1 ' 1

Singapore ICCSllSlTA '92

A Simplified and an Efficient Packet Level Internet Access Control Scheme'

Dr. M. Salman Iqbal+ and Dr. F.S.F. Poon* +Institute of Industrial Automation, Islamabad, Pakistan

*EtherTech Consultancy Limited, 11 Iford close, South Heighton, NewHaven BN9 OPG U.K.

Abstract An internet access control protocol is described. The purpose of the scheme is to allow controlled access to the internal resources of the network, and only trusted systems can gain access to external networks. This scheme is a variant of the original scheme [l] which required two levels of authentication. However, it is possible to simplify the scheme and retain the security features with only the packet level authentication. The scheme uses the RSA and the DES security algorithms to enforce access controls on internet communication requests. The simplified access control scheme does not require session initiation authentication, hence eliminating the overheads of the RSA encryption and decryption process at the hosts and network access control gateways. The overheads incurred due to the extra access control procedures are found to be smaller in comparison with the original internet access control scheme and the visa scheme 121.

Keywords: Communication Systems, Access Control, Networks.

1. Introduction One of the prime security problem is due to unauthorised access to the resources, and the damage associated with such unauthorised access in an internet environment can be very high. It is therefore necessary to implement certain access control mechanisms to protect these resources. A

number of access control schemes are currently available [1,2,3] with each directed towards different access control requirements. For example, Iqbal and Poon describes the "internet scheme" [l] that allows controlled access to the internet resources without the need to distribute packet authentication keys (PAKs) for authenticating internet communication sessions. This scheme overcomes the large overheads associated with the distribution of PAKs to hosts and gateways and also enhances the overall security level by eliminating the need to distribute PAKs. Deborah in Visa scheme [2] proposes a nondiscretionary access control policy at packet level gateways (gateways operating at the packet level). However, it requires distribution of packet authentication keys called visas, for each external communication session. This introduces large overheads, and requires extra security procedures to safely transport the PAKs (visas) to the hosts requesting external sessions. Hence, the security of the mecllanism depends largely on the protection of the visas during distribution. This paper presents a variant of the original access control scheme, developed by the authors, that retains the security features of the original scheme [l] with only the packet level authentication.

2. Simplified internet access control scheme The simplified internet access control scheme is described for internet scenario shown in Figure 1.

'The research work was carried out while the authors were at the University of Sussex U.K.

963

0 1992 IEEE

Singapore ICCS/ISITA '92

Host A requests access to Host C in Network3. The reference number acquisition procedures are invoked and the following sequence of events takes place:

(i) Host A will send an external access request to the access control gateway N12ACG, including the addresses of the destination network and the destination host in the request

(ii) N12ACG will check the accessibility, and the resource access rights of Host A (check if HostA is authorised to access the requested external network resource) and on verification will chain the request of access to its peer NACG (N21ACG).

(iii) N21ACG will verify the accessibility of N12ACG and N23ACG (same as N21ACG) chains the request to the target network (N32ACG).

(iv) The target network sends connection request to Host C and on verification of the accessibility of Network1 sends the access allowed packet to N23ACG, which is chained via N12ACG to the requesting host (Host A). Included in the access allowed packet is the reference number indicating the PAK to be used by the peer entities for computing the packet authentication code (PACs) in any subsequent transactions in that session. It is, however, important to note that a different reference number is shared between the peer communicating entities (i.e. Host A-N12ACG,

N32ACG and Host C).

packet.

N12ACG-N21ACG, N23ACG-N32ACG and

The process of initial access is solely based on the access rights of each requesting entity and no authentication procedures are adopted to verify the identities of the requesting entities. When the reference number has been distributed successfully, packet authentication procedures

are then executed:

(v) Host A computes the PAC using the reference number shared with N12ACG. The PAC is computed using the DES [4] based message authentication technique [5]. The reference number is an integer specifying an offset to the RSA private key [q shared between peer entities. From this offset the next 56 bits form the PAK to be used for calculating the PAC. More details of deriving the PAK are given in the paper describing the original internet access control scheme [l]. The computed PAC is appended at the end of external packet and both the packet and the PAC are sent to the peer N12ACG.

(vi) On successful verification of the PAC, N12ACG recomputes the PAC using the PAK agreed with N2 1 ACG and sends the packet to N21ACG

(vii) Similarly, N21ACG, after authenticating the packet recomputes the new PAC using the PAK agreed with N32ACG and sends it to N32ACG

(viii) N32ACG authenticates the packet and send the packet to destination host (Host C) with a new PAC

(ix) Host C authenticates the packet before accepting it.

The described pattern of packet transportation (v-ix) is used throughout the session. Each entity will only accept the packets stamped with the correct PAC which can only be generated by the authorised entity (the entity possessing the correct RSA private key). Hence, only the authorised entities are able to transport external packets, the lack of session initiation authentication does not allow unauthorised entities to access external resources.

In the simplified scheme, however, it is possible

964

8 1992 IEEE

Singapore ICCS/ISITA '92

to assume a false identity at the time of external network gateway (NlZACG), and four extra session request as no session initiation packets are generated to inform all the internet authentication is carried out. However, any entities (i.e. N32ACG, N21ACG, N12ACG and such attempt to send packets to external host A) of PAC failure detected at host C. networks will fail as the unauthorised entities'" do not possess the right PAK to compute a correct PAC and the packets will be trapped by the local NACG. Therefore, the level of security associated with each external packet transfer is similar to that of the previous scheme [I].

3. Overheads analysis of the simpliried scheme In the simplified internet access control scheme session initiation authentication is not needed, instead peer entities communicate at external session initiation time to exchange key number for chosing the PAK. Consider a successful session where a packet originating from host A is succesfully transported to host C for the internet model shown in Figure 1. The number of additional packets required for establishing such an external session between the two entities was traced and the sequence of events is shown in Figure 2. The trace shows that there are 8 extra packets required before host A can go into packet control mode and start transporting data packets to host C. These extra packets constitute the key number acquisition overheads for acquiring the key number in the network model shown in Figure 1. It can be deduced that the overheads of n successful external sessions is 8n packets.

In the packet control mode, no extra packets are generated if the PAC of every packet is correct throughout the communication link between the internet end entities. Extra packets are only generated when there is a failure in matching the received and the locally computed PAC. The session is terminated at the point of access control violation. Figure 2 illustrates the number of extra packets generated when a particular access control violation takes place. For example, one extra packet is generated if the PAC of host A does not match that of local

4. Comparison with the internet and visa scheme The performance study of the simplified scheme shows that it incurs much lower overheads as compared to the original internet scheme and the visa scheme without compromising the objectives of the original internet scheme i.e. simple key management, strong authentication without sharing secret information and the recipient does not have to trust the intermediate systems. In the internet scheme it was shown that the overheads of the visa scheme are much higher [l].

In the internet scheme the local host requesting the internet communication requires 21 extra packets [l], at the beginning of each external session, before it can go into the packet control mode. These extra packets constitute the session initiation authentication overheads for establishing a successful session in the network model shown in Figure 1. Hence, the overheads for n successful external sessions are 21n packets. However, for the simplified scheme as session initiation authentication is not required, only 8 extra packets are generated (Figure 2) before the entities can go into packet control mode. It can be deduced that for n sessions the simplified scheme generates (21-8)n i.e. 13n less extra packets as compared to the original internet scheme.

Additionally, the simplified scheme eliminates the overheads of the RSA encryption and decryption process at the hosts and NACGs. Hence, each external accessing entity do not need to modify its high level protocols to accommodate a session initiation dialog. The fact that RSA algorithm is no longer used for encryption or decryption in the simplified scheme, a longer RSA private key can be employed, which can result in a greater number

965

0 1992 IEEE

1 7 -

Singapore ICCS/ISITA '92

of PAKs.

The overheads associated with the machine for storing the access control software codes and key parameters is the same as for the internet scheme [l].

5. Implementation of Internet access control scheme Currently, a TCP/IP [6] (Transmission Control ProtocoyInternet Protocol) implementation of the internet access control scheme [7J is in progress on networked SUN workstations. The implementation allows the users to communicate securely either using the orignal or the simplified internet access control scheme. When amss is required to a. remote host resource the local host sends a connection-request to the clientlserver (CIS) module including the source and the complete destination address of remote host. The C/S then creates a transport endpoint (socket) and binds it to the local address [6]. If the above calls are successful a connection is then established with the remote host and C/S passes control to the access control service (ACS) module. The ACS module then enters into the packet control mode (for original internet scheme it also does session initiation authentication) and executes the access control procedures for deriving the PAK, computing the PAC and placing it into the TCP options field. The complete message including the PAC is transported to the next peer entity (gateway) in the route from source host to the destination host. The PAC is compared and recalculated in intermediate gateways until the message reaches the remote host. The connection between the communicating entities will close if the received and the locally computed PAC does not match at any intermediate gateway along the route. Finally, if there are no more messages to be transported between the end-point entities the connection between them is closed. The reliability of the Transmission Control Protocol is enhanced by including PAC in TCP/IPs options field [l]. It allows the protocol

to detect any modification in the message and also to reliably establish the origin of the message, hence this implementation of the access control scheme at TCP level makes it more suitable for secure data networks.

6. Conclusion The simplified access control mechanism allows controlled access to resources in the current internet protocols. The mechanism eliminates the need for distributing the PAKs and for carrying out the session initiation authentication. Consequently, the implementation of RSA algorithm is not required, at the hosts and the gateways, hence, the substantial overheads associated with RSA encryption and decryption process in the original scheme are overcome. Further overhead analysis show that the simplified scheme generates fewer extra packets compared to the original internet scheme and the visa scheme, and hence the internet bandwidth can be utilised more efficiently without compromising the salient features of original scheme.

References 1. Iqbal M.S. and Poon F.S.F., "Packet level access control scheme for internetwork security", IEE Proceedings Part I, Vol. 139, No. 2, April 1992. 2. Estrin D. and Tsudik G., "Visa Scheme for Inter-Org anization Network Security", Proceedings of the 1987 Symposium on Security and Privacy", pp. 174-183, Silver Spring MD, 1987. 3. Tanaka M., and Ishizawa Y., 'A gateway with an access control mechanism for network security", International Symposium on Interoperable information systems, ISIIS'88, 10th-11th November 1988, Tokyo, Japan, pp.

4. FIPS Publication 46, "Data Encryption Standard", January 1977. 5. Meyer C. H. and Matyas S. M., "Generating strong one way function with cryptographic algorithm", IBM Technical Disclosure Bulletin,

167-174

Vol. 27, Part 10A, pp. 5658-5660, March 1985.

966

0 1992 IEEE

Singapore ICCSllSlTA '92

U

t &

, 2

' 5

6

'

6. Rivest R. L., Shamir A. and Adleman L., "A Method for Obtaining Digital Signatures .and Public Key Cryptosystems" , Communications ACM, Vol. 21, No. 2, pp. 120-126 1978. 6. Comer D., Internetworking with TCPIIP, Prentice-Hall International Inc., 1988. 7. Ertaul L., English M. J., and Poon F.S.F., "A TCP/IP implementation of an internet security access control scheme", Research project in progress at School of Engineering University of Sussex, Falmer, Brighton, U.K. 1992.

Access vimlatin.

pmimts nmd reasoms

Type at s a r i n exit prrtet

cmsmectimm reqeest Lest A to I 1 2ACC

cmncctios reqmest Illegal aCCess

Y12ACC t m N2lACC emmccti.r mrt.t Illegd access N23ACG t m Y32ACC N21AC6 to

c n m c c t i m m req.ert Y32ACG t m hast C N 2 3 ~ ~ 6

aecasatlwd N32ACG to host C

N32ACG t m N23ACG

N21ACC to W12ACG

m12acl to hast A

N12AC6

Illegal access N32AC6 to

8CCC.S 8I lWd

8CCC.S 8 w d

HOSTA

NETWORK 1

18

network 12 access control gateway (N 12AC6)

~ C C C S S a 1 1 ~ e d Nl2ACG to host A

data with PAC host A to N12ACG

fai lure indicator N12ACG to bostA or 8 mew PAC Nl2ACG to N2lACG

PAC fai lure 8t Nl2ACC

failure imditator

network 21 access control gateway (N2 1 AC6)

1 1 network 23 access control gateway (N23AC6)

NETWORK2

N2lACG to Nl2ACG PAC faiture

at N2lACG m r a me- PAC 123ACG t m N32ACG

network 3 2 access control gateway

HOSTC c (N32AC6) l2

NETWORK3

fai lure i ~ d k a t o r N32ACC to N23ACG PAC ra i lare or a mew PAC N32ACG to host C

at N32ACG

Figure 1 : A typical Internetwork Environment connecting networks of different organisattons

1 I l

hostC to N32ACG or pactet cornsored at host C

I

Figure 2: Trace of packet overheads and access violations

Q 1992 IEEE

1-- :

961

__