Unit - V

Web Security

Explain the client/server architecture of web. – 10

 www / web is an infrastructure of information.
o Information is stored on the www on web servers and it uses the internet to
transmit data around the world
 The www is structured with client and servers, where a client accesses services from
the server.
 Servers run special programs that allow information to be transmitted to remote
computers (clients) which are running a web browser.
 Servers can either be local or remote (available through a global network connection)
o A local connection requires the connection over a LAN, where as global
connection requires the connection to an Internet Service Provider (ISP).
 ISPs provide the mechanism to access the Internet and have the required hardware
and software to connect from the user to the Internet.
 Possible ways for connection to an Internet Access are:
o Connection to a client computer through a dial-up modem connection (28.8kbps
or 56kbps).
o Connection to a client computer through a dial-up ISDN connection (64 kbps or
128 kbps).
o Connection of a client computer to a server computer which connects to the
Internet through a frame relay router (56 kbps or 256 kbps).
o Connection of a client computer to a local area network which connects to the
Internet through T1, 1.544 Mbps router.

Figure: Example connections to the Internet

UNIT-V: Web Security 1

  The main protocol of the www is the Hypertext Transfer Protocol (HTTP), which
can be used in any client-server application involving hypertext. It is used on the
www for transmitting information using hypertext jumps and can support the transfer
of plaintext, hypertext, audio, images, or any Internet-compatible information.
 HTTP is a stateless protocol, where each transaction is independent of any previous
transaction. Thus, when the transaction is finished, the TCP/IP connection is
disconnected.
 The advantage of being stateless is that it allows the rapid access of www pages over
several widely distributed servers. It uses the TCP protocol to establish a connection
between a client and a server for each transaction and then terminates the connection,
once the transaction completes.
 HTTP also supports many different formats of data. Initially, a client issues a request
to a server which may include a prioritized list formats that it can handle.
 A client’s www browser initially establishes a direct connection with the destination
server which contains the required www page.
o To make this connection, the client initiates a TCP connection between the
client and the server.
o After connection is established, the client then issues the HTTP request, such
as the specific command, the URL, and possibly extra information such as
request parameters or client information.
o When the server receives the request, it attempts to perform the requested
action, and returns an HTTP response, which includes status information, a
success/error code, and extra information.
o Once the transaction is complete, the TCP connection is closed.

Figure: Web Servers and Browsers

=== * ===

UNIT-V: Web Security 2

 Indicate the security of threats faced while using web. – 5
Threats Consequences Countermeasures
Modification of user data  Loss of information
Trojan horse browser  Compromise of
Cryptographic
Integrity Modification of memory machine
checksums
Modification of message  Vulnerability to all
traffic in transit other I threats
 Eavesdropping on the
Net
 Theft of info from server
 Loss of
 Theft of data from client Encryption, Web
Confidentiality information
 Info about network proxies
 Loss of privacy
 configuration
 Info about which client
 talks to server
 Flooding machine with
 Disruptive
 bogus requests
Denial of  Annoying
 Filling up disk or Difficult to prevent
Service  Prevent user from
memory, Isolating
getting work done
machine by DNS attacks
 Misrepresentation
 Impersonation of of user
Cryptographic
Authentication legitimate users  Belief that false
techniques
 Data forgery Information is
valid
=== * ===

Describe web traffic security approaches. – 10

Different Approaches which provide Web Security are
 Similar in services they provide, and the mechanism they use.
 But differ with respect to their scope of applicability and their relative location within
TCP/IP protocol stack.
The relative location of Security Facilities in the TCP/IP Protocol Stacks are:
 Network Layer: IP Sec
 Transport Layer: SSL, TLS
 Application Layer: S/MIME, PGP, SET, Kerberos

UNIT-V: Web Security 3

 Figure: Relative Location of Security facilities in the TCP/IP Protocol Stack

Network Layer:
o The advantage of using IPSec is that it is transparent to end users and applications
and provides a general-purpose solution.
o IPSec includes a filtering capability so that only selected traffic need incur the
overhead of IPSec processing.

Transport Layer:
o Secure Sockets Layer (SSL) and its improved version known as Transport Layer
Security (TLS) are part of the underlying protocol suite and transparent to
applications.
o SSL can be embedded in specific packages. For example, Netscape and Microsoft
Explorer browser come equipped with SSL, and most Web servers have implemented
the protocol.

Application Layer:
o Application-specific security services are embedded within the particular application.
o The advantage of this approach is that the service can be tailored to the specific needs
of a given application.
o Examples: Secure Electronic Transaction (SET), Secure/Multipurpose Internet Mail
Extension (S/MIME), Pretty Good Privacy (PGP).
=== * ===
Explain the importance of SSL/TLS for secure web services. – 10
 SSL provides transport layer security.
 SSL/TLS allows for either server-only authentication or server-client authentication.
 In Server-only authentication,
o The client receives the server’s certificate.
o The client verifies the server’s certificate and generates a secret key that it
then encrypts with the server’s public key.
o The client sends the encrypted secret key to the server; the server decrypts it
with its own private key and subsequently uses the client-generated secret key
to encrypt the message meant form the client.

UNIT-V: Web Security 4

  In the Server-Client authentication,
o Along with the secret key, the client also sends to the server its certificate that
the sever uses for authenticating the client.
 Open SSL is an implementation of the SSL and the TLS protocols.
 SSL is designed to make use of TCP to provide a reliable end-to-end secure service.
 SSL is composed of four protocols in two layers.

Figure: SSL Protocol Stack.

=== * ===

The Twin Concepts of SSL Connection and SSL Session

 In the family of SSL protocols, a connection is a one-time transport of information
between two nodes in a communication network.
 A connection constitutes a peer-to-peer relationship between the two nodes.
 Being one-time, connections are transient
 Every connection is associated with a session.
 A Session is an enduring association between a client and a server.
 A Session is created by the SSL handshaking protocol.
 A Session can consist of multiple connections.
 A Session is characterized by a set of security parameters that apply to all the
connections in the session.
 The concept of a session eliminates the need for negotiating the security parameters
for each separate connection.
=== * ===

Explain the parameters of SSL session and SSL connection states. – 10

The different parameters of SESSION STATE are:
 Session identifier: An arbitrary byte sequence chosen by the server to identify an
active or resumable session state.

UNIT-V: Web Security 5

  Peer certificate: An X509.v3 certificate of the peer. This element of the state may be
null.
 Compression method: The algorithm used to compress data prior to encryption.
 Cipher spec: Specifies the bulk data encryption algorithm (such as null, DES, etc.)
and a hash algorithm (such as MD5 or SHA-l) used for MAC calculation. It also
defines cryptographic attributes such as the hash size.
 Master secret: 48-byte secret shared between the client and server.
 Is resumable: A flag indicating whether the session can be used to initiate new
connections.

The different parameters of CONNECTION STATE are:

 Server and client random: Byte sequences that are chosen by the server and client
for each connection.
 Server write MAC secret: The secret key used in MAC operations on data sent by
the server.
 Client write MAC secret: The secret key used in MAC operations on data sent by
the client.
 Server write key: The conventional encryption key for data encrypted by the server
and decrypted by the client.
 Client write key: The conventional encryption key for data encrypted by the client
and decrypted by the server.
 Initialization vectors: When a block cipher in CBC mode is used, an initialization
vector (IV) is maintained for- each key. This field is first initialized by the SSL
Handshake Protocol. Thereafter the final cipher text block from each record is
preserved for use as the IV with the following record.
 Sequence numbers: Each party maintains separate sequence numbers for transmitted
and received messages for each connection. When a party sends or receives a change
cipher spec message, the appropriate sequence number is set to zero. Sequence
numbers may not exceed 264 - 1.
=== * ===

Describe SSL record protocol with a neat diagram – 10

SSL Record Protocol
The SSL Record Protocol provides two services for SSL connections:
1. Confidentiality: The Handshake Protocol defines a shared secret key that is used for
conventional encryption of SSL payloads.
2. Message Integrity: The Handshake Protocol also defines a shared secret key that is
used to form a message authentication code (MAC).

UNIT-V: Web Security 6

 Figure: Overall operation of Record Protocol.
The Record Protocol takes an application message to be transmitted, fragments the
data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds
a header, and transmits the resulting unit in a TCP segment.
Received data are decrypted, verified, decompressed, and reassembled and then
delivered to higher level users.

1. Fragmentation. Each upper-layer message is fragmented into blocks of 214 bytes

(16,384 bytes) or less.
2. Compression is optionally applied. Compression must be lossless and may not
increase the content length by more than 1024 bytes.
3. Message Authentication Code is computed over the compressed data to provide the
message integrity. For this a shared secret key is used.
4. Encryption: the compressed message plus the MAC are encrypted using symmetric
encryption. Encryption may not increase the content length by more than 1024 bytes,
so that the total length may not exceed 214 + 2048. Some of the encryption algorithms
permitted are: IDEA, DES, etc..
5. Append SSL Record Header to the whole encrypted unit. The record header
contains one of the field Content-Type, specifies the type of the content, the Record
Protocols carries, like, change_cipher_spec, alert, hand shake, and application data.
=== * ===

Explain SSL handshake protocol – 10

Handshake Protocol
 The Handshake Protocol allows the server and client to authenticate each other and to
negotiate an encryption and MAC algorithm and cryptographic keys to be used to
protect data sent in an SSL record.
 The Handshake Protocol is used before any application data are transmitted.

UNIT-V: Web Security 7

  The Handshake Protocol consists of a series of messages exchanged by client and
server.
 Each message has three fields:
o Type: Indicates different types of message exchanged between client and server.
o Length: The length of the message in bytes.
o Content: This field explain the parameters associated with this each message

The message exchanges between client and server can be explained in four phases:
 Phase 1: Establish Security Capabilities
 Phase 2: Server Authentication and Key Exchange
 Phase 3: Client Authentication and Key Exchange
 Phase 4: Finish

Phase 1: Establish Security Capabilities

o This phase is used to initiate a logical connection.
o The exchange is initiated by the client, which sends a client_hello message and waits
for the server_hello message.
o Client specifies, the version number, random number, session ids, Cipher Suite- a
combinations of cryptographic algorithms and list of compression methods the client
supports.
o The server_hello message, contains the same parameters as the clien_hello message.
Server may specify the single cipher suite from those proposed by the client. Server
selects the one of the compression method from those proposed by the client.

Phase 2: Server Authentication and Key Exchange

o The server begins this phase by sending its certificate, if it needs to be authenticated;
the message contains one or a chain of X.509 certificates.
o a server_key_exchange message may be sent if it is required (contains the server’s
public Diffie-Hellman parameters).
o Non-anonymous server can request a certificate from the client. The
certificate_request message includes two parameters:
 certificate_type (list of public-key algorithm) and
 certificate_authorities (list of acceptable certificate authorities).
o The server_hello_done message, which is sent by the server to indicate the end of
the server_hello and associated messages.
o After sending this message, the server will wait for a client response.

Phase 3: Client Authentication and Key Exchange

Upon receipt of the server_hello_done message, the client should verify that the
server provided a valid certificate if required and check that the server_hello parameters are
acceptable. If all is satisfactory, the client sends one or more messages back to the server.

UNIT-V: Web Security 8

 o If the, server, has requested a certificate, the client begins this phase by sending a
certificate message. If no suitable certificate is available, the client sends a
no_certificate alert instead.
o Next is the client_key_exchange message which must be sent in this phase.
o Finally, the client may send a certificate_verify message to provide explicit
verification of a client certificate.

Figure: Handshake Protocol Action

Phase 4: Finish
o This phase completes the setting up of a secure connection.
o The client sends a change_cipher_spec message and copies the pending CipherSpec
into the current CipherSpec.
 Note that this message is not considered part of the Handshake Protocol but is
sent using the Change Cipher Spec Protocol
o The client then immediately sends the finished message under the new algorithms,
keys, and secrets.
 The finished message verifies that the key exchange and authentication
processes were successful.
o In response to these two messages, the server sends its own change_cipher_spec

UNIT-V: Web Security 9

 message, transfers the pending to the current CipherSpec, and sends its finished
message.

At this point the handshake is complete and the client and server may begin to exchange
application layer data.
=== * ===
OR
Explain SSL handshake protocol – 10
Handshake Protocol
 The Handshake Protocol allows the server and client to authenticate each other and to
negotiate an encryption and MAC algorithm and cryptographic keys to be used to
protect data sent in an SSL record.
 The Handshake Protocol is used before any application data are transmitted.
 The Handshake Protocol consists of a series of messages exchanged by client and
server.
 Each message has three fields:
o Type: Indicates different types of message exchanged between client and server.
o Length: The length of the message in bytes.
o Content: This field explain the parameters associated with this each message

The message exchanges between client and server can be explained in four phases:
 Phase 1: Establish Security Capabilities
 Phase 2: Server Authentication and Key Exchange
 Phase 3: Client Authentication and Key Exchange
 Phase 4: Finish
Different Steps of four phases of TLS Handshake Protocol is summarized below:
1. The client sends a "Client hello" message to the server, along with the client's random
value and supported cipher suites.
2. The server responds by sending a "Server hello" message to the client, along with the
server's random value.
3. The server sends its certificate to the client for authentication and may request a
certificate from the client. The server sends the "Server hello done" message.
4. If the server has requested a certificate from the client, the client sends it.
5. The client creates a random Pre-Master Secret and encrypts it with the public key
from the server's certificate, sending the encrypted Pre-Master Secret to the server.
6. The server receives the Pre-Master Secret. The server and client each generate the
Master Secret and session keys based on the Pre-Master Secret.
7. The client sends "Change cipher spec" notification to server to indicate that the client
will start using the new session keys for hashing and encrypting messages. Client also
sends "Client finished" message.

UNIT-V: Web Security 10

 8. Server receives "Change cipher spec" and switches its record layer security state to
symmetric encryption using the session keys. Server sends "Server finished" message
to the client.
9. Client and server can now exchange application data over the secured channel they
have established. All messages sent from client to server and from server to client are
encrypted using session key.
=== * ===

Write a note on S-HTTP. – 5

 Secure-HTTP (S-HTTP) - Works in conjunction with HTTP to enable clients and
servers to engage in private and secure transactions. It is essentially useful for
encrypting form-based information as it passes between clients and servers.
 S-HTTP ONLY encrypts HTTP-level messages at the application layer whereas SSL
encrypts all data being passed between the client and the server at the IP socket level.
 S-HTTP provides considerable flexibility in terms of what cryptographic algorithms
and, modes of operation can, be used. Also, users need to be authenticated before
sending encrypted files to each other.
 With S-HTTP, messages may be protected using digital signatures, authentication,
and encryption.
 During the initial contact, the sender and the receiver establish preferences for
encrypting and processing secure messages.
=== * ===

Write a note on Secure Electronic Transaction (SET). – 5

 SET is an open encryption and security specification designed to protect credit card
transactions on the Internet.
 SET is not only a payment system. Rather it is a set of security protocols and formats
that enables users to employ the existing credit card payment infrastructure on an
open network, such as the Internet in a secure fashion.
 SET provides three SERVICES:
o Provides a secure communications channel among all parties involved in a
transaction
o Provides trust by the use of X.509v3 digital certificates
o Ensures privacy because the information is only available to parties in a trans-
action when and where necessary
 SET is designed to secure credit card transactions by authenticating cardholders,
merchants, and banks by preserving the confidentiality of payment data.
 SET includes the following FEATURES:
o Requires digital signatures to verify that the customer, the merchant, and the
bank are all legitimate.

UNIT-V: Web Security 11

 o Uses multiparty messages that allow information to be encrypted directly to
bank
o Prevent credit card numbers from getting in the wrong hands.
o Requires integration into the credit card processing system.
 SET includes a layer that negotiates the type of payment method, protocols,
transports.
 Payment methods could include credit cards, debit cards, electronic cash, and
cheques.
o Payment protocols define the message format and sequence required for
completion of the payment transaction.
o Transports include protocols such as SSL and S-HTTP.
o Certificate authorities provide digital signature that are critical for verifying
the authenticity of cardholders and others involved in the transaction.
 SET uses “Electronic Wallet” to identify the user and validate the transaction.
o Electronic Wallet is a type of software application used by the consumer for
securely storing purchasing information.
 SET add digital certificates that associate the cardholder and the merchant with a
particular financial institution and the visa or master card payment system.
=== * ===

Describe the SET components and their relationships. (Or Describe SET Participants) –
10
 Cardholder: A cardholder is an authorized holder of a payment card (e.g.,
MasterCard, Visa) that has been issued by an issuer.
 Merchant: A merchant is a person or organization that has goods or services to sell
to the cardholder.
 Issuer: This is a financial institution, such as a bank, that provides the card holder
with the payment card.
 Acquirer: This is a financial institution that establishes an account with a merchant
and processes payment card authorizations and payments.
 Payment gateway: This is a third party that processes merchant payment messages.
The payment gateway interfaces between SET and the existing bankcard payment
network for authorization and payment functions.
 Certification authority (CA): This is an entity that is trusted to issue X.509v3
public-key certificates for cardholders, merchants, and payment gateways.

UNIT-V: Web Security 12

 Figure: SET Components and their relationships.
=== * ===

Explain the flow of transaction in SET with a diagram. – 10 Or

Sequence of events in Secure Electronic Transaction Process
The sequence of events associated with SET process are:

Figure: SET Transaction Flow

1. The customer opens an account and obtains a credit card account with a bank that
supports electronic payment and SET.
2. These customers receive a certificate after suitable verification of identity. It
establishes a relationship between the customer's key pair and the credit card.

UNIT-V: Web Security 13

 3. Merchants have certificates consisting of one key for signing messages and one for
key exchange. They also need a copy of the payment gateway's public key certificate.
4. The customer places an order, which is accepted by the merchant. The order form
returned from the merchant includes the items, the cost, and an order number.
5. The customer receives the merchant certificate.
6. The customer sends the order, payment, and this certificate to the merchant.
7. The merchant requests payment authorization through the payment gateway.
8. The Merchant provides the customer with order confirmation.
9. The merchant ships the product or service.
10. The merchant request payment gateway, which handles all payment processing.
=== * ===

Business Requirements: (Requirements for SET)

1. Provide authentication that a cardholder is a legitimate user of a credit card account.
2. Provide authentication that a merchant can accept credit card transactions through its
relationship with a financial institution.
3. Provide confidentiality of payment and ordering information.
4. Ensure the integrity of all transmitted data.
5. Ensure the use of the best security policies and system design techniques to protect all
legitimate parties in an electronic commerce transaction.
6. Create a protocol that neither depends on transport security mechanisms nor prevents
their use.
7. Facilitate and encourage interoperability among software and network providers.
=== * ===

Key Features of SET

SET incorporates the following features:
 Cardholder account authentication.
 Merchant authentication.
 Confidentiality of information.
 Integrity of data.
=== * ===

Explain the parameters of SSL Session State – 5

Explain the parameters of SSL Connection States. – 5
List the services provided by SSL Record Protocol. – 5

UNIT-V: Web Security 14