[ TOP ]

Tutorial Ml (Full Day)

Richard Walzer (The MITRE Corporation)
Murray G. Donaldson (Communications-Electronics Security Group (CESG))

The approach to the analysis and assessment of information technology security products and systems is changing, and it is changing significantly. Version 2.1 of the Common Criteria (CC) for Information Technology Security Evaluation (commonly referred to as the "CC") was released on 22 May 1998. The CC was written as a cooperative effort by the Communications Security Establishment (CSE) of Canada, the National Security Agency (NSA) and the National Institute of Standards and Technology (NIST) of the United States, Service Central de la Sécurité des Systèmes d'Information (SCSSI) of France, Bundesamt für Sicherheit in der Informationstechnik (BSI) in Germany, the Netherlands National Communications Security Agency (NLNCSA), and the Communications-Electronics Security Group (CESG) of the United Kingdom.

A Mutual Recognition Arrangement has already been signed by CSE, NSA, NIST, SCSSI, BSI, and CESG (Canada, the United States of America, France, Germany, and the United Kingdom), to recognize the certificates issues by each other for CC-based evaluations. Several products have successfully completed evaluation and are recognized internationally. The CC Version 2.1 is also similar in content to the new International Standard (IS) 15408, currently in its final publication phase at ISO.

As the Common Criteria gains importance and recognition, it will become increasingly important that we learn this new "language" for expressing IT security requirements. This tutorial will introduce you to the Common Criteria and provide you with the necessary background to understand its use.

An overview of this tutorial includes:

1. Providing information and instruction on using the Common Criteria Version 2.1 to express your IT security needs as a user and to express the security features and assurances of your product as a developer
2. Providing information on the evolution of US, Canadian, and European Commercial Product Assessments
3. Detailing some of the on-going international activities involved in the creation and acceptance of the CC

This full-day tutorial will be based heavily upon the 1998 ACSAC tutorial of the same name "Using the Common Criteria Version 2.1". It will be expanded to include more of an International presentation (versus last year's U.S.-centric views), and it will include both lecture and discussion.

[ TOP ]

Tutorial M2 (Full Day)

Introduction to Cryptography and Public Key Infrastructure

Ron Tencati (Spyrus, Incorporated)

This full-day tutorial introduces participants to the theory and application of cryptography and Public Key Infrastructure (PKI). A study of both historical and present-day cryptographic applications is presented. Students explore both conventional and public key encryption schemes, study the differences between Diffie-Hellman and RSA public key technologies, and explore modern cryptographic applications such as SSL, IPSEC, Elliptic Curves and Digital Signatures. A study of the components of a Public Key Infrastructure (PKI) system is also included in this tutorial.

The following topics are covered in this tutorial:

1. Introduction: Information Security Market Drivers; Survey of Common Data Security Threats; Enterprise Security Requirements; VPN Concepts; Data Integrity Functions
2. Cryptology: Cryptographic Techniques; Cryptanalysis Techniques; SSL and IPSEC
3. Encryption Algorithms: Ciphers: Stream, Block, Conventional; DES and Triple DES; Cipher Modes and Initialization Vectors; Key Recovery Basics
4. Public Key Cryptography: Public Key Concepts and Algorithms; Diffie-Hellman and RSA Systems; Elliptic Curve Cryptographic Technology
5. Key Management and Handling: Public and Private Key Generation; Key Exchange (RSA, D-H, X9.17, etc.); Key Distribution Methods
6. Cryptographic Authentication: Digital Signature Concepts; X.509 Digital Certificates; Certificate Authorities
7. Practical Applications – PKI: Public Key Infrastructure (PKI) Component Discussion; Electronic Commerce Applications; Enterprise Security Management

[ TOP ]

Tutorial M3 (Half Day - Morning)

Java Security Essentials—Part I

Dr. Sub Ramakrishnan (Bowling Green State University)

Java is a powerful object oriented programming language. The Java Cryptographic Extension (JCE) promises plug-in cryptographic libraries and seamless addition of a number of security components and services.

This tutorial provides an overview of the Java security model and the components required to build secure application systems using the Java framework. It introduces basic cryptographic mechanisms and describes how to install JCE and implement simple functions using the Java Cryptographic Architecture.

Note: Tutorial M4, Java Security Essentials—Part II, is a follow-on to this tutorial. Part II provides code samples and discuss additional details of building secure applications using JCE.

1. Overview of Java: Introduction to the programming languages. Overview of application domains.
2. Java Security Model : Byte code verifier. Pointer arithmetic. Garbage collection policies.
3. Java Security Manager: Java Applets and the sand-box model. Applet security. Mechanisms for controlling applet security restrictions.
4. Basic security mechanisms: Authentication. Secure communication. Public and private keys.
5. Java Cryptographic Extension (JCE): Restrictions on Use. JCE installation steps. How to use JCE facilities in applications. JCE components. A sample application
6. Provider architecture: What is it? Architecture overview

[ TOP ]

Tutorial M4 (Half Day - Afternoon)

Java Security Essentials—Part II

Dr. Sub Ramakrishnan (Bowling Green State University)

This tutorial provides an in-depth treatment of how Java is used to build secure stand-alone applications and applets that run over the World Wide Web. Specifically, the tutorial describes the JCE provider architecture and provide a comprehensive treatment of the components in JCE. Finally, the tutorial describes mechanisms for adding a new provider architecture that may be useful to plug-in new algorithms.

Note: This tutorial builds on the concepts presented in Tutorial M3, Java Security Essentials: Part I, which introduced the Java security framework and gave an overview of basic encryption mechanisms. For those that choose to attend only Part II, a brief overview of Part I material will be provided.

1. Overview of Java Security Essentials - Part I: Java language features Java Cryptographic Extension Basics of cryptography JCE installation steps.
2. Secret Key Cryptography: Implementation of DES. Client-server enabled Hello world application. Secure client-server application using DES. Code samples Key exchange.
3. New Provider architecture: Implementing new provider architecture. Provider specification. Code details. Sealed objects Wrapper classes
4. Authentication mechanism: Components of PK architecture Implementation mechanisms Authentication mechanism for secure client-server application. Sealed objects Wrapper classes
5. Web security: E-commerce framework Front end database client and backend database server

[ TOP ]

Tutorial T5 (Full Day)

Rich Walzer, The MITRE Corporation

Based heavily on the hands-on application of the skills learned in the basic course, "Using the Common Criteria Version 2.1", this tutorial will guide students through the development of a simple Protection Profile. A Target of Evaluation (TOE) description will be provided to the students, and throughout the remainder of the day the class will focus on developing the required content of a Protection Profile that ultimately describes the requirements for that TOE. Emphasis will be placed equally on the description of the Environment, the Objectives, the Requirements, and the Rationale.

NOTE: Students taking this course should have completed the related ACSAC tutorial, "Using the Common Criteria Version 2.1". Students desiring to take this course who have not completed the basic tutorial should have sufficient knowledge of the CC to understand the required content of a Protection Profile and must understand how to use Parts 2 and 3 of the Common Criteria Version 2.1.

An overview of this tutorial includes:

1. Developing an Environmental Section of a Protection Profile that is consistent with a TOE Description
2. Developing an Objectives Section of a Protection Profile that addresses the Threats, Organizational Security Policies, and Assumptions of the Environmental Section
3. Developing a Functional Requirements Section of a Protection Profile that satisfies the Objectives Section
4. Selecting an appropriate Evaluation Assurance Level (EAL) for a Protection Profile that is consistent with the Description, Environment, and Objectives of the intended TOE.
5. Providing sufficient Rationale for the decisions that were made in order to satisfy the Protection Profile requirements.

[ TOP ]

Tutorial T6 (Full Day)

Web Security

Rolf Oppliger, Ph.D (Swiss Federal Strategy Unit for Information Technology (FSUIT))

With the proliferation of the World Wide Web (WWW) as a platform for electronic commerce and corresponding applications, Web security has become a major concern. In short, the term "Web security" refers to the procedures, practices, and technologies that can be used to protect Web servers and clients, as well as Web users and their surrounding organizations. This tutorial mainly focuses on the technologies that can be used to provide Web security (both in terms of access control and communication security services). In addition, it also addresses security-related topics, such as copyright protection, privacy protection and anonymity services, as well as censorship on the Web. The tutorial is intended for anyone who is seriously concerned about Web security, is in charge of security for a corporate network (e.g., an intranet or an extranet), or manages an organization that uses the Web as a platform for doing business on the Internet. The tutorial attendees will get an overview about the major topics that are relevant for the WWW and the security thereof. The tutorial is organized as follows:

1. Introduction
2. HTTP User Authentication and Authorization
3. Proxy Servers and Firewalls
4. Cryptographic Techniques
5. Internet Security Protocols
6. The SSL and TLS Protocols
7. Electronic Payment Systems
8. Managing Certificates
9. Executable Content
10. CGI and API Scripts
11. Mobile Code and Agent-based Systems
12. Copyright Protection
13. Privacy Protection and Anonymity Services
14. Censorship on the WWW
15. Conclusions and Outlook

[ TOP ]

Tutorial T7 (Half Day - Morning)

ATM Security

Prof. Dr. Christoph Ruland (University of Siegen)

ATM networks are much more important than any other network technologies, due to the fact that they support unlimited data rates and universal interfaces for all types of information traffic. Under security aspects, however, ATM networks are neither more nor less secure than other networks. Therefore, it is absolutely necessary to offer additional security measures to protect users, user information, and networks against possible risks and attacks. For this reason the ATM Forum has developed specifications, which describe how to integrate security in ATM networks.

This tutorial is based on the different specifications of the ATM forum which provide security for the user plane (responsible for the user data traffic) as well as for the control plane (responsible for the signaling traffic of call establishment, call control, etc.). It focuses on the following:

1. Security services in the user and control plane
2. Security mechanisms, which support the security services
3. Security protocols to establish secure connections between the communicating parties
4. Integration of the security protocols into the signaling protocols
5. Additional security aspects, which are still under development

The tutorial starts with a short overview about ATM technology, so it can also be attended by people, that are not yet familiar with ATM. It is directed to all people, who use or plan to use ATM networks and who want to protect their networks and information.

[ TOP ]

Tutorial T8 (Half Day - Afternoon)

Commercial Secure Messaging

Lisa Mitchell (The MITRE Corporation)

One of the most common methods of Internet and intranet communication is electronic mail. E-mail, unfortunately, suffers from a number of security concerns. An e-mail message is analogous to a postcard; anyone that is a user on a machine that handles e-mail can potentially read it. E-mail is easily intercepted; it can be read, altered, destroyed, or rerouted without the knowledge of the sender or the expected recipient. The equivalent of an envelope is needed to secure e-mail. There have been a number of efforts, by individuals, commercial companies, and government, made toward providing this security envelope; of these efforts, the most prevalent commercial solutions are Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME).

This tutorial will discuss general issues behind securing e-mail, review the commercial solutions, discuss the efforts made at standardization, look more closely at a number of commercial clients that implement them, and explore issues such as usability and interoperability.

1. Introduction to electronic mail: Architecture, Corporate use of e-mail systems, Corporate impact due to vulnerabilities
2. Introduction to secure e-mail: Security services provided/not provided, Architectures, Well-known attacks, Encoding and formatting options, Encryption/decryption, Digital signatures, Key management
3. History of secure e-mail efforts: PEM, MOSS, DMS
4. S/MIME and PGP: Description, History, Philosophy, Products, Standards effort
5. S/MIME and PGP Product Presentations and Demonstrations. The following will be covered for each product: Description, User interface, Installation, Configuration, Certificate sources, Key management, Messaging functionality (with demo)
6. Issues and Future Direction: Residual risks, Tradeoffs of secure e-mail options, Impact of PKI, Interoperability issues, Direction of secure e-mail market