveryAs above, but provides only detection withoutrecovery.
Selective-Field Connection IntegrityProvides for the integrity of selected fieldswithin the user data of a data block transferredover a connection and takes the form ofdetermination of whether the selected fieldshave been modified, inserted, deleted, orreplayed.
Connectionless IntegrityProvides for the integrity of a singleconnectionless data block and may take theform of detection of data modification.Additionally, a limited form of replaydetection may be provided.
Selective-Field Connectionless IntegrityProvides for the integrity of selected fieldswithin a single connectionless data block;takes the form of determination of whether theselected fields have been modified.
NONREPUDIATION
Provides protection against denial by oneof the entities involved in a communicationof having participated in all or part of thecommunication.
Nonrepudiation, OriginProof that the message was sent by thespecified party.
Nonrepudiation, DestinationProof that the message was received by thespecified party.
• Dentro de una comunicación, estos servicios de seguridad se pueden proporcionar en distintas capas del modelo de referencia OSI, como indica la siguiente tabla:
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 20
SSeerrvviiccee // LLaayyeerr LLaayyeerr 11 LLaayyeerr 22 LLaayyeerr 33 LLaayyeerr 44 LLaayyeerr 55//66 LLaayyeerr 77 Entity authentication Y Y Y Origin authentication Y Y Y Access control Y Y Y Connection confidentiality Y Y Y Y Y Connectionless confidentiality Y Y Y Y Selective field confidentiality Y Traffic flow confidentiality Y Y Y Connection integrity with recovery Y Y Connection integrity without recovery Y Y Y Selective field connection integrity Y Connectionless integrity Y Y Y Selective field connectionless integrity Y Non-repudiation of origin Y Non-repudiation of delivery Y
• Por otro lado, un mecanismo de seguridad proporciona soporte a un servicio de seguridad
• Definición: “A process (or a device incorporating such a process) that can be used in a
system to implement a security service that is provided by or within the system”
RFC 2828: Internet Security Glossary
• Los estándares ISO 7498-2 e ITU X.800 distinguen entre dos tipos de mecanismos de seguridad: – específicos: están implementados en una capa específica de la pila de
protocolos
– ubicuos: no son específicos de ninguna capa en particular
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 21
22
Table 1.3 Security Mechanisms (X.800)
SPECIFIC SECURITY MECHANISMS
May be incorporated into the appropriateprotocol layer in order to provide some ofthe OSI security services.
EnciphermentThe use of mathematical algorithms totransform data into a form that is notreadily intelligible. The transformation andsubsequent recovery of the data depend onan algorithm and zero or more encryptionkeys.
Digital SignatureData appended to, or a cryptographictransformation of, a data unit that allows arecipient of the data unit to prove thesource and integrity of the data unit andprotect against forgery (e.g., by therecipient).
Access ControlA variety of mechanisms that enforceaccess rights to resources.
Data IntegrityA variety of mechanisms used to assure theintegrity of a data unit or stream of dataunits.
Authentication ExchangeA mechanism intended to ensure theidentity of an entity by means ofinformation exchange.
Traffic PaddingThe insertion of bits into gaps in a datastream to frustrate traffic analysis attempts.
Routing ControlEnables selection of particular physicallysecure routes for certain data and allowsrouting changes, especially when a breachof security is suspected.
NotarizationThe use of a trusted third party to assurecertain properties of a data exchange.
PERVASIVE SECURITY MECHANISMS
Mechanisms that are not specific to anyparticular OSI security service or protocollayer.
Trusted FunctionalityThat which is perceived to be correct withrespect to some criteria (e.g., as establishedby a security policy).
Security LabelThe marking bound to a resource (whichmay be a data unit) that names ordesignates the security attributes of thatresource.
Event DetectionDetection of security-relevant events.
Security Audit TrailData collected and potentially used tofacilitate a security audit, which is anindependent review and examination ofsystem records and activities.
Security RecoveryDeals with requests from mechanisms, suchas event handling and managementfunctions, and takes recovery actions.
23
Recommendation X.800 15
TABLE 1/X.800
Illustration of relationship of security services and mechanisms
· The mechanism is considered not to be appropriate.
Y Yes: the mechanism is considered to be appropiate, either on its own or in combination with other mechanisms.
Note – In some instances, the mechanism provides more than is necessary for the relevant service but could nevertheless be used.
6 The relationship of services, mechanisms and layers
6.1 Security layering principles
6.1.1 The following principles were used in order to determine the allocation of security services to layers and theconsequent placement of security mechanisms in the layers:
a) the number of alternative ways of achieving a service should be minimized;
b) it is acceptable to build secure systems by providing security services in more than one layer;
c) additional functionality required for security should not unnecessarily duplicate the existing OSIfunctions;
d) violation of layer independence should be avoided;
Mechanism
ServiceEncipherment
Digitalsignature
Accescontrol
Dataintegrity
Authenti-cation
exchange
Trafficpadding
Routingcontrol
Notari-zation
Peer entity authentication Y Y · · Y · · ·Data origin
authentication Y Y · · · · · ·Access control service · · Y · · · · ·Connection confidentiality
Y . · · · · Y ·Connectionless
confidentiality Y · · · · · Y ·Selective field
confidentiality Y · · · · · · ·Traffic flow
confidentiality Y · · · · Y Y ·Connection Integrity with
recovery Y · · Y · · · ·Connection integrity
without recovery Y · · Y · · · ·Selective field connection
integrity Y · · Y · · · ·Connectionless integrity Y Y · Y · · · ·Selective field
connectionless integrity Y Y · Y · · · ·Non-repudiation. Origin · Y · Y · · · YNon-repudiation. Delivery
· Y · Y · · · Y
Bibliografía básica
• "User's Guide To Cryptography And Standards”
Alex W. Dent, Chris J. Mitchell
Artech House, 2004
• "Handbook of Applied Cryptography”
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone,
CRC Press, 1996
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 25
Bibliografía complementaria
• ISO 7498-2 Ø Information processing systems -- Open Systems Interconnection -- Basic
Reference Model -- Part 2: Security Architecture, 1989.
• RFC 2828 Ø RFC2828: Internet Security Glossary, R. Shirey, May 2000.
• ITU-T X.800 Ø Recommendation X.800: Security Architecture for Open Systems
Interconnection for CCITT Applications, ITU, 1991.
• ITU-T X.509 Ø Recommendation X.509: Information technology – Open systems
interconnection – The Directory: Public-key and attribute certificate frameworks, ITU, 2005
SEGURIDAD DE LA INFORMACIÓN - Tema 1: Fundamentos de Seguridad 26