Security Basics mailing list archives
Re: Security for grades stored online
From: Aarón Mizrachi <unmanarc () gmail com>
Date: Fri, 11 Dec 2009 00:41:10 -0430
On Wednesday 09 December 2009 11:57:58 Eitan Adler wrote:
I will be coding a system for a university in which teachers will be able to enter grades into a web based form. The grades will then be stored in a database and used by the university to supply the final transcript. This system is obviously a target for people wishing to change their grades. While I intend on coding securely and keeping the servers secure (no access from the internet and such) I (and the university) would like security a guarantee that is similar to that of teachers manually handing in grades. My thought was to create a hash of the names & grades which the teacher could print out and hand in to the main office. This hash (one per class) could be verified against the hash that is generated when the grades are viewed by the administration. This reduces the amount of work required to verify that the grades have not been changed and (I think) without reducing the security of the grades. Is this true? Can you find any flaws or implementation "gotchas" that I should be aware of?
Hi Eitan. I think that is a good idea, but, one of the main problems with the hashes is the generation and comparison. A hacker could carry out some types of attacks: - Generation: Changing the source code that usually make the hash to print an invalid hash when inserting scores. - Comparison: Changing the source code that generates the hash to make the hash pre-printed, but with a different grade. This can be done in two ways: - Man in the middle attack (network access required) - Modifying the source code (requires access to operating system) Additionally, another factor to be considered is the possibility for a hacker to destroy the data. ----------------- Prevent data modification between the server and the teacher eyes, is a very difficult task. ----------------------------------------------- PKI could be the solution. for example, you could install one digital certificate per-teacher, and write an application resident on the teacher computer to digitally sign the grades. This application sends the grades to a webservice and saves it with his digital signature in a database. Validation may occur at the end point ( think on firegpg ;-) or similar ), and if someone changes something (hash or data) in the network, or in the database, the digital signature will not be ok. Furthermore, you can improve it with: - Save data in a non-rewritable media, in addition to the database (eg a multisession DVD or/and printer attached to the server) - Security Hardening on the operating system and the source code - Security Hardening on teacher computers... (Very important). For extreme security you can deploy an encrypted live cd per-teacher with his certificate and his application in order to prevent certificate stealing and/or application hacking. - Declaring immutable and read-only web related files (php, asp, jsp, whatever). - Securing web services connections with SSL... SSL must have a valid digital certificate for server and clients. ------------------ I understand that live cd's does not automatic updates on the operating system, but the most of attacks will be prevented with a minimalistic OS Installation, strong security policies, and periodic updates each time that a serious security vulnerability affects libraries involved on data communication ( Eg. libssl vulns, kernel tcp stack vuln, ... ).
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f72 7d1 ------------------------------------------------------------------------
-- Ing. Aaron G. Mizrachi P. http://www.unmanarc.com T: + 58 416-6143543 BBPIN: 0x 247066C1
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Security for grades stored online Eitan Adler (Dec 10)
- Re: Security for grades stored online Aarón Mizrachi (Dec 11)
- Re: Security for grades stored online Eitan Adler (Dec 11)
- Re: Security for grades stored online Adam Mooz (Dec 11)
- Re: Security for grades stored online Eitan Adler (Dec 11)
- Message not available
- Re: Security for grades stored online Ramki B Ramakrishnan (Dec 11)
- Re: Security for grades stored online Aarón Mizrachi (Dec 11)
- <Possible follow-ups>
- FW: Security for grades stored online _john aleshunas_ (Dec 11)