[ Pobierz całość w formacie PDF ]
.Security level 1 provides thelowest level of security, and level 4 provides the highest.Cryptographicmodules are rated using a series of tests called the derived test requirements(DTR) for FIPS PUB 140-2, which are published on the National Institute ofStandards and Technology (NIST) site together with a list of all validatedcryptographic modules [46].The possibility of carrying out business on the Internet, where the poten-tial number of clients is almost limitless, has led to new requirementsfor application scalability, and this has in turn led to new demands on thescalability of cryptographic solutions.Cryptographic accelerators are special-ized modules aimed at providing increased performance for cryptographicapplications.In reality, cryptographic accelerator functionality is often pro-vided as a specialized HSM, therefore combining secure key storage withhigh-performance cryptography.For this reason, specific cryptographicExternal reader with pin pad External reader without pin padPINApplication ApplicationSniffing toolsOS OSwork here(e.g., netbus)PKCS#11 PKCS#11PINSmart card Smart cardSmart card reader Smart card readerFigure 3.8 Using cryptocards with external card readers.TLFeBOOK3.5 Supporting infrastructure 79accelerators may offer the ability to run in FPS 140 compliant mode, wherethe former will be limited to FIPS-approved algorithms.3.5.3 Authentication devicesAuthentication devices are used to support authentication systems by pro-viding the user with some object that is required to successfully completethe authentication process.Currently, most authentication devices fall intoone of the following categories:×%Smart cards;×%Biometric devices;×%Tokens.Smart cards were discussed in the previous section.As the applicabilityof this discussion to authentication scenarios is obvious, we will not coverthese devices here.Biometric devices verify identity on the basis of one or more physicalattributes.Obviously, the attribute or combination of attributes selected asthe basis for identification must be unique to the individual.Current meth-ods use a variety of techniques, including fingerprint recognition, retinaland iris scanning, keystroke analysis (based on the fact that the way peopleuse the keyboard is highly specific to themselves), voice recognition, andfacial scanning.Although the idea of authenticating users based on physical attributes iscertainly appealing, there are a number of problems associated with the useof biometrics:×%It is very expensive, due to the requirement for specialized material.×%Psychological factors constitute an important barrier to the introduc-tion of certain techniques (such as retinal and iris scanning).×%Measuring physical characteristics is difficult and subject to errors.Thepercentage success rate may not be acceptable.×%Biometrics cannot be used to authenticate nonhuman entities, such asautomated processes.In addition to these issues, there are serious doubts as to the ability ofseveral of these systems to withstand a deliberate attack [47 49].Tokens fall into two categories: those that act as secure storage devicesfor cryptographic information and those that serve as handheld devices.Theformer can be considered an alternative to smart-card technology, and simi-lar considerations apply to these devices.Handheld devices are equipped with a small display and keyboard and donot in general need to be connected to the user s workstation.The device isconfigured with the authentication server before being issued to the user,which enables the server and token to share a secret as a basis forTLFeBOOK80 Technical toolsauthentication.In a typical logon scenario, the target system will interactwith the authentication server and present the user with a request toauthenticate himself or herself.The user accesses the handheld token byentering a password or PIN, and the token displays the authentication infor-mation required by the server.This information is entered at the workstationprompt, thereby enabling the user to complete the authentication process.Although the details of the authentication protocol itself vary fromdevice to device, a distinction can be made between time-synchronizedapproaches and approaches that do not rely on such methods.Time-synchronized authentication methods rely on the synchronization of theclock in the device with the clock on the authentication server.Most sys-tems can tolerate a certain clock drift and will correct this each time the usermakes use of the token.However, tokens that are not used for long periodscan result in desynchronization and necessitate special procedures to revali-date the user.Asynchronous devices usually use challenge-response protocols toauthenticate the user (see Section 3.4.1.1) and are therefore not sensitive toclock drift within the device.As for all challenge-response systems, thesecurity of the solution depends on the ability of the authentication serverto generate sufficiently random challenges.3.6 SummaryTechnical tools play an essential role in securing information in electronicform.These tools support the core processes by providing scalability andreducing complexity.However, tools alone do not achieve anything, andsuccessful approaches to securing information will ensure that proceduresand tools are viewed as two aspects of the same solution.A simple classification scheme for security tools has been presented.According to this scheme, a distinction is made between host-oriented andnetwork-oriented tools due to the different focus of these tools.Whereashost-oriented tools are geared towards securing layers of software,network-oriented tools either secure network data flows by working at theprotocol level or secure objects visible on the network.Despite this distinc-tion, both host-oriented and network-oriented tools can be further classifiedaccording to the type of security service they offer:×%Authentication and authorization;×%Integrity protection;×%Access control;×%Monitoring;×%Data protection services confidentiality, integrity, and non-repudiation.This area will be revisited in Chapter 8, which is concerned with buildingsecurity architectures.TLFeBOOK3 [ Pobierz caÅ‚ość w formacie PDF ]