A Comparison of SESAME and SSL for Intranet and Internet Security

1 Introduction
particular applications like telnet, ftp, e-mail (PGP, S/MIME), or corporate applications. It is also possible to secure other layers in the networking hierarchy like IP (IPv6) and the transport layer (SSL/TLS). An infrastructure for securing applications can be provided and security protocols can be de ned that can be implemented by all. Even more importantly an understanding of what security services are required is needed. These security services include the authentication of users and network entities, the protection of data in transit (integrity/con dentiality), nonrepudiation of data, access control for users, single sign-on solutions, key distribution, providing auditing information. Other considerations such as cryptographic policy and key escrow requirements can also in uence the design process of a secure network. The purpose of this paper is to examine two recent proposals for network security: SESAME and SSL. The paper aims to highlight the di erences in the two solutions. The paper is structured as follows. The second section gives a brief overview of the SESAME and SSL technologies. The next section compares these two solutions. From this comparison we conclude that it would be very interesting to combine SSL and SESAME. Therefore we suggest some possibilities for their integration. The paper nishes with our conclusions.
Mark Vandenwauver Joris Claessens
Abstract
In recent years there has been a phenomenal increase in the use of networking. Both Internet and Intranets have become a standard infrastructure to exchange information. Due to their success it has become possible to o er services that were unthinkable ve years ago: electronic commerce, distance learning, remote libraries, etc. Cryptographic solutions are essential to protect computer assets and more speci cally for electronic commerce to become successful. Moreover, the future growth of the Internet depends on how well it is or will be secured. Two proposals for providing cryptographic protection for networks are the SESAME security architecture and the SSL solution. The purpose of this paper is to compare these two solutions: where they t in the TCP/IP model, what security services they provide, what cryptographic technology is used by each solution, the applications supported, the availability and nally a description of their limitations. The paper nishes by introducing two schemes for the integration of SESAME and SSL.
A COMPARISON OF SESAME AND SSL FOR INTRANET AND INTERNET SECURITY
Paul Байду номын сангаасshley
Information Security Research Center Katholieke Universiteit Leuven School of Data Communications Dept. Elektrotechniek, ESAT-COSIC Queensland University of Technology Kardinaal Mercierlaan 94 GPO Box 2434, Brisbane - AUSTRALIA B-3001 Heverlee - BELGIUM Tel. +61 7 3864 1940 Tel. +32 16 32 11 34 Fax +61 7 3221 2384 Fax. +32 16 32 19 86 ashley@ .au mark.vandenwauver@esat.kuleuven.ac.be joris.claessens@esat.kuleuven.ac.be
Keywords
SESAME, SSL, Intranet, Internet, network security Intranets and the Internet are core components of most organisations' communications infrastructure. The Internet especially is seen as an e ective way to exchange information and more importantly as a medium for electronic commerce. Future growth in the use of Intranets and the Internet depends very heavily on how well they can be secured. Networks can be secured by securing
2 An Overview of SESAME and SSL
2.1 SESAME
SESAME Kaijser et al., 1994, Vandenwauver, 1996] is the result of a European collaboration between Bull, ICL and Siemens together with some leading European research groups. The project was funded by the EC under the auspices of its RACE program. SESAME is an acronym for \A Secure European System for Applications in a Multi-vendor Environment". Figure 1 gives an overview of the SESAME security architecture. It is possible to distinguish four boundaries in the architecture: the client, the domain security server, the (application) server, and the support components. The client system incorporates the User Sponsor (US), Authentication Privilege Attribute (APA) Client, Secure Association Context Manager (SACM) and client application code. The User Sponsor gives the user the interface to the SESAME system, allowing the user to logon to the system. The APA is used by the User Sponsor for the communication with the domain security server. The SACM provides the data protection services (data authentication, data con dentiality, non-repudiation) for the client-server interaction. The Domain Security Server consists of three servers and is very similar to the Kerberos one Kohl and Neuman, 1993]. The main di erence is the presence of the Privilege Attribute Server (PAS) in SESAME. This server has been added to manage the access control mechanism that is implemented by SESAME. Because of its many advantages SESAME has opted to implement role based access control (RBAC) Vandenwauver et al., 1997a]. The scheme is enforced using Privilege Attribute Certi cates (PACs) ECMA 219, 1996]. These PACs contain the information about the user that is needed to make access control decisions. They are digitally signed by the PAS. The Authentication Server (AS) and Key