16.1 Security Services

Systems and networks use a common application program interface to invoke security mechanisms (cryptography, encryption, filtering mechanisms etc) or security services as they are commonly known.

A commonly used application that is implemented and used with different and varying mechanisms and networks is the Generic Security Service Application Program Interface (GSS-API).

The GSS-API provides security applications with authentication, integrity and confidentiality security services.

The advantage of GSS-API is that it offers a common platform for all security mechanisms; thus eliminating any complexities and difficulties that may be faced in the case of data transmission from one network to another that use two different security mechanisms and protocols.

Authentication, access control and confidentiality are the security services that GSS-API provide and are discussed in this lesson.

Authentication

	Authentication is the process of identifying the identity of a user.
	This process has to be accurate and secure to make sure the user is the person who he really is.
	The mechanism of authentication is normally as follows; the user presents the system or network with a claim of identity and provides evidence to back this claim up (password for example).

16.1 Security Services

	The network has to compare this evidence to pre-stored evidence associated with this particular user and if the evidence matches then the user is granted access.
	If the evidence does not match, then access is denied.
	This process of authentication is a lot more complex and the threat of attacks is magnified when it is used in networks. This is due to the following:

		Authentication taking place at an operating system (computer system) only involves the authentication of the user. This kind of authentication, user authentication, is not only present in networks but also with the addition of host authentication between different hosts as well as process authentication between different processes. Authentication at operating system level is called identity authentication where entities are used while authentication at network level use these entities (called principles). Principles include users, hosts and processes.
		Mutual authentication is vital in networks. As well as the user being authenticated, he/she need to be reassured that he/she is accessing the right host for example. A server that is part of a network needs to make sure that the right host/client is making a request and it is a trusted client. Likewise, the client has to be assured that the right server is being accessed and is also a trusted one.
		As networks involve many different hosts, users are not expected to log-in and authenticate themselves to each one as this would be tiresome for the user. Single sign-on is used in networks which allows the user access to all network’s hosts and different resources without having to log-in every time he/she want access to a particular host.

16.1 Security Services

A network may have different authority domains which present the user with different security policies and protocols. Trust is integral in any network and collaboration between the different domains is vital.

	The above complexities magnify the risk of threats and attacks on networks as the authentication information (user names, passwords etc) face a greater risk to the threat of eavesdropping.
	Also, attackers are remote and can be difficult to track down and trace.
	Another issue is the trust factor as some hosts might not trust other hosts which will make transmission of data between these hosts very difficult, if not impossible.
	To overcome the authentication difficulties and complexities faced in networks, GSS-API utilizes Kerberos authentication system. Kerberos is the most commonly used cryptography system for authentication.

		This method of authentication provides both user authentication as well as mutual authentication across un-safe networks and nodes/hosts.
		Kerberos makes use of a Key Distribution Center (KDC) that stores secret keys of all the principles involved in the network.
		The KDC uses the principles passwords to generate and store the secret keys.
		In turn, a Ticket-Generating Server (TGS) has access to these secret keys and creates a ticket for every session in the network.
		Thus, every session in a network will have a secret key and a ticket.
		This increases the authenticity of the principles which were considered as un-trusted beforehand.

16.1 Security Services

	Similar to authentication, access control for networks is a more complex process than just a stand-alone operating system.
	It is complex due to the fact that the objects (hosts, links and connections) that their access has to be controlled upon are widespread and distributed.
	Access control concerns such as where access control is implemented and where access control information is maintained and stored.
	One issue for example is the access control that is placed on a file might have an access restriction that does not allow a user from a different host access to it.
	However, this user, who has authorized access to the host where the file resides, might have different access restrictions on the particular file.
	The host might deny a user access to a file while at the same time, the user’s host might allow him access.
	These conflicting access controls can cause confusion and difficulties in networks.
	To solve this problem, a centralized access control server is installed, working alongside a centralized authentication server.
	These two servers share authentication and access control information regarding the different principles, to solve the issue of conflicting access control measures.

16.1 Security Services

	Confidentiality is concerned with the disclosure of information only in accordance with policy.
	Most hosts in a network enforce individual policies.
	These policies have to interact together and function alongside each other without any conflict.
	Personal information transmitted across a network must stay confidential and not revealed to an un-authorized party.
	There are two confidentiality services that are offered by GSS-API; Data confidentiality and traffic confidentiality.
	To preserve confidentiality, one can prevent access to the data that is being passed on the network by encrypting it.
	As well as data confidentiality, traffic confidentiality is an important aspect that needs to be implemented.
	This hides the amount of traffic being passed between two points in a network and as a result, prevents the threat of traffic analysis.
	Traffic padding is a mechanism that adds random data to the message’s data packet to misguide traffic analysis by not revealing the correct data.
	Another mechanism used is routing control which allows the sender of data to specify the route to be taken by the data to reach its destination, thus avoiding un-trusted links/connections in the network.