The rapid proliferation of websites by businesses, government agencies, and individuals has led to a significant increase in the use of graphical web browsers. Consequently, businesses are keen on establishing online facilities for electronic commerce. However, the reality is that the Internet and the web are susceptible to various security breaches. As businesses become more aware of these vulnerabilities, there is a growing demand for secure web services. Web security is an expansive topic, and in this chapter, we will explore general web security requirements and focus on three key standardized schemes essential for web commerce: SSL/TLS, HTTPS, and SSH.
**Web Security Considerations**
The World Wide Web operates as a client/server application over the Internet and TCP/IP intranets. While existing security tools and approaches are relevant, the web introduces unique challenges. Notably, the Internet's two-way nature makes web servers vulnerable to attacks. As a platform for corporate and product information, subversion of web servers can damage reputations and result in financial loss. Furthermore, while user-facing web software simplifies user interaction and content creation, its complexity may conceal security flaws. Web servers may also be exploited to infiltrate broader corporate networks. Additionally, the prevalence of users untrained in security compounds these risks, as they often lack awareness and the means to address security threats effectively.
**Web Security Threats**
Web security threats can be categorized into passive and active attacks. Passive attacks involve eavesdropping on network traffic or accessing restricted information on a website. Active attacks include impersonating users, altering messages between clients and servers, and modifying website content. These threats can further be classified by their location: web server, web browser, or network traffic. Server and browser security issues fall within computer system security, while network traffic security is addressed in this chapter.
**Web Traffic Security Approaches**
Various approaches to web security are available, differing in their scope and position within the TCP/IP protocol stack. One method is IP security (IPsec), which is transparent to users and applications, offering a general solution with selective traffic processing. Alternatively, security can be implemented above TCP, as seen with the Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS). At this level, security can either be part of the protocol suite or embedded within specific applications.
**Secure Socket Layer and Transport Layer Security**
Netscape developed SSL, and version 3 garnered industry feedback, leading to the Internet Draft and eventual standardization as TLS by the IETF. TLS, akin to SSLv3.1, ensures backward compatibility with SSLv3. SSL operates over TCP, providing a reliable end-to-end secure service through two protocol layers, including the SSL Record Protocol and higher-layer protocols: Handshake, Change Cipher Spec, and Alert Protocols.
**SSL Architecture**
SSL sessions and connections differ as follows: a connection is a temporary peer-to-peer transport service, while a session is an association between client and server involving shared cryptographic parameters. Sessions help avoid the costly negotiation of security parameters for each connection. Each session has parameters including session identifier, peer certificate, compression method, cipher specification, master secret, and a resumability flag.
**SSL Record Protocol**
The SSL Record Protocol ensures confidentiality and message integrity for SSL connections. Handshake Protocols establish shared secret keys for encryption and MAC calculations. The process involves fragmenting and optionally compressing data, computing a MAC, and encrypting the data before adding headers for TCP transmission. The data is decrypted, verified, decompressed, and reassembled upon receipt.
**Change Cipher Spec Protocol**
One of the SSL-specific protocols, the Change Cipher Spec Protocol, consists of a simple message prompting the pending state to update the cipher suite used on the connection.
**Alert Protocol**
The Alert Protocol communicates SSL-related alerts, which are compressed and encrypted as per the current state. Messages comprise a severity level (warning or fatal) and a specific alert code, with fatal alerts terminating the connection.
**Handshake Protocol**
The Handshake Protocol, fundamental to SSL, enables server and client authentication and sets encryption and MAC algorithms and cryptographic keys. The protocol encompasses four phases: establishing security capabilities, server authentication and key exchange, client authentication and key exchange, and the finalization of secure connections via the finished message. Each phase has specific message types with distinct parameters.
**Cryptographic Computations**
Key to SSL security are the creation of a shared master secret and the generation of cryptographic parameters from it. The master secret is derived from a pre_master_secret through secure exchange methods like RSA or Diffie-Hellman and used to generate cryptographic keys and parameters needed for secure communication.
0 Comments