Tecnologia dei Servizi Grid e cloud computing - Lezione 005a 0 Lezione 5a - 17 Novembre 2009 Il...

Tecnologia dei Servizi “Grid e cloud computing” - Lezione 005a 1

Lezione 5a - 17 Novembre 2009

Il materiale didattico usato in questo corso è stato mutuato da quello utilizzato da Paolo Veronesi per il corso di Griglie Computazionali per la Laurea Specialistica in Informatica tenuto nell’anno accademico 2008/09 presso l’Università degli Studi di Ferrara.

Paolo [email protected], [email protected]://www.cnaf.infn.it/~pveronesi/unife/

Università degli Studi di Bari – Corso di Laurea Specialistica in Informatica

“Tecnologia dei Servizi “Grid e cloud computing” A.A. 2009/2010

Giorgio Pietro Maggi [email protected], http://www.ba.infn.it/~maggi


Overview

Globus Toolkit V4.0 Introduction to Security

Fundamental Concepts

Authentication Basic Cryptography Digital Signature Public Key Infrastructures (PKIs) Proxies and Temporary Credentials


Security• Cross-organizational users• Trust nobody• Authorized access only

Security• Cross-organizational users• Trust nobody• Authorized access only

Information Services• Registry• Notification• Logging/auditing

Information Services• Registry• Notification• Logging/auditing

Execution Management• Job description & submission• Scheduling• Resource provisioning

Execution Management• Job description & submission• Scheduling• Resource provisioning

Data Services• Common access facilities• Efficient & reliable transport• Replication services

Data Services• Common access facilities• Efficient & reliable transport• Replication services

Self-Management• Self-configuration• Self-optimization• Self-healing

Self-Management• Self-configuration• Self-optimization• Self-healing

Resource Management• Discovery• Monitoring• Control

Resource Management• Discovery• Monitoring• Control

OGSAOGSA

OGSA “profiles”OGSA “profiles”

Web services foundation Web services foundation


SOA Reference Model

WSA

GLOBUS Arch

OASIS SOA RM

GLOBUS

gLite Arch

extensions

gLite

From SOA to Grid middleware

OGSA

…

…


Globus is Service-Oriented Infrastructure Technology

Software for service-oriented infrastructure Service enable new & existing resources E.g., GRAM on computer, GridFTP on storage system, custom

application service Uniform abstractions & mechanisms

Tools to build applications that exploit service-oriented infrastructure Registries, security, data management, …

Open source & open standards Each empowers the other eg – monitoring across different protocols is hard

Enabler of a rich tool & service ecosystem


Globus Toolkit V4.0

Major release on April 29th 2005 Precious fifteen months spent on design, development,

and testing 1.8M lines of code Major contributions from five institutions Hundreds of millions of service calls executed over weeks of

continuous operation

Significant improvements over GT3 code base in all dimensions


Goals for GT4

Usability, reliability, scalability, … Web service components have quality equal or

superior to pre-WS components Documentation at acceptable quality level

Consistency with latest standards (WS-*, WSRF, WS-N, etc.) and Apache platform WS-I Basic (Security) Profile compliant

New components, platforms, languages And links to larger Globus ecosystem


Griglie Computazionali - Lezione 005 8


Glossary Principal

An entity: a user, a program, or a machine Credentials

Some data providing a proof of identity Authentication

Verify the identity of the principal Authorization

Map an entity to some set of privileges Confidentiality

Encrypt the message so that only the recipient can understand it Integrity

Ensure that the message has not been altered in the transmission Non-repudiation

Impossibility of denying the authenticity of a digital signature


Introduction to Security


Security is a process

A risk is a vulnerability and a threat

Organizations implement controls over their activities to obtain acceptable residual risk


Risk-based view of the world

Organizations: Sites, VOs and Grids Each has a security process lifecycle Satisfaction jointly and severally

Each organization is captain of its own ship However, constrained to interoperate

Standards aid interoperation


Secure from Whom and Against What

Secure from whom? From systems administrator? From rogue employee? Mr. H. Acker…?

Secure against what? Denial of Service? Identity theft? Legally sensitive data acquisition? Or even MPs leaving laptops on the Tube…


Secure for how long? “I recommend overwriting a deleted file seven times:

the first time with all ones, the second time with all zeros, and five times with a cryptographically secure pseudo-random

sequence.

Recent developments at the National Institute of Standards and Technology with electron-tunnelling microscopes suggest even that might not be enough.

Honestly, if your data is sufficiently valuable, assume that it is impossible to erase data completely off magnetic media. Burn or shared media; it's cheaper to buy media new than to lose your secrets…."

-Applied Cryptography 1996, page 229


Secure Technology vs. Secure System

Secure technology ≠ secure system System using 2048+ bit encryption technology, packet

filtering firewalls, PMIs, PKIs… …. on running laptop in unlocked room … on PC with password on “post-it” on screen/desk We have heard worse than this, naming no names!


A Quote

“…if you think that technology can solve your security problems then you don’t know enough about the technology, and worse you don’t know what your problems are…”

Bruce Schneier, Secrets and Lies in a Digital Networked World


Definition: Computer Security

“The protection afforded to an automated information system in order to attain the applicable objectives of preserving

the integrity, availability and confidentiality

of information system resources (includes hardware, software, firmware, information/data, and telecommunications)”

An Introduction to Computer Security The NIST Handbook


Fundamentals Key terms that are typically associated with security

Authentication Authorisation Audit/accounting Integrity Fabric Management Confidentiality Privacy Trust

All are important for Grids but some applications may have more emphasis on certain concepts than others


Fundamentals - Authentication the establishment and safe propagation of a user’s identity in

the system e.g. site X can check that user Y is attempting to gain access to

resources does not check what user is allowed to do, only that we know (and can

check!) who they are Masquerading always a danger (and realistic possibility) Need for user guidance on security

Password selection Treatment of certificates Hardware tokens …

Is anonymity required?

Authentication on the Grid is achieved with Public Key Infrastructures (PKIs)


Fundamentals - Authorisation concerned with controlling access to services based on policy

Can this user invoke this service making use of this data? Complementary to authentication

Know it is this user, now can we restrict/enforce what they can/cannot do

Many different contenders for authorisation infrastructures e.g: some software components related to authorization aspects

developed as open source projects: PERMIS VOMS CAS AKENTI

Authorisation on the Grid must be scalable


Fundamentals - Auditing Auditing/Accounting

the analysis of records of account (e.g. security event logs) to investigate security events, procedures or the records themselves

Includes logging, intrusion detection and auditing of security in managed computer facilities

well established in theory and practice Grid computing adds the complication that some of the information

required by a local audit system may be distributed elsewhere, or may be obscured by layers of indirection

e.g. Grid service making use of federated data resource where data kept and managed remotely

Need tools to support diagnostics Do we need to log all information? (Can We? More pertinent probably) How long do we keep it for? …

Auditing tools are in development for some authorisation infrastructures


Fundamentals - Integrity Integrity

Ensuring that data is not modified since it was created, typically of relevance when data is sent over public network

Technical solutions exist to maintain the integrity of data in transit

checksums, PKI support, … Grid also raises more general questions

e.g. provenance maintaining the integrity of chains or groups of related data

Integrity can be checked through the use of digital signatures


Fundamentals - Fabric Management

Fabric Management consists of the distributed computing, network

resources and associated connections that support Grid applications

impacts Grid security in these ways: an insecure fabric may undermine the security of the Grid

Are all sites fully patched (middleware/OS)? Can we limit damage of virus infected machine across Grid?

Identify it, quarantine it, anti-virus update/patch, re-instate into VO, …

fabric security measures may impede grid operations e.g. firewalls may be configured to block essential Grid

traffic


Fundamentals - Confidentiality is concerned with ensuring that information is not

made available to unauthorised individuals, services or processes It is usually supported by access control within systems,

and encryption between systems Confidentiality is generally well understood, but the Grid

introduces the new problem of transferring or signalling the intended protection policy when data staged between systems

Authentication and Authorisation infrastructures usually implement confidentiality, so we are already there!


Fundamentals - Privacy particularly significant for projects processing personal

information, or subject to ethical restrictions e.g. projects dealing with medical, health data

Privacy requirements relate to the use of data, in the context of consent established by the data owner Privacy is therefore distinct from confidentiality, although it may be

supported by confidentiality mechanisms. Grid technology needs a transferable understanding of suitable

policies addressing privacy requirements/constraints Should allow to express how such policies can be

defined, applied, implemented, enforced, …


Trust characteristic allowing one entity to assume that a second

entity will behave exactly as the first entity expects

Important distinction between ‘trust management’ systems which implement authorisation, and the wider requirements of trust e.g. health applications require the agreement between users and

resources providers of restrictions that cannot be implemented by access control

e.g. restrictions on the export of software, or a guarantee that personal data is deleted after use

therefore a need to understand and represent policy agreements between groups of users and resource providers

such policies may exist inside or outside the system, and are typically not supported by technical mechanisms


Authentication

Intro Basic Cryptography Digital Signature PKI Proxy


Who Am I??

I am The President of the United States The Secretary General of the United Nations David Beckham Keith Richards The girl who served your cup of coffee this morning..

All of these people may need to use a computer How can we confirm their identities?


Who am I??

I am John Watt (allegedly) To prove it I have

A Driving Licence I got by passing my test and producing my passport

A Passport I went to the passport office with my Birth certificate

A Birth Certificate I can’t remember getting this!


Who am I??

Is there a logical chain working here? Note that, generally, the credentials given on the

previous page tend to depend on the one below it. But the DVLA (UK Driving Licence Authority) state on their

website: “Note - Birth certificates are not absolute proof of identity and so

we may ask you to provide other evidence to allow us to check your identity.”

What other evidence? A passport? But that depends on you producing a birth certificate!

A bank account? You need a passport for that!

NO!


Who am I?? But they do have one thing in common

They are non-local credentials They attempt to define a unique (nationally at least) reference

that will establish your identity

Do we need something similar for the Grid?? First of all, we need to establish how identity can be

proved and securely moved around a network. The Grid community are (in principle) in agreement

about how this should be done But first we need to look at the basics of this system, and it has

to do with an age old problem…


Cryptography

Mathematical algorithm that provides important building blocks for the implementation of a security infrastructure

Symbology Plaintext: M Cyphertext: C Encryption with key K1 : E K1(M) = C Decryption with key K2 : D K2(C) = M

Algorithms Symmetric: K1 = K2 Asymmetric: K1 ≠ K2

K2K1

EncryptionEncryption DecryptionDecryptionM C M


Basic Cryptography When I were a lad…

My friend would post an important message through my letterbox…

But we had ‘code wheels’ Rotate the inner wheel by the number of jumps indicated at

the beginning of the message And translate…

3 Y O U S M E L L

3 V L R P J B I I


Basic Cryptography

What if someone else got hold of the wheel? Our plans for world domination are in ruins Because what makes the wheel work is the extra

information included with the original encrypted message:

Without this number the message will stay encrypted This number is the encryption ‘key’

And is transmitted UNENCRYPTED We could agree this face-to-face, but why not just give the message

then?? What if I was grounded? (happened a lot) Lets look at this at a slightly more mature level…

3 V L R P J B I I


Symmetric Algoritms The same key is used for encryption and decryption Advantages:

Fast

Disadvantages: how to distribute the keys? the number of keys is O(n2)

Examples: DES 3DES Rijndael (AES) Blowfish Kerberos

Paul John

ciao

3$r ciao

Paul John

ciao

3$r ciao

3$r

3$r


Basic Cryptography We need some way of transmitting the key so it can’t

be stolen. Can we encrypt the key? No, but we can do something

analogous…

1) Split the key into two parts, one for encryption and one for decryption

2) Make the encryption key PUBLIC for anyone to use, but keep your decryption key PRIVATE

Note that in some implementations the private key may also be used to encrypt and the public key to decrypt (see Digital Signatures)


Public Key Algorithms Every user has two keys: one private

and one public: it is impossible to derive the private

key from the public one; a message encrypted by one key can

be decrypted only by the other one. No exchange of secrets is necessary

the sender cyphers using the public key of the receiver;

the receiver decripts using his private key;

the number of keys is O(n). Examples:

Diffie-Helmann (1977) RSA (1978)

John keys

public

Paul keys

Paul John

ciao

3$r ciao

Paul John

ciao

cy7 ciao

3$r

cy7

public


Solved the key transmission problem

We have solved the key transmission problem by only transmitting an encryption key Now anyone who wishes to send you a message uses

your PUBLIC key to encrypt it, safe in the knowledge that the only person who can decrypt it is the holder of the PRIVATE key (i.e. you!)

The public and private keys are broken apart according to a complex mathematical formula that means it would take months/years to crack messages without the private key.

Tends to outlive credentials issued (e.g. credit cards)


Symmetric vs. Asymmetric Symmetric encryption only guarantees privacy

The message is still encrypted, but there is no evidence of who encrypted it, nor any guarantee the data has not been tampered with.

Asymmetric encryption can be used to authenticate By encrypting a message with someone’s public key, you

can be sure ONLY they will be able to read it.

And… Some level of integrity may be provided (digital

signatures)


Authentication



One-Way Hash Functions Functions (H) that given as input a variable-length message

(M) produce as output a string of fixed length (h) the length of h must be at least 256 bits given M, it must be easy to calculate H(M) = h given h, it must be difficult to calculate

M = H-1(h) given M, it must be difficult to find M’ such that H(M) = H(M’)

Examples: SNEFRU: hash of 128 or 256 bits; MD4/MD5: hash of 128 bits; now MD6! SHA (Standard FIPS): hash of 160 bits.


Ex

$cat prova1testo di prova

$ md5sum prova1909adc30dcc15239ac640b52d33a12b2 prova1

$ cat prova2testo di prove

$ md5sum prova2c89ee15b2f056edfbef2dcb62b2249aa prova2

$ ls -l /bin/ls-rwxr-xr-x 1 root root 67700 Dec 9 2005 /bin/ls

$ md5sum /bin/ls2636c546ce5ca69687f5dfc74cc3175e /bin/ls


Digital Signature Paul calculates the hash of the

message Paul encrypts the hash using his

private key: the encrypted hash is the digital signature.

Paul sends the signed message to John.

John calculates the hash of the message and verifies it with the one received by A and decyphered with A’s public key.

If hashes equal: message wasn’t modified; Paul cannot repudiate it.

John

This is some

message

Digital Signature

Paul

This is some

message

Digital Signature

This is some

message

Digital Signature

Hash(A)

Paul keys

public private

Hash(B)

Hash(A)

= ?


Digital Certificates Paul’s digital signature is safe if:

Paul’s private key is not compromised John knows Paul’s public key

How can John be sure that Paul’s public key is really Paul’s public key and not someone else’s? A third party guarantees the correspondence between

public key and owner’s identity. Both A and B must trust this third party

Two models: X.509: hierarchical organization; PGP: “web of trust”.


A

B

C

D

E

F

• F knows D and E, who knows A and C, who knows A and B.

• F is reasonably sure that the key from A is really from A.

PGP “web of trust”


Public Key Infrastructures (PKIs)

PKIs provide a mechanism for privacy, integrity and authentication using public keys Implemented with DIGITAL CERTIFICATES

Your UNIQUE virtualised identity

Issued by a CERTIFICATE AUTHORITY Entity which administers certificates and issues them correctly

X.509 (1988) is the standard for PKI certificates Binds a globally unique X500 distinguished name to a public key

In reality, CAs tend to choose any name they want Legal disclaimer, liability transfer. A mess, but not critical

Web browser compatible


• An X.509 Certificate contains:

– owner’s public key;

– identity of the owner;

– info on the CA;

– time of validity;

– Serial number; – digital signature of the CA

Public keyPublic key

Subject:C=CH, O=CERN, Subject:C=CH, O=CERN, OU=GRID, CN=Andrea Sciaba 8968OU=GRID, CN=Andrea Sciaba 8968

Issuer: C=CH, O=CERN, OU=GRID, Issuer: C=CH, O=CERN, OU=GRID, CN=CERN CACN=CERN CA

Expiration date: Aug 26 08:08:14 Expiration date: Aug 26 08:08:14 2005 GMT2005 GMT

Serial number: 625 (0x271)Serial number: 625 (0x271)

CA Digital signatureCA Digital signature

Structure of a X.509 certificate

X.509 Certificates


Certificate Authorities A Certificate Authority (CA) is a third party that

signs certificates and ensures that the subject name and public key actually belong to that person How?

The old fashioned way… Example… The INFN Certificate Authority

Initial contact – application (online) Credential verification (IN PERSON)

Go to CA or Regional Authority (RA) Issue – download (online)

INFN CA requires the application and issuing terminals to be the same ( this is where the PRIVATE key of your certificate is)


Certificate Authorities

A CA may delegate Regional Operators to confirm people’s identities Saves me having to travel from Bologna to Firenze if I

want a certificate

CA records a piece of personal identification for their records Passport, Driving Licence, Staff/Student Matric Card

CA extends an existing ID infrastructure


Certificate Authorities

A CA also is in charge of revoking certificates CA publishes a Certificate Revocation List

Download to your browser Shows all invalid certificates in the organisation

A CA MUST be explicitly trusted by the system Trusted Root CAs list in Windows Certificate cannot be used until the CA’s root

certificate has been accepted as trusted Accepted very much like Software Licences i.e. nearly always!


Certificate Authenticity CAs confirm the certificate’s authenticity by

digitally signing it CA computes a hash of the certificate using an agreed

(non-secret) algorithm CA encrypts this hash with their private key and

appends to bottom of certificate Recipient computes their own hash of the info Recipient decrypts the hash the CA sent (with the CA’s

public key) and compares with their own Proves the CA signed the info and the info hasn’t been

tampered with Encryption of the info is optional (for privacy)


A problem

Are there any pitfalls to digital certificates? Can we alter their contents?

No, the CA signed the certificate thus ensuring its integrity

Can we spoof? You will need your own CA, and if the application doesn’t trust

it, your certificates won’t work. So no.

What can we do? STEAL IT!

Someone who holds your digital certificate (and private key) may safely assume your identity on the Grid

This problem isn’t going away. How can we deal with this?


Certificate Revocation Lists list of serial numbers of the certificates

which have been revoked are no longer valid and should not be relied upon by any system user

CRLs are usually signed by the issuing CA and therefore carry a digital signature

Type of revocations: Non reversible:a certificate is irreversibly revoked Reversible: the certificate is on hold;

this reversible status can be used to notice the temporary invalidity of the certificate, for instance when the user is not sure if the private key has been lost.


PKI basics

PKI provides, among other services, an authentication protocol relying on asymmetric encryption.

One of the keys is kept private, the other is made public. Public keys are distributed using certificates which are digitally signed by trusted authorities

““An intro to An intro to PKI and few PKI and few deploy hints”deploy hints”

““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDzjF@g5=&fDe^bDzjF@g5=&nmdFgegMs”nmdFgegMs”

““An intro to An intro to PKI and few PKI and few deploy hints”deploy hints”

Clear-text InputClear-text Input Clear-text OutputClear-text OutputCipher-textCipher-text

Different keysDifferent keys

EncryptionEncryption DecryptionDecryption


AliceAlice

pubpub

DSDS

CertCert

PKI: Obtaining a Certificate

PrivPriv pubpub

Certification Server

User generatesUser generatesa key paira key pair

Certificate is sent Certificate is sent to the userto the user

Public key is Public key is submitted to CA submitted to CA for certificationfor certification

AliceAlice

pubpub

DSDS

CertCert

User identity verified,User identity verified,Digital signature added,Digital signature added,Certificate producedCertificate produced


AliceAlice

pubpub

DSDS

CertCert

PKI: Authentication with Certificates

PrivPriv

Bob verifies the Bob verifies the digital signature digital signature on the certificateon the certificate

Certificate is sent Certificate is sent for authenticationfor authentication

He can trust that the public key really belongs to Alice, but is it Alice standing if front of him ?

AliceAlice

pubpub

DSDS

CertCert

AliceAlice BobBob

Bob challenges Alice to encrypt

for him a random phrase he generated

I Like FlowersI Like Flowers

&erD4%@fT%&erD4%@fT%

AliceAlice

pubpub

DSDS

CertCert

I Like FlowersI Like Flowers


?? I Like FlowersI Like Flowers


Encrypt using private keyEncrypt using private keyDecrypt using public key Decrypt using public key

in certificate and in certificate and comparecompare


Authentication



X.509 Proxy Certificate Extension to X.509 Identity Certificates

signed by the normal end entity cert (or by another proxy)

Enables single sign-on Support

Delegation Mutual authentication

Has a limited lifetime minimized risk of “compromised credentials”


Creating a proxy Command: grid-proxy-init

User enters pass phrase, which is used to decrypt private key Private key is used to sign a proxy certificate with its own, new

public/private key pair. User’s private key not exposed after proxy has been signed

User certificate file

Private Key(Encrypted)Pass

Phrase

User Proxycertificate file

Proxy placed in /tmp the private key of the Proxy is not encrypted: stored in local file: must be readable only by the owner; proxy lifetime is short (typically 12 h) to minimize security risks.

NOTE: No network traffic!


Delegation and limited proxy Proxy credential

the combination of a proxy certificate and its corresponding private key Delegation = remote creation of a (second level) proxy credential

New key pair generated remotely on server Client signs proxy cert and returns it

Allows remote process to authenticate on behalf of the user Remote process “impersonates” the user

The client can elect to delegate a “limited proxy” Each service decides whether it will allow authentication with a limited

proxy Job manager service requires a full proxy GridFTP server allows either full or limited proxy to be used


CONCLUSION

Security is a combination of technical implementation and sociological behaviour

There can be no overall security policy for the Grid – integrate existing site policies

The establishment of identity on the Grid (authentication) is achieved through the use of PKI Certificates and Proxies

Tecnologia dei Servizi Grid e cloud computing - Lezione 005a 0 Lezione 5a - 17 Novembre 2009 Il...

Documents

Transcript of Tecnologia dei Servizi Grid e cloud computing - Lezione 005a 0 Lezione 5a - 17 Novembre 2009 Il...