Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Security for the global Internet

In this article Enrico moves away from COM security to provide an overview about that vast subject generally referred as "Internet security". As you will see, providing an effective and scalable security infrastructure in the Internet is a very challenging goal. No panic anyway, since sites like Amazon.com are up and running (hem .. well most times) a solution has been found. The hope is that, after you read this article, you'll be among the 1% of the Internet users that know what solution has actually been found.


advertisement


Introduction



In this article I'll move away from COM security to provide an overview about that vast subject generally referred as "Internet security". As you will see, providing an effective and scalable security infrastructure in the Internet is a very challenging goal. No panic anyway, since sites like Amazon.com are up and running (hem .. well most times) a solution has been found. My hope is that, after you read this article, you'll be among the 1% of the Internet users that know what solution has actually been found.

Security in the LAN Environment

There is nothing such as a perfect security solution that can fit into any kind of environment. 
Each solution is based on some assumptions regarding the environment where it has to be deployed. If such assumptions do not hold, the solution will likely fail miserably. 
The approach used to provide authentication and data security on a "controlled" LAN environment basically lies on these basic facts:

* Spoofing is not possible (no man in the middle scenarios).
* Authentication is delegated to an authentication authority.

Under such assumptions the security mechanism used by NTLM or Kerberos work effectively.

Security on the WEB

Authentication in a LAN environment is focused on authenticating clients; authenticating servers is not an issue cause the LAN network is considered "secure" regarding spoofing; on the contrary, on the Web the focus is reversed; providing a way to protect clients from spoofed servers is of higher concern.

You still need some form of client authentication in some cases, but, as long as e-Commerce sites are concerned, the client Credit Card number vs. it's billing address is enough: the problem is delegated to the credit card authority.
You could then think, well NTLM is all about authenticating clients, but Kerberos can provide server authentication, so where's the problem?

The problem is that authentication authorities can be spoofed as well. If you try to deploy the security schema used in LAN environments into the Internet, an authentication authority should provide a mean to authenticate itself to everyone that's asking for authentication services. 
This means that the authentication authority must meet everyone to share a secret: a different secret to everyone subscribed for authentication services. This is clearly not feasible, and even if it was, client and servers cannot delegate authentication to "authentication authorities" simply since it wouldn't scale. 

In his article "Web Security" [1] Keith Brown goes deeper into showing how there is no way to modify in some way a security framework based on "sharing secrets" to have it working in a feasible and scalable way on the global Internet, since you always end up with the need of meet for lunch to whisper secrets.

Public Key Cryptography

Internet security problems find an acceptable solution using a new security approach called "Public Key Cryptography". 
Public Key Cryptography was invented in the mid-1970s by Whitfield Diffie. The idea is basically this: Instead of having a single secret key that's used for authentication and encryption/decryption, you've a Public key that you share to everyone that wants to communicate in a secure way with you. You then have a corresponding Private key that you never share with anyone. 

If you encrypt some text with Key A, you can only decrypt the resulting encrypted text with Key B. Because two different keys must be used public key algorithms are also known as asymmetric algorithms. With public key you can achieve both authentication and data protection.

  • Authentication: Bob encrypt a message with his private key and send it. Anyone that has Bob's public key can successfully decrypt the message. The receiver knows that If the message didn't come from Bob the encrypted text would decrypt to complete gibberish.
  • Secure data transmission: Bob encrypt a message with Alice's public key and send it to her. Only Alice can successfully decrypt the message. 




Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date