14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


M1 Digital Certificates - Authentication, Authorization and Trust T5 Building Information Security Protection Profiles and Security Targets Under the Common Criteria V2.0
M2 Firewalls: Assessment, Planning, Selection, Installation & Operation T6 Computer Forensics
M3 Penetration
M4 Intrusion
T7 Security in TCP/IP-based Networks

[ TOP ]

Tutorial Ml (Full Day)

Digital Certificates-Authentication, Authorization and Trust

Prof. Ravi Sandhu, GMU, Department of Information and Software Engineering

Digital certificates are an essential component of any scalable security infrastructure, and an essential enabling technology for open internet commerce. Standards and proposals for public-key certificates, and corresponding public-key infrastructures, have been under development for over a decade. This technology is finally beginning to mature and be deployed on a large scale.

This tutorial will provide a comprehensive, self-contained and up-to-date review and analysis of the principles and applications of digital certificates.

  1. Cryptographic Technology

    Cryptographic services, secret key encryption, public key digital signatures, message digests, public key certificates, public-key key agreement, message authentication codes, tickets and cookies

  2. X.509 and PKIX Certificates

    X.509v3 overview, X.509 standard extensions, key and policy information, subject and issuer attributes, certification path constraints, certificate revocation lists (CRLs), extensions related to CRLs, X.509 attribute certificates, SET and DMS certificates

  3. Certification Hierarchies

    Generalized hierarchy, rooted hierarchies, cross-certification, case studies: SET, PEM, DMS, DNS and PGP

  4. Certificate Revocation

    Certificate revocation lists, on-line certificate status, certificate revocation codes and trees

  5. SDSI/SPKI Certificates

    Local versus global names, group-based authorization

  6. Tickets and MAC-Cookies

    Authentication and authorization using secret-key technology

[ TOP ]

Tutorial M2 (Full Day)

Firewalls: Assessment, Planning, Selection, Installation & Operation

Jeff Garonzik and Clay Bomgardner, Trident Data Systems

This tutorial will discuss and demonstrate methods to utilize a firewall to enable and defend an operational perimeter. Complete firewall lifecycle consideration will be applied in this class, from initial feasibility considerations to the actual selection, setup, and operation.

  1. Assessment

    Perimeter and policy identification. Vulnerability and risk assessment methodologies. Cost/benefit analysis. Effectiveness analysis and construction of a business case.

  2. Planning

    Firewall architectures. Bastion hosts. Dual-homed gateways. Firewall technologies. The firewall toolkit. Design philosophies. Comparison of basic technologies available.

  3. Selection

    Vendor selection. Review of current products. Hardware, operating system, and network considerations. Performance metrics. Lessons Learned

  4. Installation

    Firewall placement on a network. Deployment strategies. Testing strategies.

  5. Operation

    Providing Services through a firewall: SMTP Mail, ftp, Telnet, WWW, DNS. Custom proxies and protocols. Methods of alerting to attack. Methods for management of multiple firewalls. Perimeter verification methods, tools and utilities to support operation. Integration of advanced Identification and Authentication schemes.

[ TOP ]

Tutorial M3 (Half Day - Morning)

Penetration Testing

Daniel Faigin, The Aerospace Corporation

An increasing concern in the Computer Security community is the protection of information assets from attacks. One method of achieving this protection is through a form of testing called Penetration Testing. This testing differs from conventional functional testing in that it is much more adversarial and out of the box. This tutorial provides an overview of penetration testing methodologies. It begins with an overview of why Penetration Testing is an important form of testing. It then reviews two common methodologies: The Flaw Hypothesis Methodology (FHM) and the Attack Tree (AT) Methodology. The methodology used in FHM is then discussed, with the AT methodology contrasted, where appropriate. Generic problems and hypotheses are then discussed. The tutorial concludes with a review of available resources and references.

  1. Introduction

    This section provides a general overview of the goals and approach of the tutorial

  2. Definitions

    This section provides definitions of terms commonly used in Penetration Testing, such as flaw or attack

  3. Philosophy of Penetration Testing

    This section provides the philosophical basis behind penetration testing. It explores why Penetration Testing is an important form of testing, and discusses how Penetration Testing differs from other forms of testing

  4. Testing Procedures

    This section provides an overview of the different penetration testing methodologies. It then provides a detailed explanation of how the Flaw Hypothesis Methodology is used to perform penetration testing. During this explanation, a similar methodology (Attack Tree) is contrasted with the Flaw Hypothesis Methodology.

  5. Review of Common Hypotheses

    This section of the tutorial provides a review of common penetration testing hypothesis and categories of flaws.

  6. Tools

    This section discusses some of the tools used in Penetration Testing, including assessing their usefulness in each methodology.

  7. Discussion of Available Resources and References

    The tutorial concludes with a discussion of some of the references available on the subject. This section also includes a review of online resources that are available.

[ TOP ]

Tutorial M4 (Half Day - Afternoon)

Intrusion Detection

C. Cook and M. Krause, UUNET

As the number of networks connected to the Internet has increased, the number of attempted and successful unauthorized intrusions has increased. In some cases, intrusions are merely an annoyance, but often, the intrusions cause embarrassment, cost valuable time, and can result in loss of system integrity. Consequently, it is essential that attempted and successful intrusions be detected (preferably in real-time). If an intruder does gain access to your systems, it is imperative that evidence of the intruders activities is made available with high-levels of integrity.

The Intrusion Detection presentation will cover the following:

[ TOP ]

Tutorial T5 (Full Day)

Building Information Security Protection Profiles and Security Targets Under the Common Criteria V2.0

Rich Walzer, The MITRE Corporation

The approach to the analysis and assessment of computer and information security systems is changing, and it is changing significantly. Version 2.0 of the Common Criteria (CC) for Information Technology Security Evaluation (commonly referred to as the "CC") was released on 22 May 1998. The National Security Agency (NSA) plans to replace most Trusted Computer System Evaluation Criteria (also known as "Orange Book") evaluations with CC-based evaluations under the Common Criteria Test Program (CCTP). Furthermore, an Interim Mutual Recognition Agreement has already been signed by USA, Canada, France, Germany, and the United Kingdom, to recognize the certificates issued by each other for CC-based evaluations and a Canadian evaluation of a firewall product is the first to achieve this mutual recognition. As the Common Criteria gains importance and recognition, it will become increasingly important that we learn this new "language" for expressing IT security requirements. This tutorial will provide an introduction to the Common Criteria and provide the necessary background to use it effectively.

  1. Introduction to the Common Criteria History

    Sponsoring Organizations. Goals. Alignment/ Harmonization. The Results. CC vs. TCSEC

  2. The Evolution of US Commercial Product Assessments

    Trust Technology Assessment Program (TTAP). National Information Assurance Partnership (NIAP). Transition. Current Status. Benefits.

  3. Using the CC

    Overview. Protection Profile Definition. Security Target Definition. Protection Profile Creation and Usage. Security Target Creation and Usage. Protection Profile Structure. Security Target Structure Information in Addition to PP Structure.

  4. How Do You Start

    Illustrative Examples. PP/ST Structure. PP/ST Introduction. PP/ST TOE Description. PP/ST Security Environment. PP/ST Security Objectives. IT Security Requirements: Choosing Functional Requirements; Requirements and Operations; Requirements Structure; Satisfying Dependencies; Customizing Functional Components; Choosing Assurance Requirements; Extended Requirements). Security Target Additions. Rationale for Requirements Chosen.

  5. PP and ST - What Next ?

    Protection Profile Evaluation. Security Target Evaluation

  6. Sampling of Current PP and ST Activities

  7. Mutual Recognition A Reality, Today!

  8. CC Summary, Questions, and Answers

[ TOP ]

Tutorial T6 (Full Day)

Computer Forensics

Jeff Garonzik, Trident Data Systems

The tutorial will be divided into two sections; computer forensics and auditing. The forensics section will focus on non-intrusive and intrusive strategies for searching computer media for information of interest. These needs typically arise when data is inadvertently deleted, misfiled, or lost; inadvertent contamination of confidential or classified to unclassified media occurs; or misuse or malicious activity is suspected.

The needs of the first two examples above differ drastically from the third with respect to searching methods. If inappropriate or criminal activity is suspected, traceability and evidence integrity are paramount and a complete strategy is required on media handling. After-the-fact, it is to late to restore this integrity so the forensic analyst must be suitably skilled to manage all scenarios.

The second section of this tutorial will deal with audit configuration, operation, and management from the security professional's perspective. The capabilities of audit differ drastically dependent on the function and operation of the applications and the network architecture. Audit opportunities and strategies will be considered and compared to assist the security professional in selecting and implementing a successful audit program in an AIS environment.

  1. Computer Forensics

    Physical Disk Attributes. Operating System File Formats. Search strategy. Recovering deleted data. Data file formats. Backup/Disk replication. Utilities. Encryption options. Secure Deletion options.

  2. System Audit Configuration & Analysis

    Legal concerns/posture. Audit capabilities/ Vendor-provided utilities. Third party options. What should be audited? Centralized vs. distributed audit collection. Audit reduction & reporting. Methods of Event Notification. Packet sniffers

[ TOP ]

Tutorial T7 (Full Day)

Security in TCP/IP-based Networks

Rolf Oppliger, Ph.D., Swiss Federal Office of Information Technology and Systems (BFI)

There are several security technologies available today that can be used to provide security for TCP/IP-based networks. In particular, there are firewalls to provide access control services and cryptographic protocols to provide communication security services, such as authentication, data confidentiality, data integrity, and non-repudiation services. In fact, there are many cryptographic protocols that have been developed, proposed, and partly implemented to provide security services at the network access, Internet, transport, and application layer of the TCP/IP communications protocol suite. The aim of this tutorial is to overview the security technologies that are available today to secure TCP/IP-based networks, and to discuss their advantages and disadvantages with regard to their deployment within the Internet or corporate intranet and extranet environments.

  1. Fundamentals

    Introduction. TCP/IP Networking. OSI Security Architecture. Cryptographic Techniques

  2. Access Control

    Overview. Packet Filtering. Application Gateways. Firewall Configurations

  3. Communication Security

    Network Access Layer Security Protocols. Internet Layer Security Protocols. Transport Layer Security Protocols. Application Layer Security Protocols. Areas of Further Study. Conclusions