Trust management systems are an important component of identity management for enterprises and federated identity management for virtual enterprises. There exists a specific type of Denial of Service attack against Trust Management systems that must be carefully considered in the realm of SOA Security. Trust Management systems depend on the use of Digital Signature verifications that are used to validate credentials, which can occur in a trust chain of credentials.
A Denial of Service attack that is directed against a Trust Management system sends a request containing a long forged credential chain which is intended to force the target server to consume resources in validating the chain. While client puzzles (Aura et al) (Dean and Stubblefield) and an iterative approach to authentication (Meadows), with a quick initial first pass that is weak followed by a strong authentication pass, can be used to mitigate these attacks, Li et al show that credential caching can be used as a defense technique in this type of attack, coupled with a strategy that validates the credentials in the chain in a random order to make it difficult for the attacker to send a credential chain that will take the maximum amount of resources for the target server to validate. Their conclusion that the use of credential caching in conjunction with client puzzles would provide the most robust protection against Denial of Service attacks against Trust Management Systems is certainly persuasive.
Li et al also point out performance advantages of credential caching. Credential caching in Trust Management Systems provide performance advantages even if there are no Denial of Service attacks because the verification of a new credential requires only one additional signature verification. A unique aspect of credential caching as a Denial of Service defense is that the legitimate users actually participate in the defense, since the more legitimate users the server provides service to, the better the performance of the server in defending against attacks. Credential caching also has the advantage of allowing a server to have a longer maximum credential chain length. They also recognize the fact that the caching mechanism must provide credential expiration and revocation functionality.
References
Li, Jiangtao, Ninghui Li, XiaoFeng Wang and Ting Yu, Denial of Service Attacks and Defenses in Decentralized Trust Management, Proceedings of 2nd IEEE International Conference on Security and Privacy in Communication Networks, August 2006
Aura, T., P. Nikander and J. Leiwo, DoS-Resistant Authentication with Client Puzzles, Proceedings of the Cambridge Security Protocols Workshop 2000, Lecture Notes in Computer Science, Spring-Verlag, 2000.
Dean, D. and A. Stubblefield, Using Client Puzzles to Protect TLS, Proceedings of the 10th USENIX Security Symposium. USNIX, August 2001.
Meadows, C. A Cost-Based Framework for Analysis of Denial of Service Networks, Journal of Computer Security, 9:143-164, 2001.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment