Paul Ashley

Cross-domain one-shot authorization using smart cards

As the use of information technology is increasing rapidly in organizations around the world, an important task is to design global networks with high security, eÆciency and functionality. While centralized systems have the advantages of simpli ed management, they face the problems of bottleneck and single point of failure. In this paper, we propose a new authorization scheme that operates over existing centralized authentication mechanisms. The goal is to enhance the performance and scalability in a centrally administered security architecture. A new technique of using one-shot authorization tokens is introduced. It facilitates a mechanism for updating or revocation of the access rights of users in online or o -line authorization models. A smart card is used as an authorization device in addition to its traditional function of user authentication. This scheme provides the mobility for users and the exibility in coping with di erent access control policies in a cross domain multi-application environment.

Using SESAME to Secure Web Based Applications on an Intranet

The use of web technology within organisational Intranets is increasing. The combination of a standardised interface and the security features provided by TLS have made web technology very attractive. The TLS technology however has some limitations, especially in its lack of access control functionality. This paper focusses on alternatives to provide improved security services to web based applications. The SESAME security architecture is shown to provide all of the TLS security services, with the addition of other services such as the access control service. Also because SESAME uses the connection based GSS-API which is the same paradigm used by TLS, it is shown to be a suitable replacement. Unfortunately because web servers and web browsers do not provide hooks for replacing the TLS security technology, SESAME is not easily used. Two alternatives are therefore considered that overcome this limitation: a new proposal before the IETF of extending TLS to carry attribute certificates and a hybrid solution built by the authors.

A Uniform Approach to Securing Unix Applications Using SESAME

Existing proposals for adding cryptographic security mechanisms to Unix have secured numerous individual applications, but none provide a comprehensive uniform approach. As a consequence an ad-hoc approach is required to fully secure a Unix environment resulting in a lack of interoperability, duplication of security services, excessive administration and maintenance, and a greater potential for vulnerabilities. SESAME is a comprehensive security architecture, compatible with Kerberos. In particular, SESAME provides single or mutual authentication using either Kerberos or public-key cryptography, confidentiality and integrity protection of data in transit, role based access control, rights delegation, multi-domain support and an auditing service. Because of SESAMEs comprehensive range of security services, and because it scales well, SESAME is well suited for securing potentially all Unix applications in a uniform manner.

Towards a New Authorisation Paradigm for Extranets

The development of extranets is transforming enterprise networking. Rather than using proprietary networks to exchange private information, organisations can now set up corporate extranets to exchange data and share applications with strategic partners, suppliers, and customers in a global scale. Because extranets allow third-party users into corporate networks, they need to be extremely secure and external access needs to be highly controllable. Authorisation governs what an entity can do, thus it is a core element in network security. In this paper, we propose a new authorisation framework that can cope with the dynamic and outreaching characteristics of extranets. We apply the technique of one-shot authorisation token in providing extranet users with flexible direct access to applications without authenticating their identities every time. It also solves the problem of revocation and update of user privileges in off-line models. This authorisation scheme has various advantages in terms of higher efficiency and greater adaptability to the diverse application environment of extranets.

A Three-Party HTTP Proxy to Support Internet Content Regulation

From 1st January 2000, Internet Service Providers in Australia have been required to filter web traffic content. The Australian Broadcasting Authority (ABA) publishes a list of banned web sites and ISPs must enforce this ban. Enforcing Internet content regulation is a security issue: ISPs need to be able to verify the authenticity of a distributed banned list, enforcement will most likely be performed by a security component, and enforcement must be integrated with other security functions. This paper examines these issues, and more specifically reviews the modifications required to the TIS http-gw proxy to support Internet content regulation.

Enhancing SESAMEV4 with Smart Cards

SESAMEV4 is a security architecture that supports role based access control with single sign-on facilities for heterogenous distributed network environments. Several vulnerabilities are identified in SESAMEV4’s user authentication process. This paper proposes four options for enhancing this user authentication process by integrating smart cards into SESAMEV4. The proposals are shown to successfully increase the level of security of SESAMEV4 and will be shown to correctly operate with existing SESAMEV4 applications and servers, with no modifications required to the applications or servers.

The Intranet Authorization Paradigm

As we approach the new millenium it is clear that the vast increase in the use of information technology will continue well into the next century. Organizations are being reengineered with increasing use of information technology in all aspects of their processes. On the positive side, this helps organizations to become more efficient. The negative side is that new risks are rapidly emerging.

An Implementation of a Secure Version of NFS Including RBAC

The NFS protocol provides transparent remote access to shared file systems across networks. It is very popular particularly in Unix networks where it is probably the most common distributed file system technology. NFS however is rarely used outside closed protected networks, because its security is notoriously weak. In 1998 Sun Microsystems released what is considered the first attempt at providing comprehensive security to NFS: a security flavour called RPCSEC GSS based on Kerberos V5 and the GSS-API. The main benefit of this version over previous versions is that for the first time each NFS file access call could be protected. This paper outlines our efforts to secure NFS producing a security solution with even greater functionality. The major new functionality is that users may optionally use an access control system based on role based access control (RBAC). RBAC allows users to log in, be provided with a role, and use this to transparently access their remote files through secure NFS. There are also other advantages provided, for example security for the mount protocol and the option of public-key technology for authentication and key distribution. NFS has been secured with SESAME V4 and the practicality and performance of this mechanism has been demonstrated by modifying the Linux kernel and NFS utilities.

Secure Internet Technologies

This chapter continues the theme of the previous chapter in discussing a number of recent network security proposals. The previous chapter focussed on the security architectures and comprehensive technologies for providing network security infrastructure. This chapter discusses technologies that focus on particular applications, or components of the network. In some cases the solutions are complete (in that they provide both application and security services), in others they provide a component that can be added to an application. Specifically, this chapter discusses PEM, PGP, S/MIME, SSL, SSH, IPSEC and CDSA.

Comparison of the Security Solutions

This chapter attempts to compare the security solutions that have been reviewed in the previous chapters. Comparison of security solutions can be difficult because the designers had different motives, and aimed at solving particular requirements. The solutions are therefore compared in a number of different ways [8]: 1. Categorizing the type of solution; 2. Positioning in the networking model; 3. Security services provided; 4. Cryptographic primitives used; 5. Applications and availability; 6. Standardization.