1

Pengamanan Akses
Sistem
2
Learning Outcomes
Pada akhir pertemuan ini, diharapkan
mahasiswa akan mampu :
Mahasiswa dapat menerapkan keamanan
akses sistem
3
Outline Materi
Proteksi Password
Strategi Password
4
Authentication
Verifying the identity of another entity
Two interesting cases (for this class):
Computer authenticating to another
computer
Person authenticating to a computer
Two issues:
How authentication information is
stored (at both ends)
Authentication protocol itself
5
Password-based protocols
Any password-based protocol is
vulnerable to an off-line dictionary attack
if server is compromised
Goal: password-based protocol should be
secure against off-line attacks when
server is not compromised
Unfortunately, this has not been the
case in practice (e.g., telnet, cell
phones, etc.)
6
Password selection
User selection of passwords is typically
very weak
Lower entropy password makes
dictionary attacks easier
Typical passwords:
Derived from account names or
usernames
Dictionary words, reversed dictionary
words, or small modifications of
dictionary word
7
Password Selection
Non-alphanumeric characters
Longer phrases
Can try to enforce good password selection
But these types of passwords are difficult for
people to memorize and type!
8
Centralized Password Storage
Authentication storage node
Central server stores password; servers
request the password to authenticate
user
Auth. facilitator node
Central server stores password; servers
send information from user to be
authenticated by the central server
Note that central server must be
authenticated!
9
Authentication Protocols
Server stores H(pw); user sends pw
Secure against server compromise, but
not eavesdropping (or replay attacks)
Server stores pw, sends R; user sends
H(pw,R)
Secure against eavesdropping, but not
server compromise (or dictionary attack)
Can we achieve security against both?
10
Authentication of People
What you know (passwords)
What you have (keys)
What you are (biometric devices)
Where you are (physical)
11
Access Control
State of a system
Includes, e.g., current memory contents,
all secondary storage, contents of all
registers, etc.
Secure states
States in which the system is allowed to
reside
Security policy defines the set of secure
states
Security mechanism ensures that system
never leaves secure state
12
Access Control List (ACL)
Instead of storing central matrix, store each
column with the object it represents
Stored as pairs (s, r)
Subjects not in list have no rights
Can use wildcards to give default rights
13
Potential problems
What if one process gives capabilities to
another? (Possibly indirectly)
Can lead to security violation
One solution: assign security
classifications to capabilities
E.g., when capability created, its
classification is the same as the
requesting process
Capability contains rights depending on
the object to which it refers
14
Example
Cryptographic key used to encrypt a file
A file cannot be read unless the subject
has the encryption key
Can also enforce that requests from n
users are required in order to read data
(and-access), or that any of n users are
able to read data (or-access)
15
Cryptographic secret sharing
(t, n)-threshold scheme to share a key
Using this to achieve (t, n)-threshold
encryption
Shamir secret sharing
16
Another example
Type checking
Label memory locations as either data or
instructions
Do not allow execution of type data
Can potentially be used to limit buffer
overflows