ABSTRACT
This chapter describes security threats that systems face when they are connected to the Internet. We discuss their security requirements, potential security threats and di erent mech-anisms to combat these. In addition, the text presents the two most popular protocols (SSL and its successor TLS) to secure data transmitted over the Internet. Finally, we describe well-known applications such as Secure Shell (ssh) and Secure File Transfer Protocol (sftp) that provide a reasonable level of security for common tasks. They may be utilized as underlying building blocks to create secure, Internet enabled applications.
INTRODUCTION
In order to provide useful services or to allow people to perform tasks more conveniently, computer systems are attached to networks and get interconnected. This resulted in the world-wide collec-tion of local and wide-area networks known as the Internet. Unfortunately, the extended access possibilities also entail increased security risks as it opens additional avenues for an attacker. For a closed, local system, the attacker was required to be physically present at the network in order to perform unauthorized actions. In the networked case, each host that can send packets to the victim can be potentially utilized. As certain services (such as web or name servers) need to be publicly available, each machine on the Internet might be the originator of malicious activity. This fact makes attacks very likely to happen on a regularly basis.
The following text attempts to give a systematic overview of security requirements of Internet-based systems and potential means to satisfy them. We de ne properties of a secure system and provide a classi cation of potential threats to them. We also introduce mechanisms to defend against attacks that attempt to violate desired properties. The most widely used means to secure application data against tampering and eavesdropping, the Secure Sockets Layer (SSL) and its successor, the Transport Layer Security (TLS) protocol are discussed. Finally, we brie y describe popular application programs that can act as building blocks for securing custom applications.
Before one can evaluate attacks against a system and decide on appropriate mechanisms against them, it is necessary to specify a security policy [23]. A security policy de nes the desired properties for each part of a secure computer system. It is a decision that has to take into account the value of the assets that should be protected, the expected threats and the cost of proper protection mechanisms. A security policy that is su cient for the data of a normal user at home may not be su cient for bank applications, as these systems are obviously a more likely target and have to protect more valuable resources. Although often neglected, the formulation of an adequate security policy is a prerequisite before one can identify threats and appropriate mechanisms to face them.