ABSTRACT
Multi-tier web server systems are used in many important contexts and their security is a major cause of concern. Such systems can exploit strategies like least privilege to make lower tiers more secure in the presence of compromised higher tiers. In this paper, we investigate an extension of this technique in which higher tiers are required to provide evidence of the authentication of principals when they make requests of lower tiers. This concept, which we call redundant authentication, enables lower tiers to provide security guarantees that improve significantly over current least privilege strategies. We validate this technique by applying it to a practical Building Automation System (BAS) application, where we explore the use of redundant authentication in conjunction with an authentication proxy to enable interoperation with existing enterprise authentication services.
- A. Acharya and M. Raje. MAPbox: Using parameterized behavior classes to con.ne untrusted applications. In USENIX Security Symposium, 2000. Google ScholarDigital Library
- D. Brumley and D. Song. Privtrans: Automatically partitioning programs for privilege separation. In USENIX Security Sympoisum, Aug. 2004. Google ScholarDigital Library
- P. Efstathopoulos, M. Krohn, S. VanDeBogart, C. Frey, D. Ziegler, E. Kohler, D. Mazieres, F. Kaashoek, and R. Morris. Labels and event processes in the Asbestos operating system. In Symposium on Operating Systems Principles, 2005. Google ScholarDigital Library
- P. Ehrlich and T. Considine (Chairs). Open Building Information Exchange (oBIX) version 1.0. OASIS Committee Speci.cation, December 2006. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=obix.Google Scholar
- T. Garfinkel, B. Pfa., and M. Rosenblum. Ostia: A delegating architecture for secure system call interposition. In Network and Distributed System Security Symposium, 2004.Google Scholar
- I. Goldberg, D. Wagner, R. Thomas, and E. Brewer. A secure environment for untrusted helper applications. In USENIX Security Symposium, July 1996. Google ScholarDigital Library
- P. P. Gri.ths and B. W. Wade. An authorization mechanism for a relational database system. ACM Transactions on Database Systems (TODS), 1(3):242--255, September 1976. Google ScholarDigital Library
- Java. http://java.sun.com/.Google Scholar
- E. Kubaitis. Bluestem overview. Web Page, August 2000. https://www-s4.uiuc.edu/bluestem-notes/.Google Scholar
- K. Lawrence and C. Kaler (Chairs). Web Services Security (WS-Security) X.509 Certificate Token profile 1.1. OASIS Standard Speci.cation, February 2006. http://docs.oasis-open.org/wss/v1.1/ wss-v1.1-spec-os-x509TokenProfile.pdf.Google Scholar
- Microsoft. Active directory overview. Web Page, Janurary 2005. http://technet2.microsoft.com/windowsserver/en/library/7c981583-cf41-4e6c-b1f6-5b8863475ede1033.mspx?mfr=true.Google Scholar
- OPC Task Force. OPC overview. OPC White Paper, October 1998. http://www.opcfoundation.org/DownloadFile.aspx/General/OPC\%20Overview\%201.00.pdf?RI=1.Google Scholar
- D. S. Peterson, M. Bishop, and R. Pandey. A flexible containment mechanism for executing untrusted code. In USENIX Security Symposium, Aug. 2002. Google ScholarDigital Library
- N. Provos. Improving host security with system call policies. In USENIX Security Symposium, Aug. 2003. Google ScholarDigital Library
- N. Provos, M. Friedl, and P. Honeyman. Preventing privilege escalation. In USENIX Security Symposium, Washington, DC, Aug. 2003. Google ScholarDigital Library
- RSA Laboratories. Public-key cryptography standards (PKCS) #7: Cryptographic message syntax standard version 1.6. RSA Laboratories Technical Note, May 1997. http://www.rsa.com/rsalabs/node.asp?id=2129.Google Scholar
- J. S. Shapiro, J. M. Smith, and D. J. Farber. EROS: A fast capability system. In Symposium on Operating Systems Principles, 1999. Google ScholarDigital Library
- T. Wason, S. Cantor, J. Hodges, J. Kemp, and P. Thompson. Liberty ID-FF architecture overview, 2005.Google Scholar
Index Terms
- Improving multi-tier security using redundant authentication
Recommendations
Cryptanalysis and Security Enhancement of Three-Factor Remote User Authentication Scheme for Multi-Server Environment
Recently, Om et al. proposed three-factor remote user authentication protocol using ElGamal cryptosystem and ensured that it is withstands to various kinds of security attacks. But, the authors review carefully Om et al.'s scheme and discover that it ...
Secure remote user authentication scheme using bilinear pairings
WISTP'07: Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systemsIn 2006, Das et al. proposed a remote user authentication scheme using the properties of bilinear pairings. The current paper, however, demonstrates that Das et al.'s scheme is still vulnerable to an impersonation attack and an off-line password ...
An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards
Generally, if a user wants to use numerous different network services, he/she must register himself/herself to every service providing server. It is extremely hard for users to remember these different identities and passwords. In order to resolve this ...
Comments