Network Security and Management(15CS62T)

UNIT V: Web Security 08 Hours

Client/Server Architecture, Security considerations and Threats, Web traffic security
approaches, SSL/TLS for secure web services, The Twin concept of “SSL Connection” and
“SSL Session”, SSL session state, SSL Connection State, SSL Record Protocol, SSL
Handshake Protocol, Secure Hypertext Transport Protocol(S-HTTP), Secure Electronic
Transaction(SET), Business Requirements, SET Participants, SET Transaction Flow.

Web::- Web is a system with universally accepted standards for storing, retrieving,
formatting and displaying information using client/server architecture. The web
combines the text, hypermedia, graphics and sound. It can handle all types of
digital communication, making it easy to link resources that are far apart and it
uses GUI for easy viewing. It is based on a standard hypertext language called
HTML, which formats documents and incorporates dynamic links to other
documents stored in same or remote computers.

Client / Server Architecture

The www or web is basically an infrastructure of information. This information
is stored on the on web servers and it uses the Internet to transmit data around
the world. These servers run special programs that allow information to be
transmitted to remote computers which are running a web browser, as illustrated in
Figure

The internet is a common communication in which computers using a common addressing

mechanism (IP) with a TCP(Transmission Control Protocol)/IP connection.

The www is structured with client and servers, where a client accesses services from the
server.
The server can either be local or available through a global network connection.
 A local connection normally requires the connection over a local area network , but a
global connection normally requires the connection to a Internet Service Provider
 These providers are often known as Internet access Provider (ISP), sometimes as
Interconnectivity providers (ICP).
Triveni A R SGL/CS, GWPT, Ramanagara Page 1
 Network Security and Management(15CS62T)
They provide the mechanism to access the Internet and have required hardware and software
to connect from the user to the Internet. Example to access is

 Connection through a dial-up modem connection.

 Connection through a dial-up ISDN connection.
 Connection through a frame relay router.
 Connection through T1 router.

The foundation protocol of the www is the Hypertext Transfer Protocol (HTTP),
which can be used in any client-server application involving hypertext. The most
recently defined standard is HTTP 1.1 which has been defined by the IETF standard.

HTTP is a stateless protocol, where each is independent of any previous transaction. Thus,
when the transaction is finished, the TCP/IP connection is disconnected. The advantages of
being stateless are that it allows the rapid access of www pages over several widely distributed
servers. It uses the TCP protocol to establish a connection between a client and a server for
each transaction and then terminates the connection once the transaction completes

 Initially, a client issues a request to a server which may include a prioritized list of
formats that it can handle.
 A client’s www browser (the user agent) initially establishes a direct connection with
the destination server which contains the required www page.
 To make this connection, the client initiates a TCP connection between the client and
the server. After this is established, the client then issues an HTTP request, such as the
specific command (the method), the URL, and possibly extra information such as
request parameters or client information.
 When the server receives the request, it attempts to perform the requested action. It,
then, returns an HTTP response, which includes status information, a success/error
code, and extra information. After the client receives this, the TCP connection is
closed.

SECURITY CONSIDERATIONDS AND THREATS

The WWW is fundamentally a client/server application running over the
internet and TCP/IP intranets. Web is increasingly serving as a highly
visible outlet of corporate and product information and as a platform for
business transactions. Reputation can be damaged and money can be lost
if the web servers are subverted. The web software may hide many potential
security flaws, which are vulnerable to a variety of security attacks.

 Common users are clients for web-based services.

 Clients are not aware of the security risks that exist and do not have the tools are
knowledge to take effective countermeasures.

Table 17.1 provides a summary of the types of security threats faced in using the web .

Triveni A R SGL/CS, GWPT, Ramanagara Page 2

 Network Security and Management(15CS62T)

WEB TRAFFIC SECURITY APPROACHES

 The various approaches have been considered for web security, which are similar in the
services they provide, but they differ with respect to their scope of applicability and
their relative location within the TCP/IP protocol stack.
 Relative location of security facilities in the TCP/IP protocol stack is shown in
Figure12.3 and illustrates the difference.

Application layer

HTTP, FTP, SMTP, etc.

Transport layer

TCP, UDP

Network layer

IP/IPSec
12.3(a)Security provided at the network layer with IPSec
 One way to provide web security is to use IP security as shown in Figure 12.3(a). The
advantage of using IPSec is that it is transparent to end users and applications and
provides a general purpose solution.

Triveni A R SGL/CS, GWPT, Ramanagara Page 3

 Network Security and Management(15CS62T)

Application layer

HTTP, FTP, SMTP, etc.

Transport layer

TCP SSL/TSL

Network layer

IP/

12.3 (b)Security provided at the transport layer with SSl/TLS

 Another way to provide web security is to implement security just above TCP as shown
in Figure12.3 (b). The foremost example of this approach is the secure socket
layer(SSL) and the follow-on Internet Standard Known as Transport Layer
Security(TLS).

Application layer

HTTP, FTP, SMTP, etc.

S/MIME, PGP, SET, etc.

Transport layer

TCP, UDP

Network layer

IP

12.3(c)Security provided at the application layer with PGP, SET, etc.

 Application-specific security services are embedded within the particular application as
shown in Figure12.3(c). In the context of web security, an important example of this
approach is Secure Electronic Transaction(SET).

SSL/TLS FOR SECURE WEB SERVICES

 SSL (Secure socket layer) was developed originally by Netscape in 1995
to provide secure and authenticated connections between browsers and
servers.
 SSL/TLS allows for either server-only authentication or server-client authentication.
In server-only authentication, the client receives the server’s certificate.
Triveni A R SGL/CS, GWPT, Ramanagara Page 4
 Network Security and Management(15CS62T)
 The client verifies the server’s certificate and generates a secret key that
it then encrypts with the server’s public key.
 The client sends the encrypted secret key to the server; the server decrypts
it with its own private key and subsequently uses the client- generated secret key
to encrypt the messages meant for the client.
 In the server-client authentication, in addition to the secret key, the client
also sends to the server its certificate that the server uses for authenticating the
client.

SSL is composed of four protocols in two layers as shown in fig 5.4.

Figure 5.4 SSL PROTOCAL STACK

THE TWIN CONCEPTS OF "SSL CONNECTION" AND "SSL SESSION" .

In the SSL family of protocols, a connection is a transport of information between two nodes
in a communication network.

 A connection constitutes a peer-to-peer relationship between the two nodes.

 Being one-time, connection is transient.
 Every connection is associated with a session.
 A session is an enduring association between a client and a server.
 A session is created by the SSL handshaking protocol.
 A session can consist of multiple connections.
 A session is characterized by a set of security parameters that apply to all the
connections in the session.
 The concept of a session eliminates the need for negotiating the security parameters
for each separate connection.

Triveni A R SGL/CS, GWPT, Ramanagara Page 5

 Network Security and Management(15CS62T)
SSL SESSION STATE.

An SSL session state is characterized by the following parameters:

Session identifier: An arbitrary byte sequence chosen by the server to identify an active or
resuming session state.

Peer certificate: An X509. V3 certificate of the peer. This of the state may be null.

Compression method: The algorithm used to compress the data prior to encryption.

Cipher spec: Specifies of the bulk data encryption algorithm and the hash algorithm used
MAC (Message Authentication Code) calculations.

Master secret: A 48-byte secret shared between the client and server.

Is resumable: A flag indicating whether the session is allowed to initiate new connections.

SSL CONNECTION STATE.

An SSL connection state is characterized by the following parameters:

Server write MAC secret: The secret key used in calculating the MAC(Message
Authentication Code) value for the data sent by the server.
Client write MAC secret: The secret key used in calculating the MAC value for the data
sent by the client.
Server write key: The symmetric-key encryption key for data encrypted by the server and
decrypted by the client.
Client write key: The symmetric-key encryption key for data encrypted by the client and
decrypted by the server.
Initialization vectors: An initialization vector (IV) for each key used by a block cipher
operating in the CBC mode (cipher block changing mode) is maintained. The vectors are
initialized by the SSL Handshake Protocol. Subsequently, the final cipher text block from
each record is preserved for use as the IV with the following record.
Sequence numbers: Each party maintains separate sequence numbers for the transmitted and
received message through each connection. When a party sends or receives a change cipher
sec message, the appropriate sequence number is set to zero. Sequence number may not
exceed 2 64 -

SSL Record Protocol

The SSL record protocol sits directly above the TCP protocol as shown in figure this protocol provides
two services:

 Confidentiality
 Message integrity

Triveni A R SGL/CS, GWPT, Ramanagara Page 6

 Network Security and Management(15CS62T)
The protocol is in charge of taking the actual data that the server wants to send to a client or that the
client wants to send to the server, fragmenting the data into blocks, applying authentication and
encryption primitives to each block, and handle the block to TCP for transmission over the network. On
the receive side, the blocks are decrypted, verified for message integrity, reassembled, and delivered to
the higher-level protocol.

The operation of the SSL Record Protocol is shown in figure 12.5. It consists of the following five
steps.

Figure: SSL Record Protocol Operations

Fragmentation: The message (either from server to client or from client to server) is fragmented into
blocks whose length does not exceed 214 (16384) bytes.

Compression: This optional step requires loss less compression and carries the stipulation that the size
of the input block will not increase by more than 1024 bytes. (As you would expect, compression will,
in most cases, reduce the length of a block produced by the fragmentation step. But for very short
blocks, the length may increase.) SSL V3, the current version of SSL does not specify compression.
Adding MAC: This step computes, the MAC (Message Authentication Code)for the block. The MAC
is appended to the compressed message block.

Encryption: The compressed message and the MAC are encrypted using symmetric key encryption.
The encryption may be carried out with a block cipher such as 3DES or with a stream cipher such as
RC4-128, A number of choices are available for the encryption steps depending on the level of security
needed.

Appended SSL Record Header: Finally, an SSL header is pretended to the encrypted block. The
header consists of 8 bits for declaring the content type, 8 bits for declaring the major version used for
SSL, 8 bits for declaring the minor version used, and 16 bits for declaring the length of the compressed
plaintext (or the plaintext if not compression was used). Each output block produced by the SSL Record
Protocol is referred to as an SSL record. The length of a record is not to exceed 32,767 bytes.

Triveni A R SGL/CS, GWPT, Ramanagara Page 7

 Network Security and Management(15CS62T)
SSL HANDSHAKE PROTOCOL:

 Responsible for client and server authenticate each other

 Provides the keys and the algorithm information to SSL Record Protocol
 Enables clients and servers
 Negotiate cryptographic algorithms
 Optionally authenticate each other
 Generate shared secrets using public-key encryption techniques
The SSL Handshake Protocol works in four phases as shown in below Figure:

Figure: Handshake protocol action

PHASE 1 handshaking, initiated by the client, is used to establish the security capabilities present at
the two ends of a connection.
The client sends to the server a client-hello message with the following parameters:

Version: The highest SSL version understood by the client.

Random: A 32-bit timestamp and 23-byte random field that together server as nonces during key
exchange to prevent replay attacks.

Passion ID: A variable length session identifier. A nonzero value indicates that the client wishes to
update the parameters of an existing connection or create a new connection on this session. A zero
value indicates that the client wishes to establish a new connection on a new session.

Cipher suite: A list of cryptographic algorithms supported by the client, in decreasing order of
preference.

Triveni A R SGL/CS, GWPT, Ramanagara Page 8

 Network Security and Management(15CS62T)

Compression method: A list of compression methods the client supports.

The server responds with its server hello message that has a similar set of parameters. The server’s
response, as you would expect, includes the specific algorithms selected by the server from the client’s
lists for compression, authentication, and encryption.

The cipher suite parameters in the server hello message consist of two elements:

 The first elements declare the key exchange method selected.

 The second elements of the cipher suite parameter is called cipher spec; it has a number of
fields that indicate the authentication algorithm selected, the length of MAC, the encryption
algorithm, etc.

PHASE 2 handshaking is initiated by the server if server authentication is needed by the client.

 The server sends to the client a certificate, message containing its one or more certificates
validating its public key.
 This could be followed by a server-key-exchange message and a certificate-request message,
both from the server to the client.
 The server-key exchange message could, from example, consist of the global Diffie-Hellman
values (a prime number and a primitive root of that number) and the servers Diffie-Hellman
public key.
 Phase 2 handshaking ends when the server ends the client-a server hello message.

PHASE 3 handshaking it initiating by the client.

 If client authentication is required, the client sends to the server the certificate message
containing one or more certificates validating its public key.
 Next, the client sends to the server a mandatory client-key-exchange message that could, for
example, consist of a secret session key encrypted with the server’s public key.
 This phase sends when the client sends to the server a certificate verify message to provide a
verification of its certificates if they are signed by a certificate authority.

PHASE 4 handshaking completes the setting up of a secure connection between the client and the
server.

 The client sends to the server a change-cipher-spec message indicating that it is copying the
pending cipher spec into the client spec.
 Next, the client sends to the server the finished message. As shown in above figure, the
server does the same vis-a-vis the client.
 The change –cipher-spec message format must correspond to the change cipher spec
Protocol.
 This protocol says that the message must consist of a single byte with a value of 1 indicating
the change.
 The last of the SSL protocols, Alert Protocol, is used to convey SSL-related alerts to the peer
entity.

Triveni A R SGL/CS, GWPT, Ramanagara Page 9

 Network Security and Management(15CS62T)

SECURE HYPERTEXT TRANSFER PROTOCOL(S-HTTP)

The native protocol that web clients and servers use to communicate is Hypertext Transfer
Protocol(HTTP).This protocol is ideal for open communicates. However in its native form, it
does not provide authentication or encryption features. Secure HTTP (S-HTTP) works in
conjunction with HTTP to enable clients and servers to engage in private and secure
transactions. It is essentially useful for encrypting form based information as it passes between
clients and servers .It should be noted that S-HTTP only encrypt HTTP levels message at the
application layer whereas SSL encrypts all data being passed between the client and server at
the IP socket level.

S-HTTP provides considerable flexibility in terms of what cryptographic algorithms and modes
of operation can be used. Also, as the need for authenticating among the internet and web
grows, users need to be authenticated before sending encrypted files to each other. with S-
HTTP, message may be protected using digital signatures, authentication ,and encryption.
During the initial contact, the sender and the receivers establish preferences for encrypting and
processing secure messages.

SECURE ELECTRONIC TRANSACTION (SET)

SET is an open encryption and security specification designed to protect credit card
transactions on the Internet. It is set of security protocols and formats that enable users to
employ the existing credit card payment infrastructure on an open network, such as the internet,
in a secure fashion. SET provides three services:

1. Provides a secure communications channel among all parties involved in a transaction.

2. Provides trust by the use of X.509 V3 digital certificates.
3. Ensure privacy because the information is only available to parties in a transaction when
and where necessary.

Secure transactions are critical for electronic commerce on the internet. Merchants
must automatically and safely collect and process payments from internet clients: therefore, a
secure protocol is required to support the activities of the credit card companies. SET is
designed to secure credit card transition by authenticating cardholder’s merchants and banks
by preserving the confidentiality of payment data. SET includes following features:

 Requires digital signatures to verify that the customers, merchant, and bank or legitimate.
 Uses multiparty messages that allow information to be encrypted directly to bank.
 Prevent credit card numbers from getting in the wrong hands.
 Requires integration into the credit card processing system.

SET includes a layer that negotiates the type of payment method, protocols and transports , this
task is the responsibility of the joint electronic payment initiative (JEPI).Payment method could
include credit cards , debit cards , electronic cash and cheques . Payment protocols such as SET
Triveni A R SGL/CS, GWPT, Ramanagara Page 10
 Network Security and Management(15CS62T)
define the message format and sequence required for completion of the payment transaction.
Transport includes such protocols (S-HTTP).
If e –commerce is to succeed, a method must exist for consumer to use credit cards over the
internet. Credit card usage on the internet is still low, but is likely to grow in the feature SET
and SSL is used in the credit card transaction to provide security provisions. SSL encrypts a
credit card number and other information using a 40- bit key. Because of its size, this key can
be hacked; however, it may be adequate for some needs .Even though SSL credit card
information private while being transmitted, it does not addresses the issue of weather valid,
stolen or being used without permission. SET addresses these limitations among an “Electronic
Wallet” that can identify the users and validate the transaction. An electronic wallet is a type
of software application used by the consumers for securely storing purchasing information.
Furthermore, SET- based systems have an advantage over the mechanisms, in that SET adds
digital certificates that associate the card holders and merchant with a particular financial
institute and the visa and master card payment system.
Business Requirements
1. Provide authentication that a card holders is legitimate users of a credit card account
2. Provide authentication that a merchant can accept credit card transaction through its
relationship with a financial institution.
3. Provide confidentiality of payment and ordering information.
4. Ensure the integrity of all transmitted data.
5. Ensure the use of the best security practices and system design techniques to protect
all legitimate parties in an electronic commerce transaction.
6. Create a protocol that neither depends on transport security mechanism nor prevent
their use.
7. Facilitate and encourage interoperability among software and network providers.
SET PARTICIPANTS (SECURE ELECTRONIC TRANSACTION)

The following figure indicates the Participants in the SET System, which include the cardholder
and the merchants in addition to the issuer, acquirer, payment gateway, and a certification
authority.

Cardholder: in the Electronic Environment consumers, and corporate purchasers, interact with
merchants from personal computer over Internet. A Cardholder is an authorized holder of
payment card (e-g Master card, visa) that has been issued by an issuer.

Merchants: A merchants is a person or organization that has goods or Service (offered by web
site or by electronic mail) to the cardholder.

Issuer: This is the financial institution, such as a bank that provides the cardholder with the
payment card.

Acquirer : This is also financial institution that establishes an account with a merchants and
processes payment card authorizations and payments.

Payment gateway: This is the function is operated by the acquirer or designed third party that
processes merchant payment messages.
Triveni A R SGL/CS, GWPT, Ramanagara Page 11
 Network Security and Management(15CS62T)
This payment gateway interfaces between SET and the exiting bankcard payment networks
for authorization & payment functions.

Certification Authority (CA) :This is an entity that is trusted to issue X.509 V3 public-key
certificates for cardholders, merchants and payment gateways.

Fig: SET Components and Relationships

SET TRANSACTION FLOW
The Sequence of events associated with SET transaction is illustrated through Figure 12.8

1. The customer opens an account and obtains a credit card account either a bank that
supports electronic payment and SET.
2. These customers receive a certificate after suitable verification of identity. It
establishes a relationship between the customer's key pair and the credit card.

Triveni A R SGL/CS, GWPT, Ramanagara Page 12

 Network Security and Management(15CS62T)
3. Merchants have certificates consisting of one key for signing messages and one for
key exchange. They also need a copy of the payment gateway's public key certificate.

4. The customer places an order, which is accepted by the merchants. The order from
returned from the merchants includes the items, the costs, and an order number.

5. The customer receives the merchant certificate.

6. The customer sends the order, payment, and this certificate to the merchants.

7. The merchant’s requests payment authorization through the payment gateway.

8. The merchant provides the customer with order confirmation.

9. The merchant ships the product or service.

10. The merchants request payment gateway, which handles all payment processing.

Triveni A R SGL/CS, GWPT, Ramanagara Page 13