8/12/2019 kuliah-04s

1/16

1

Pengamanan Akses

Sistem

8/12/2019 kuliah-04s

2/16

2

Learning Outcomes

Pada akhir pertemuan ini, diharapkan

mahasiswa akan mampu : Mahasiswa dapat menerapkan keamanan

akses sistem

8/12/2019 kuliah-04s

3/16

3

Outline Materi

Proteksi Password

Strategi Password

8/12/2019 kuliah-04s

4/16

4

Authentication

Verifying the identity of another entity

Two interesting cases (for this class):

Computer authenticating to another

computer Person authenticating to a computer

Two issues:

How authentication information isstored (at both ends)

Authentication protocol itself

8/12/2019 kuliah-04s

5/16

5

Password-based protocols

Any password-based protocol isvulnerable to an off-line dictionary attackif server is compromised

Goal: password-based protocol should besecure against off-line attacks whenserver is not compromised

Unfortunately, this has not been the

case in practice (e.g., telnet, cellphones, etc.)

8/12/2019 kuliah-04s

6/16

6

Password selection

User selection of passwords is typicallyvery weak

Lower entropy password makes

dictionary attacks easier

Typical passwords:

Derived from account names or

usernames

Dictionary words, reversed dictionarywords, or small modifications of

dictionary word

8/12/2019 kuliah-04s

7/16

7

Password Selection

Non-alphanumeric characters

Longer phrases

Can try to enforce good password selection

But these types of passwords are difficult for

people to memorize and type!

8/12/2019 kuliah-04s

8/16

8

Centralized Password Storage Authentication storage node

Central server stores password; serversrequest the password to authenticateuser

Auth. facilitator node

Central server stores password; serverssend information from user to be

authenticated by the central server Note that central server must be

authenticated!

8/12/2019 kuliah-04s

9/16

9

Authentication Protocols

Server stores H(pw); user sends pw

Secure against server compromise, butnot eavesdropping (or replay attacks)

Server stores pw, sends R; user sendsH(pw,R)

Secure against eavesdropping, but not

server compromise (or dictionary attack) Can we achieve security against both?

8/12/2019 kuliah-04s

10/16

10

Authentication of People

What you know (passwords)

What you have (keys)

What you are (biometric devices)

Where you are (physical)

8/12/2019 kuliah-04s

11/16

11

Access Control

State of a system Includes, e.g., current memory contents,

all secondary storage, contents of allregisters, etc.

Secure states States in which the system is allowed to

reside

Security policy defines the set of secure

states Security mechanism ensures that system

never leaves secure state

8/12/2019 kuliah-04s

12/16

12

Access Control List ACL)

Instead of storing central matrix, store each

column with the object it represents

Stored as pairs (s, r)

Subjects not in list have no rights

Can use wildcards to give default rights

8/12/2019 kuliah-04s

13/16

13

Potential problems

What if one process gives capabilities toanother? (Possibly indirectly)

Can lead to security violation

One solution: assign securityclassifications to capabilities

E.g., when capability created, itsclassification is the same as the

requesting process Capability contains rights depending on

the object to which it refers

8/12/2019 kuliah-04s

14/16

8/12/2019 kuliah-04s

15/16

15

Cryptographic secret sharing

(t, n)-threshold scheme to share a key

Using this to achieve (t, n)-threshold

encryption

Shamir secret sharing

8/12/2019 kuliah-04s

16/16

16

Another example

Type checking

Label memory locations as either data or

instructions Do not allow execution of type data

Can potentially be used to limit buffer

overflows