Topic: digital signature
Topic: group names
Topic: communication protocols
Topic: discussion groups, mail conversations, and teleconferencing
Topic: distributed system security
Topic: encryption
Topic: entities
Topic: key distribution
Topic: naming authority
Topic: one-way hash function
Topic: operating system security
Topic: password protection
Topic: proper names
Topic: public key encryption
Topic: security by access rights
Topic: security by capabilities
| |
Subtopic: authentication
Quote: the gold standard for security consists of authenticating principals, authorizing access, and auditing the guard's decisions [»lampBW6_2004]
| Quote: system and theory of authentication based on 'principal' and 'speaks for'; principals as arguments, public keys, name lookup, groups, delegation, access control, revocation [»lampB11_1992]
| Quote: assurance and authenticated operation are important security goals; assurance is correct behavior despite attacks [»englP7_2003]
| Quote: in a distributed system can not separate authentication from authorization; huge sets of people and requests, often from strangers [»blazM_1999]
| Quote: separate authentication, authorization, and access control; authentication provides a set of authorizations for access control [»karpAH12_2003]
| Quote: gives theory of authentication in distributed systems; explains Kerberos protocol, hierarchical naming, secure boot; efficient communication of principle names [»lampB11_1992]
| Quote: authenticity concerns data sources and timeliness while secrecy concerns data destinations [»abadM9_1999]
| Quote: passwords should also provide mutual authentication, authenticated key exchange, and user identity protection [»haleS8_1999]
| Subtopic: authentication, integrity, accuracy
Quote: authentication, integrity, and accuracy differ; authentication concerns the origin of data (e.g., who signed) while integrity concerns the validity of data (e.g., was there tampering); accuracy concerns the correspondence between data and reality [»schnB_2000]
| Subtopic: credentials
Quote: authentication depends on something you know (password), something you are (biometrics), and/or something you have (access token) [»schnB_2000]
| Quote: SSL establishes a secure connection between a browser and an unknown SSL server; users ought to check the SSL certificate that identifies the server [»schnB_2000]
| Quote: need to cache authentication credentials; they are large enough to affect communications performance [»wobbE2_1994]
| Quote: a credential is evidence that one principal Q speaks for another principal P; M implies Q=>P [»wobbE2_1994]
| Subtopic: attestation
Quote: a secure OS needs a trusted path to trusted software that cannot be impersonated; is a login screen valid?
| Quote: attestation identifies a program on a trusted platform to other trusted platforms; digitally sign a message and the program ID [»englP7_2003]
| Subtopic: end-to-end authorization
Quote: end-to-end authorization across administrative, network, abstraction, and protocol boundaries; uses SPKI [»howeJ_2000]
| Quote: a security system must assume that the network is controlled by an adversary; a modified Kerberos can meet this goal [»bellSM10_1990]
| Subtopic: authentication server
Quote: Kerberos issues a ticket to log into a server and a session key; the server authenticates the ticket and an authenticator built from the session key and the requestor's long-term key [»schnB_2000]
| Quote: if Grapevine is the sole authenticator, users have the same name and password everywhere
| Quote: authentication server can prevent password guessing attack; allows memorizable password [»haleS8_1999]
| Quote: a public password is a written digest of the authentication server's public key; needed for password protocols [»haleS8_1999]
| Quote: an authentication server can act like a notary public; validation of public keys is a natural extension of its public key service [»bootKS11_1981]
| Quote: can allow for a compromised authentication server by getting multiple attestations for the sender's public key from the sender and independent arbiters [»bootKS11_1981]
| Quote: use encryption and an authentication server; each user has a secret, identifying key for the server [»needRM12_1979]
| Quote: authentication server replicated in every Andrew server; all but one are read-only; propagate changes over secure lines [»satyM8_1989]
| Subtopic: mapping names
Quote: a certification library maps from names to public keys, keys to principals, group members to group names, and image digests to role names [»wobbE2_1994]
| Subtopic: interactive dialog, challenge/response
Quote: challenge/response is more secure than time-based authentication; based on computing some function of a nonce [»bellSM10_1990]
| Quote: require an interactive dialog before unlocking personal accounts; protects against host-resident attacks [»coxR8_2002]
| Quote: cell phone for strong authentication of web users; users register a cell phone number for call-back authentication [»partPR6_2002]
| Subtopic: authentication domain
Quote: an Andrew cell is an autonomous system with its own security, file servers, and administration; user must be authenticated for each cell [»satyM8_1989]
| Quote: authentication and key distribution must be extensible to large internetworks of many domains [»jansP4_1997]
| Subtopic: authentication attacks
Quote: gained unauthorized access to 8 of 27 Web sites; extracted the secret key from one [»fuK8_2001]
| Quote: guarantee RSA primes are different by dividing n-bit random number space into 2^b sub-spaces; eliminates a class of signature authentication attacks [»peyrM3_2000]
| Quote: an interrogative adversary uses adaptive chosen message attacks; every user on the Web, powerful; e.g., attempted forgeries and creating new accounts [»fuK8_2001]
| Quote: existential and selective forgery of users; a total break recovers the secret key used to mint authenticators [»fuK8_2001]
| Quote: an eavesdropping adversary can see, but not modify, traffic between users and server; can replay authenticators and act as an interrogative adversary [»fuK8_2001]
| Quote: an active adversary can see and modify all communications traffic; e.g., a proxy service and man-in-the-middle attacks [»fuK8_2001]
| Subtopic: revocation
Quote: the guarantees of public key and broadcast encryption are only as good as the encompassing system's revocation mechanism
| Quote: revoke all authenticators by changing the server key; requires new logins and identifies unused accounts [»fuK8_2001]
| Subtopic: principal
Quote: a simple principal (for authentication) is a name or communication channel; use compound principals for roles and delegation [»lampB11_1992]
| Quote: reason about a principal's authority by deducing the other principals that it can speak for
| Quote: principals make statements (e.g., a request or assertion); e.g., "Who is trusted to access o?" [»lampB11_1992]
| Quote: a principal is an individual or group who is charged for system resources [»dennJB3_1966]
| Subtopic: identity
Quote: an identity-based cryptosystem uses a trusted key generation computer to generate a public key/private key pair; the public key is the user's network identity for encryption and digital signature [»shamA_1984]
| Subtopic: userID and groupID
Quote: develop finite state model of user ids; uncover pitfalls in setuid, define proper usage, and propose a high-level API
| Quote: model userids as a finite state automata; each process tracks its privilege level with a real, effective, and saved uid; transitions are system calls [»chenH8_2002]
| Quote: avoid using a single entry in a protection domain to stand for a group of users; limited accountability [»satyM8_1989]
| Quote: each OS6 user has a name, unique number, and index; user may 'log in'; includes maximum disk allocation [»stoyJE3_1972]
| Quote: setuid API for temporary and permanent privileges; works for OpenSSH; does not handle group privileges [»chenH8_2002]
| Subtopic: broadcast
Quote: broadcast encryption guarantees membership in a group; as good as authentication in many cases [»lotsJ8_2002]
| Subtopic: multi-key authentication
Quote: implement secrecy/authentication policies with key-or (one of several) and key-and (all keys) [»giffDK7_1985, OK]
| Subtopic: limited use authentication
Quote: guarantee unconditional security by restricting the lifetime of each key; simple algorithms for synchronous cards [»gilbH9_1998]
| Subtopic: authentication proof
Quote: a proof of authority consists of verifiable statements; logic of authentication; e.g., Bob speaks for Alice regarding the statements in set T [»howeJ_2000]
| Quote: an authentication Proof consists of statements in the authentication logic and basic facts (i.e., delegations by principles); methods implemented locally [»howeJ_2000]
| Quote: proof that document D is the object that client C associates with name N; by transitivity, signed certificates, and hashes [»howeJ_2000]
| Quote: iterative, proof-carrying authorization with goals, sessions, and modules; browser must prove a series of challenges by fetching proof components [»baueL8_2002]
| Quote: efficient, zero-knowledge identification and signatures; based on discrete logarithms modulo a number [»poupG5_1998]
| Subtopic: manual authentication
Quote: everyone can check a written signature; big advantage over digital signatures [»gelbB12_2000]
| Subtopic: password authentication
Quote: in Kerberos, all privileges depend ultimately on the user's typed password [»bellSM10_1990]
| Quote: user authentication by encrypting a random nonce and password; the host's key database must be secure [»snowCR5_1994]
| Subtopic: problems with password authentication
Quote: Unix password files do not authenticate the system to the user [»satyM8_1989]
| Quote: Unix password files assumes physically secure communication
| Quote: if a password system runs on a multi-user workstation, cached keys are accessible to attackers [»bellSM10_1990]
| Quote: an intruder can replace the login command and capture passwords; avoid by challenge-response or a handheld authenticator [»bellSM10_1990]
| Subtopic: authentication token
Quote: Andrew's authentication procedure depends on a shared, encrypted handshake key; randomized to prevent replay attacks [»satyM8_1989]
| Quote: Andrew uses authentication tokens to prove identity; like a capability; established by secret and clear tokens [»satyM8_1989]
| Quote: Andrew will adopt Kerberos' authentication procedure; for standardization
| Quote: authenticated operation requires program identity; e.g., restrict access to financial data via cryptographic hash of executable code [»englP7_2003]
| Subtopic: smart card
Quote: a smart card is secure within itself, while a magnetic strip card reveals its signing key to any reader [»schnB_2000]
| Subtopic: hash/digest authentication
Quote: MAC authentication cookies allow constant-time authentication without replicated state; only needs the server's private key [»fuK8_2001]
| Quote: use random keys and key rotation to counter brute force key attacks; suggested key size [»fuK8_2001]
| Quote: use keyed, non-malleable MACs such as HMAC-MD5 and HMAC-SHA1; valid plaintext/ciphertext pairs do not give away the secret key [»fuK8_2001]
| Quote: KryptoKnight is a family of light-weight, secure, two-way authentication and key distribution protocols based on one-way hashing [»birdR2_1995]
| Quote: KryptoKnight -- lightweight authentication and key distribution protocols based on pseudo-random one-way functions [»jansP4_1997]
| Subtopic: URL authentication
Quote: for authentication cookies, use expiration data, data, and message digest; use session ID for sensitive data; use SSL to counter eavesdroppers [»fuK8_2001]
| Quote: do not store authenticators in persistent cookies; leaked cookie files and public systems allow full access to the user account [»fuK8_2001]
| Quote: URLs can leak authenticators through the Referer header, allows cross-site scripting attacks without eavesdropping [»fuK8_2001]
| Quote: HMAC-SHA1 authenticators were nearly as fast as unauthenticated HTTP; SSL is 10x slower [»fuK8_2001]
| Subtopic: public key authentication
Quote: secure communication and authentication in Taos with certificates, credentials, shared keys, and public keys [»wobbE2_1994]
| Quote: a self-certified public key includes an encrypted certification; secret keys are unknown to the authority (unlike identity-based schemes) [»giraM4_1991]
| Quote: need a trusted public key directory, otherwise cannot trust a digital signature [»gelbB12_2000]
| Quote: never trust a public key that isn't signed by someone you trust, i.e., someone whose trusted public key is on your key ring [»zimmPR_1995]
| Quote: to sign a public key, you should require your own independent firsthand knowledge of who owns that key [»zimmPR_1995]
| Quote: physically secure your public key ring, otherwise you can not check a new signed public key certificate [»zimmPR_1995]
| Subtopic: time protocol
Quote: allow skewed clocks in the Kerberos Authentication System by acquiring time-service tickets at bootstrap [»daviD6_1995]
| Quote: synchronized clocks in Kerberos reject replay attacks without cost of challenge-response protocols; every connection has a new session-key; uses a replay cache [»daviD6_1995]
| Quote: globally synchronize clocks to 1/10'th second by exchanging messages with 3 other nodes every 4 minutes; for protocols, authentication, capabilities [»liskB9_1989]
| Quote: an authentication system should be independent of a time service; Kerberos assumes that clocks are roughly synchronized; an adversary could spoof an unauthenticated time service [»bellSM10_1990]
| Subtopic: timestamps
Quote: timestamps are an effective mechanism to authenticate photographs, videos, and audio recordings
| Quote: use timestamps for tamper-unpredictable documents, i.e., when the motivation to illegally modify a document occurs long after the document's creation [»harbS2_1991]
| Quote: timestamp documents with a one-way hash; either use a server which links a document to other documents, or use a random subset of clients [»harbS2_1991]
| Subtopic: biometric authentication
Quote: biometrics uses a digital file; no recourse if stolen; the same file for multiple applications [»schnB8_1999]
| Quote: use biometrics as a PIN or signature over secure connections; e.g., unlock a hard disk or PCMCIA card [»schnB8_1999]
|
Related Topics
Topic: digital signature (25 items)
Topic: group names (16 items)
Topic: communication protocols (62 items)
Topic: discussion groups, mail conversations, and teleconferencing (29 items)
Topic: distributed system security (17 items)
Topic: encryption (45 items)
Topic: entities (20 items)
Topic: key distribution (35 items)
Topic: naming authority (7 items)
Topic: one-way hash function (24 items)
Topic: operating system security (18 items)
Topic: password protection (44 items)
Topic: proper names (35 items)
Topic: public key encryption (30 items)
Topic: security by access rights (38 items)
Topic: security by capabilities (65 items)
|