PART 5: NETWORK AND INTERNET SECURITY
CHAPTER
TRANSPORT-LEVEL SECURITY
Web Security Considerations
Web Security Threats
Web Traffic Security Approaches
Secure Socket Layer and Transport Layer Security
SSL Architecture
SSL Record Protocol
Change Cipher Spec Protocol
Alert Protocol
Handshake Protocol
Cryptographic Computations
Transport Layer Security
Version Number
Message Authentication Code
Pseudorandom Function
Alert Codes
Cipher Suites
Client Certificate Types
Certificate_Verify and Finished Messages
Cryptographic Computations
Padding
HTTPS
Connection Initiation
Connection Closure
Secure Shell (SSH)
Transport Layer Protocol
User Authentication Protocol
Connection Protocol
Recommended Reading and Web Sites
Key Terms, Review Questions, and Problems
485
,486 CHAPTER 16 / TRANSPORT-LEVEL SECURITY
Use your mentality
Wake up to reality
—From the song, “I’ve Got You Under My Skin” by Cole Porter
KEY POINTS
◆ Secure Socket Layer (SSL) provides security services between TCP and
applications that use TCP. The Internet standard version is called Transport
Layer Service (TLS).
◆ SSL/TLS provides confidentiality using symmetric encryption and message
integrity using a message authentication code.
◆ SSL/TLS includes protocol mechanisms to enable two TCP users to deter-
mine the security mechanisms and services they will use.
◆ HTTPS (HTTP over SSL) refers to the combination of HTTP and SSL to
implement secure communication between a Web browser and a Web server.
◆ Secure Shell (SSH) provides secure remote logon and other secure
client/server facilities.
Virtually all businesses, most government agencies, and many individuals now have
Web sites. The number of individuals and companies with Internet access is expanding
rapidly and all of these have graphical Web browsers. As a result, businesses are enthu-
siastic about setting up facilities on the Web for electronic commerce. But the reality is
that the Internet and the Web are extremely vulnerable to compromises of various
sorts. As businesses wake up to this reality, the demand for secure Web services grows.
The topic of Web security is a broad one and can easily fill a book. In this
chapter, we begin with a discussion of the general requirements for Web security
and then focus on three standardized schemes that are becoming increasingly
important as part of Web commerce and that focus on security at the transport
layer: SSL/TLS, HTTPS, and SSH.
16.1 WEB SECURITY CONSIDERATIONS
The World Wide Web is fundamentally a client/server application running over the
Internet and TCP/IP intranets. As such, the security tools and approaches discussed
so far in this book are relevant to the issue of Web security. But, as pointed out in
[GARF02], the Web presents new challenges not generally appreciated in the con-
text of computer and network security.
• The Internet is two-way. Unlike traditional publishing environments—even
electronic publishing systems involving teletext, voice response, or fax-back—
the Web is vulnerable to attacks on the Web servers over the Internet.
, 16.1 / WEB SECURITY CONSIDERATIONS 487
• The Web is increasingly serving as a highly visible outlet for corporate and
product information and as the platform for business transactions. Reputations
can be damaged and money can be lost if the Web servers are subverted.
• Although Web browsers are very easy to use, Web servers are relatively easy
to configure and manage, and Web content is increasingly easy to develop, the
underlying software is extraordinarily complex. This complex software may
hide many potential security flaws. The short history of the Web is filled with
examples of new and upgraded systems, properly installed, that are vulnerable
to a variety of security attacks.
• A Web server can be exploited as a launching pad into the corporation’s or
agency’s entire computer complex. Once the Web server is subverted, an
attacker may be able to gain access to data and systems not part of the Web
itself but connected to the server at the local site.
• Casual and untrained (in security matters) users are common clients for
Web-based services. Such users are not necessarily aware of the security
risks that exist and do not have the tools or knowledge to take effective
countermeasures.
Web Security Threats
Table 16.1 provides a summary of the types of security threats faced when using the
Web. One way to group these threats is in terms of passive and active attacks.
Passive attacks include eavesdropping on network traffic between browser and
server and gaining access to information on a Web site that is supposed to be
restricted. Active attacks include impersonating another user, altering messages in
transit between client and server, and altering information on a Web site.
Another way to classify Web security threats is in terms of the location of the
threat: Web server, Web browser, and network traffic between browser and server.
Issues of server and browser security fall into the category of computer system secu-
rity; Part Four of this book addresses the issue of system security in general but is
also applicable to Web system security. Issues of traffic security fall into the category
of network security and are addressed in this chapter.
Web Traffic Security Approaches
A number of approaches to providing Web security are possible. The various
approaches that have been considered are similar in the services they provide and,
to some extent, in the mechanisms that they use, but they differ with respect to their
scope of applicability and their relative location within the TCP/IP protocol stack.
Figure 16.1 illustrates this difference. One way to provide Web security is to
use IP security (IPsec) (Figure 16.1a). The advantage of using IPsec is that it is trans-
parent to end users and applications and provides a general-purpose solution.
Furthermore, IPsec includes a filtering capability so that only selected traffic need
incur the overhead of IPsec processing.
Another relatively general-purpose solution is to implement security just
above TCP (Figure 16.1b). The foremost example of this approach is the Secure
, 488 CHAPTER 16 / TRANSPORT-LEVEL SECURITY
Table 16.1 A Comparison of Threats on the Web
Threats Consequences Countermeasures
Integrity • Modification of user data • Loss of information Cryptographic
checksums
• Trojan horse browser • Compromise of machine
• Modification of memory • Vulnerabilty to all other
• Modification of message threats
traffic in transit
Confidentiality • Eavesdropping on the net • Loss of information Encryption, Web
proxies
• Theft of info from server • Loss of privacy
• Theft of data from client
• Info about network
configuration
• Info about which client
talks to server
Denial of • Killing of user threads • Disruptive Difficult to prevent
Service
• Flooding machine with • Annoying
bogus requests • Prevent user from getting
• Filling up disk or memory work done
• Isolating machine by DNS
attacks
Authentication • Impersonation of legitimate • Misrepresentation of user Cryptographic
users techniques
• Belief that false information
• Data forgery is valid
Sockets Layer (SSL) and the follow-on Internet standard known as Transport Layer
Security (TLS). At this level, there are two implementation choices. For full general-
ity, SSL (or TLS) could be provided as part of the underlying protocol suite and
therefore be transparent to applications. Alternatively, SSL can be embedded in
specific packages. For example, Netscape and Microsoft Explorer browsers come
equipped with SSL, and most Web servers have implemented the protocol.
Application-specific security services are embedded within the particular appli-
cation. Figure 16.1c shows examples of this architecture. The advantage of this
approach is that the service can be tailored to the specific needs of a given application.
HTTP FTP SMTP S/MIME
HTTP FTP SMTP SSL or TLS Kerberos SMTP HTTP
TCP TCP UDP TCP
IP/IPSec IP IP
(a) Network level (b) Transport level (c) Application level
Figure 16.1 Relative Location of Security Facilities in the TCP/IP Protocol Stack
CHAPTER
TRANSPORT-LEVEL SECURITY
Web Security Considerations
Web Security Threats
Web Traffic Security Approaches
Secure Socket Layer and Transport Layer Security
SSL Architecture
SSL Record Protocol
Change Cipher Spec Protocol
Alert Protocol
Handshake Protocol
Cryptographic Computations
Transport Layer Security
Version Number
Message Authentication Code
Pseudorandom Function
Alert Codes
Cipher Suites
Client Certificate Types
Certificate_Verify and Finished Messages
Cryptographic Computations
Padding
HTTPS
Connection Initiation
Connection Closure
Secure Shell (SSH)
Transport Layer Protocol
User Authentication Protocol
Connection Protocol
Recommended Reading and Web Sites
Key Terms, Review Questions, and Problems
485
,486 CHAPTER 16 / TRANSPORT-LEVEL SECURITY
Use your mentality
Wake up to reality
—From the song, “I’ve Got You Under My Skin” by Cole Porter
KEY POINTS
◆ Secure Socket Layer (SSL) provides security services between TCP and
applications that use TCP. The Internet standard version is called Transport
Layer Service (TLS).
◆ SSL/TLS provides confidentiality using symmetric encryption and message
integrity using a message authentication code.
◆ SSL/TLS includes protocol mechanisms to enable two TCP users to deter-
mine the security mechanisms and services they will use.
◆ HTTPS (HTTP over SSL) refers to the combination of HTTP and SSL to
implement secure communication between a Web browser and a Web server.
◆ Secure Shell (SSH) provides secure remote logon and other secure
client/server facilities.
Virtually all businesses, most government agencies, and many individuals now have
Web sites. The number of individuals and companies with Internet access is expanding
rapidly and all of these have graphical Web browsers. As a result, businesses are enthu-
siastic about setting up facilities on the Web for electronic commerce. But the reality is
that the Internet and the Web are extremely vulnerable to compromises of various
sorts. As businesses wake up to this reality, the demand for secure Web services grows.
The topic of Web security is a broad one and can easily fill a book. In this
chapter, we begin with a discussion of the general requirements for Web security
and then focus on three standardized schemes that are becoming increasingly
important as part of Web commerce and that focus on security at the transport
layer: SSL/TLS, HTTPS, and SSH.
16.1 WEB SECURITY CONSIDERATIONS
The World Wide Web is fundamentally a client/server application running over the
Internet and TCP/IP intranets. As such, the security tools and approaches discussed
so far in this book are relevant to the issue of Web security. But, as pointed out in
[GARF02], the Web presents new challenges not generally appreciated in the con-
text of computer and network security.
• The Internet is two-way. Unlike traditional publishing environments—even
electronic publishing systems involving teletext, voice response, or fax-back—
the Web is vulnerable to attacks on the Web servers over the Internet.
, 16.1 / WEB SECURITY CONSIDERATIONS 487
• The Web is increasingly serving as a highly visible outlet for corporate and
product information and as the platform for business transactions. Reputations
can be damaged and money can be lost if the Web servers are subverted.
• Although Web browsers are very easy to use, Web servers are relatively easy
to configure and manage, and Web content is increasingly easy to develop, the
underlying software is extraordinarily complex. This complex software may
hide many potential security flaws. The short history of the Web is filled with
examples of new and upgraded systems, properly installed, that are vulnerable
to a variety of security attacks.
• A Web server can be exploited as a launching pad into the corporation’s or
agency’s entire computer complex. Once the Web server is subverted, an
attacker may be able to gain access to data and systems not part of the Web
itself but connected to the server at the local site.
• Casual and untrained (in security matters) users are common clients for
Web-based services. Such users are not necessarily aware of the security
risks that exist and do not have the tools or knowledge to take effective
countermeasures.
Web Security Threats
Table 16.1 provides a summary of the types of security threats faced when using the
Web. One way to group these threats is in terms of passive and active attacks.
Passive attacks include eavesdropping on network traffic between browser and
server and gaining access to information on a Web site that is supposed to be
restricted. Active attacks include impersonating another user, altering messages in
transit between client and server, and altering information on a Web site.
Another way to classify Web security threats is in terms of the location of the
threat: Web server, Web browser, and network traffic between browser and server.
Issues of server and browser security fall into the category of computer system secu-
rity; Part Four of this book addresses the issue of system security in general but is
also applicable to Web system security. Issues of traffic security fall into the category
of network security and are addressed in this chapter.
Web Traffic Security Approaches
A number of approaches to providing Web security are possible. The various
approaches that have been considered are similar in the services they provide and,
to some extent, in the mechanisms that they use, but they differ with respect to their
scope of applicability and their relative location within the TCP/IP protocol stack.
Figure 16.1 illustrates this difference. One way to provide Web security is to
use IP security (IPsec) (Figure 16.1a). The advantage of using IPsec is that it is trans-
parent to end users and applications and provides a general-purpose solution.
Furthermore, IPsec includes a filtering capability so that only selected traffic need
incur the overhead of IPsec processing.
Another relatively general-purpose solution is to implement security just
above TCP (Figure 16.1b). The foremost example of this approach is the Secure
, 488 CHAPTER 16 / TRANSPORT-LEVEL SECURITY
Table 16.1 A Comparison of Threats on the Web
Threats Consequences Countermeasures
Integrity • Modification of user data • Loss of information Cryptographic
checksums
• Trojan horse browser • Compromise of machine
• Modification of memory • Vulnerabilty to all other
• Modification of message threats
traffic in transit
Confidentiality • Eavesdropping on the net • Loss of information Encryption, Web
proxies
• Theft of info from server • Loss of privacy
• Theft of data from client
• Info about network
configuration
• Info about which client
talks to server
Denial of • Killing of user threads • Disruptive Difficult to prevent
Service
• Flooding machine with • Annoying
bogus requests • Prevent user from getting
• Filling up disk or memory work done
• Isolating machine by DNS
attacks
Authentication • Impersonation of legitimate • Misrepresentation of user Cryptographic
users techniques
• Belief that false information
• Data forgery is valid
Sockets Layer (SSL) and the follow-on Internet standard known as Transport Layer
Security (TLS). At this level, there are two implementation choices. For full general-
ity, SSL (or TLS) could be provided as part of the underlying protocol suite and
therefore be transparent to applications. Alternatively, SSL can be embedded in
specific packages. For example, Netscape and Microsoft Explorer browsers come
equipped with SSL, and most Web servers have implemented the protocol.
Application-specific security services are embedded within the particular appli-
cation. Figure 16.1c shows examples of this architecture. The advantage of this
approach is that the service can be tailored to the specific needs of a given application.
HTTP FTP SMTP S/MIME
HTTP FTP SMTP SSL or TLS Kerberos SMTP HTTP
TCP TCP UDP TCP
IP/IPSec IP IP
(a) Network level (b) Transport level (c) Application level
Figure 16.1 Relative Location of Security Facilities in the TCP/IP Protocol Stack
