Fig. 1: Smart card used by the ADEPT. Actual size is
approx. 1.75" x 3"
A good starting point to understand the SAC Approach is the paper Safe Areas of Computation for Secure Computing with Insecure Applications (.doc or .ps format), which was presented at the Fifteenth Annual Computer Security Applications Conference, December 1999. This paper presents the SAC architecture and walks through the steps taken in an actual session. Implementing Security Policies Using the Safe Areas of Computation Approach (.doc or .ps), which was presented at the Sixteenth Annual Computer Security Applications Conference, December 2000, describes the use of access control lists (ACLs) in the SAC approach and demonstrates their use in a real world application. Other documents available are the SAC Client Side Programmer's Manual and the SAC Server Side Programmer's Manual. Andre Dos Santos' Ph.D. Dissertation is on the SAC Approach and is available in .doc format.
The Safe Areas of Computation approach is currently being tested for protecting accesses to the Alexandria Digital Library (ADEPT).
This research is supported by Infineon Technologies, Mondex, Pulsepoint, Siemens, and Xerox.
Fig. 1: Smart card used by the ADEPT. Actual size is
approx. 1.75" x 3"
The primary applications that have benefited most from the SAC Approach are client-server applications. In normal client-server applications currently supported, there is a logical connection between the User and the Server side of the application. The Client acts as an interface the the services provided by the Server, and all transactions are assumed to travel over an insecure medium. Many clients and servers use encryption to provide confidentiality to the session, however, strong authentication is not possible in this environment. Further, there is no support for both maintaining persistent state across sessions and mobility.
The SAC Approach allows client-server applications to support: mobility, persistent state, strong authentication, confidentiality, and data integrity. An application can have some data or some services that need the extra security while others do not. Sessions wherein no access to sensitive data or services is made can be performed without the smart card (thus providing the status quo requires no extra work). Sessions that contain accesses to sensitive data or services require the presence of the smart card.
When a User desires access to a sensitve set of data or a sensitive service, the User is asked to authenticate himself to the smart card (authentication is performed via a PIN number). Once the User authenticates himself to the smart card, the smart card and the server application mutually authenticate each other (via public-key cryptographic algorithms). The smart card and the server then set up a logically secure channel (using a conventional cryptographic algorithm). The logically secure connection provides authentication, non-repudiation, integrity, and confidentiality. All sensitive requests (and only sensitive requests) from the User to the client-side of the application must first be authorized by the smart card. If the smart card permits the access, it sends the request via the secure connection to the server where the server likewise validates the access. If access is permitted by the server, the access is granted and the information requested is encrypted, and the information is sent to the client, and the key is sent back to the smart card (over the secure connection). The smart card makes one last verification of the User's right to access the information and then gives the decryption key to the client-side application. The client-side application is assumed to know how to decrypt the information, protect the confidentiality of the information, and sanitize it appropriately when it is no longer needed.
The smart card uses access control lists (ACLs) to determine what the User is authorized to do. There are three different types of access control entries: simple, heirarchical, and complex. A large number of services can be provided easily with these types of entries. The complex access control entry allows for maintaining state across sessions. For example, tokens (representing currency) could be added to or subtracted from. There is also sufficient state to maintain items like a social security number, driver's license number, etc. The heirarchical entry allows for bounding access to classes of access; one example would be the military's model of clearance level and compartment (eg, Top Secret/Nuclear,or Sensitive Unclassified/Personnel). The simple entry contains a label and authorization is allowed only if the object accessed has the same label. These entries have been used to provide successful prototypes for two different service providers: a digital library, and a bank. The smart cards have sufficient persistent storage to provide upwards of 30 different service providers an opportunity to retain about 32 access control entries of each type for a particular user.
Although the SAC Approach does not solve all security problems relative to interactions over an insecure medium, it is a significant improvement over the status quo. It reduces the number of opportunities for attack while simultaneously increasing the number of client-server applications that can be implemented over the Internet.