P170 - Sicherheit 2010 - Sicherheit, Schutz und Zuverlässigkeit
Autor*innen mit den meisten Dokumenten
Neueste Veröffentlichungen
- KonferenzbeitragTowards secure and reliable firewall systems based on MINIX 3(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Weis, Rüdiger; Schüler, Brian; Flemming, Stefan A.Minix 3 is a real micro kernel operation system with a lot of remarkable security features. Two of the main points are size and isolation. The Minix 3 kernel is less than one thousand times the size of Linux. All drivers and the IP stack live in user land. We show a port of the netfilter framework, which leads to a system with better stability and security than the widely used Linux solutions [We07]. Additionally we present some new ideas regarding virtualized systems.
- KonferenzbeitragA transparent Bridge for forensic sound network traffic data acquisition(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Kiltz, Stefan; Hildebrandt, Mario; Altschaffel, Robert; Dittmann, JanaIn this paper we introduce a prototype that is designed to produce forensic sound network data recordings using inexpensive hardand software, the Linux Forensic Transparent Bridge (LFTB). It supports the investigation of the network communication parameters and the investigation of the payload of network data. The basis for the LFTB is a self-developed model of the forensic process which also addresses forensically relevant data types and considerations for the design of forensic software using software engineering techniques. LFTB gathers forensic evidence to support cases such as malfunctioning hardand software and for investigating malicious activity. In the latter application the stealthy design of the proposed device is beneficial. Experiments as part of a first evaluation show its usability in a support case and a malicious activity scenario. Effects to latency and throughput were tested and limitations for packet recording analysed. A live monitoring scheme warning about potential packet loss endangering evidence has been implemented.
- KonferenzbeitragA parallel computing system with specialized coprocessors for cryptanalytic algorithms(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Kastl, Wolfgang; Loimayr, ThomasIn this paper we present a scalable, parallel computing system consisting of specialized processors primarily designed for the implementation of cryptanalytic algorithms. Even though the system was developed in regard to solve cryptanalytic problems, it is suitable for many other tasks which can benefit from the enormous computing power of the system (e.g. malware analysis). In addition to the use of multi-core CPUs, the computing system takes advantage of graphic cards (GPUs) and FPGAs as specialized coprocessors. Thus, it gains an edge over other conventional parallel computing systems.
- KonferenzbeitragCAPTCHAs: the good, the bad, and the ugly(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Baecher, Paul; Fischlin, Marc Gordon Lior; Langenberg, Robert; Lützow, Michael; Schröder, DominiqueA CAPTCHA is a program that generates challenges that are easy to solve for humans but difficult to solve for computers. The most common CAPTCHAs today are text-based ones where a short word is embedded in a cluttered image. In this paper, we survey the state-of-the-art of currently deployed CAPTCHAs, especially of some popular German sites. Surprisingly, despite their importance and the largescale deployment, most of the CAPTCHAs like the ones of the "Umweltprämie", the Bundesfinanzagentur, and the Sparda-Bank are rather weak. Our results show that these CAPTCHAs are subject to automated attacks solving up to 80% of the puzzles. Furthermore, we suggest design criteria for "good" CAPTCHAs and for the system using them. In light of this we revisit the popular reCAPTCHA system and latest developments about its security. Finally, we discuss some alternative approaches for CAPTCHAs.
- KonferenzbeitragSession fixation – the forgotten vulnerability?(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Schrank, Michael; Braun, Bastian; Johns, Martin; Posegga, JoachimThe term 'Session Fixation vulnerability' subsumes issues in Web applications that under certain circumstances enable the adversary to perform a session hijacking attack through controlling the victim's session identifier value. We explore this vulnerability pattern. First, we give an analysis of the root causes and document existing attack vectors. Then we take steps to assess the current attack surface of Session Fixation. Finally, we present a transparent server-side method for mitigating vulnerabilities.
- KonferenzbeitragQuantifying the attack surface of a web application(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Heumann, Thomas; Keller, Jörg; Türpe, SvenThe attack surface of a system represents the exposure of application objects to attackers and is affected primarily by architecture and design decisions. Given otherwise consistent conditions, reducing the attack surface of a system or an application is expected to reduce its overall vulnerability. So far, only systems have been considered but not single applications. As web applications provide a large set of applications built upon a common set of concepts and technologies, we choose them as an example, and provide qualitative and quantitative indicators. We propose a multidimensional metric for the attack surface of web applications, and discuss the rationale behind. Our metric is easy to use. It comprises both a scalar numeric indicator for easy comparison and a more detailed vector representation for deeper analysis. The metric can be used to guide security testing and development. We validate the applicability and suitability of the metric with popular web applications, of which knowledge about their vulnerability already exists.
- KonferenzbeitragDiffusion of federated identity management(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Hühnlein, Detlef; Roßnagel, Heiko; Zibuschka, JanIn this work, we discuss the diffusion of federated identity management. We base our research on Roger's diffusion of innovation theory, and derive generic factors influencing the diffusion of federated identity management solutions. To validate our model and investigate specific contributions of parameters in specific usage scenarios, we investigate market success of federated identity management systems. We examine several application scenarios in the fields of e-business, Web, and e-government.
- KonferenzbeitragSecurity analysis of OpenID(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Sovis, Pavol; Kohlar, Florian; Schwenk, JörgOpenID is a user-centric and decentralized Single Sign-On system. It enables users to sign into Relying Partiesby providing an authentication assertion from an OpenID Provider. It is supported by many leading internet companies and there are over a billion accounts capable of using OpenID. We present a security analysis of OpenID and the corresponding extensions and reveal several vulnerabilities. This paper demonstrates how identity information sent within the OpenID protocol can be manipulated, due to an improper verification of OpenID assertions and no integrity protection of the authentication request.
- KonferenzbeitragQuantitative model-based safety analysis: a case study(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Güdemann, Matthias; Ortmeier, FrankThe rising complexity of many safety-critical systems necessitates new analysis methods. Model-based safety analysis approaches aim at finding critical failure combinations by analysis of models of the whole system (i.e. software, hardware, and failure modes). The big advantage of these methods compared to traditional approaches is that the results are of very high significance. Until now, model-based approaches have only to a limited extent been applied to answer quantitative questions in safety analysis. Model-based approaches in this context are often limited to analysis of specific failure propagation models. They do not include system dynamics and behavior. A consequence is, that the methods are very error-prone because of wrong assumptions. New achievements in the domain of (probabilistic) model-checking now allow for overcoming this problem. This paper illustrates how such an approach for quantitative model-based safety analysis is used to model and analyze a real-world case study from the railway domain.
- KonferenzbeitragReal-time fault-tolerant routing in high-availability multicast-aware video networks(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Messmer, Roman; Keller, JörgLive-videostream networks based on multimedia switches are the most recent products used in television production and distribution facilities to transport the live signal from sources like cameras or microphones to dedicated sinks like video monitors, loudspeakers and transmission lines. To switch signals from a single source to several destinations multicasting or point-to-multipoint technology is considered. To compute multicast trees for multimedia communication, constrained shortest paths algorithms are needed. They are fundamental to important network functionality such as Quality of Service (QoS) routing or Multiprotocol label switching (MPLS) path selection and the problems they attempt to solve are known to be NP-complete. In previous work, we have introduced a heuristic called Multimedia Multicast algorithm (MulMic), which delivers nearly optimal multicast trees in a short time. Here, we propose the combination of MulMic and two models for fault-tolerant routing: disjoint paths and reservation of backup paths. Furthermore we introduce a realtime algorithm we call ZirkumFlex to handle one or even several simultaneous node or line failures in a multicast network by a local search to bypass the failed node or line. We also apply our algorithm to example graphs to demonstrate its feasibility.