HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 3

The user can see

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 3 highlights

reward the guard when he sees him again tomorrow. The boss has been running into an authentication problem. He is unable to verify his role to those in control of resources (i.e., the entrance to the building). The next day, once the boss gets back to the office, he hands the security guard his employee badge. The security guard validates the employee identification based upon the training that was provided by the hiring company and by the security company. This is known as one-way authentication. At this point, the boss gives the security guard a generous pay bonus for the work he did yesterday. The security guard is extremely happy - he wasn't even working yesterday! The boss was rewarding him for the work another security guard performed. Because the boss didn't authenticate the security guard yesterday, he ended up rewarding the wrong person. The incident with the security guard taught the boss that he better ask for an employee badge in each interview to make sure he authenticates his employees to avoid a guilty employee impersonating an innocent employee. He asks an employee named Jill into the meeting room and closes the door to keep other employees from seeing and hearing their conversation - in other words, to provide confidentiality for their interview. He asks Jill for her employee badge. Jill presents it and the boss verifies it to be valid. Jill, being really smart, has never met the boss before so she also asks for the boss' identification. Understanding the need for authentication, he presents his employee badge to Jill. This is known as mutual authentication: The boss knows that Jill is an employee of the company and Jill is sure that the boss is really the boss of the company! The boss isn't one to mince words. He makes one statement: "Tell me who did it" After he hears an answer, the boss allows Jill to go back to work and calls in an employee named Jon, asking Jon for his badge and for his answer. The rest of the interviews are conducted in this exact same way, except for the last interview. An employee named Tom is hearing impaired and the boss is unable to ask him the question. Instead, Tom writes on a piece of paper that an employee named Darren knows sign language and will act as Tom's translator. In other words, Tom authorizes Darren to be the translator. The boss asks for Darren's identification. Darren is now authenticated and authorized to perform the actions of a translator. Unfortunately for Tom, Darren actually committed the crime. When the boss said "Tell me who did it", Darren signs the question to Tom. Tom answers to Darren via sign "I don't know". Darren tells the boss verbally "He says he did it". Notice that although Tom authenticated himself to the boss, he was unable to insure the integrity of his message because he had to rely on a translator. The translator compromised the integrity of the message. Had Tom and the boss communicated openly via pen and paper, they would have been providing authentication and integrity to their messages. Fortunately for Tom, all the other employees implicated Darren and the boss already suspected Darren. Unfortunately for Darren, the boss already knew sign language but he needed Darren to implicate himself, so the boss pretended not to know it. Darren had thought Tom's sign language was only understood by them and not the boss. In other words, Darren thought their communication was confidential. There are a few takeaways from this parable: • There is always an ease-of-use versus security trade-off - witness the boss having to go back home to get his badge • Mutual authentication is always preferred over one-way authentication - witness the wrong security guard being awarded • When it comes to security, authentication without integrity is as useless as is integrity without authentication - witness how Darren was able to be authenticated and still able to corrupt Tom's message • For security to be effective, in order to be granted authorization, you must first be authenticated - what if Darren hadn't been an employee and was misleading Tom? • What is confidential can be used for good as well as bad - witness the boss' strategy for isolating employees for interviews and Darren's belief that only he and Tom understood sign language. • Be careful what powers you are giving via authorization - do you think Tom and Darren are still friends? How does this relate to IPsec? Well, in a proper deployment of IPsec, two computer systems are going to mutually authenticate each other before sending any information. All information sent after this mutual authentication will be provided with integrity, will be confidential, and will be authenticated. Let's compare and contrast a popular security protocol to help understand these concepts: HTTPS. HTTPS is HTTP running over SSL/TLS. Many individuals reading this whitepaper have purchased products over the Internet. Let's examine a simple purchase • The user browses to a web site • The user adds items to their virtual shopping cart • The user clicks "check out" • The browser switches to the HTTPS protocol rather than the HTTP protocol. The user can see this change via the Lock Icon and the HTTPS URL. • The user provides shipping information 3

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
3
reward the guard when he sees him again tomorrow.
The boss has been running into an
authentication
problem.
He is
unable to verify his role to those in control of resources (i.e., the entrance to the building).
The next day, once the boss gets back to the office, he hands the security guard his employee badge.
The security guard
validates the employee identification based upon the training that was provided by the hiring company and by the security
company.
This is known as
one-way authentication
.
At this point, the boss gives the security guard a generous pay bonus for
the work he did yesterday.
The security guard is extremely happy – he wasn’t even working yesterday!
The boss was
rewarding him for the work another security guard performed.
Because the boss didn’t
authenticate
the security guard
yesterday, he ended up rewarding the wrong person.
The incident with the security guard taught the boss that he better ask for an employee badge in each interview to make sure
he
authenticates
his employees to avoid a guilty employee impersonating an innocent employee.
He asks an employee named
Jill into the meeting room and closes the door to keep other employees from seeing and hearing their conversation – in other
words, to provide
confidentiality
for their interview.
He asks Jill for her employee badge.
Jill presents it and the boss verifies it
to be valid.
Jill, being really smart, has never met the boss before so she also asks for the boss’ identification.
Understanding
the need for
authentication
, he presents his employee badge to Jill.
This is known as
mutual authentication
: The boss knows
that Jill is an employee of the company and Jill is sure that the boss is really the boss of the company!
The boss isn’t one to mince words.
He makes one statement: “Tell me who did it” After he hears an answer, the boss allows Jill
to go back to work and calls in an employee named Jon, asking Jon for his badge and for his answer.
The rest of the
interviews are conducted in this exact same way, except for the last interview.
An employee named Tom is hearing impaired
and the boss is unable to ask him the question.
Instead, Tom writes on a piece of paper that an employee named Darren
knows sign language and will act as Tom’s translator.
In other words, Tom
authorizes
Darren to be the translator. The boss
asks for Darren’s identification.
Darren is now
authenticated
and
authorized
to perform the actions of a translator.
Unfortunately for Tom, Darren actually committed the crime.
When the boss said “Tell me who did it”, Darren signs the
question to Tom.
Tom answers to Darren via sign “I don’t know”.
Darren tells the boss verbally “He says he did it”.
Notice
that although Tom
authenticated
himself to the boss, he was unable to insure the
integrity
of his message because he had to
rely on a translator.
The translator compromised the
integrity
of the message.
Had Tom and the boss communicated openly
via pen and paper, they would have been providing
authentication
and
integrity
to their messages.
Fortunately for Tom, all the other employees implicated Darren and the boss already suspected Darren.
Unfortunately for
Darren, the boss already knew sign language but he needed Darren to implicate himself, so the boss pretended not to know it.
Darren had thought Tom’s sign language was only understood by them and not the boss.
In other words, Darren thought their
communication was
confidential
.
There are a few takeaways from this parable:
There is always an ease-of-use versus security trade-off – witness the boss having to go back home to get his badge
Mutual
authentication
is always preferred over
one-way
authentication
– witness the wrong security guard being
awarded
When it comes to security,
authentication
without
integrity
is as useless as is
integrity
without
authentication
– witness
how Darren was able to be authenticated and still able to corrupt Tom’s message
For security to be effective, in order to be granted
authorization
, you must first be
authenticated
– what if Darren
hadn’t been an employee and was misleading Tom?
What is
confidential
can be used for good as well as bad – witness the boss’ strategy for isolating employees for
interviews and Darren’s belief that only he and Tom understood sign language.
Be careful what powers you are giving via
authorization
– do you think Tom and Darren are still friends?
How does this relate to IPsec?
Well, in a proper deployment of IPsec, two computer systems are
going to
mutually authenticate
each other before sending any information.
All information sent after
this
mutual authentication
will be provided with
integrity
, will be
confidential
, and will be
authenticated
.
Let’s compare and contrast a popular security protocol to help understand these concepts: HTTPS.
HTTPS is HTTP running over SSL/TLS.
Many individuals reading this whitepaper have purchased
products over the Internet.
Let’s examine a simple purchase
The user browses to a web site
The user adds items to their virtual shopping cart
The user clicks “check out”
The browser switches to the HTTPS protocol rather than the HTTP protocol.
The user can see
this change via the Lock Icon and the HTTPS URL.
The user provides shipping information