Securing Data Transfers: An integrity algorithm for error recovery triangulation




Дата канвертавання19.04.2016
Памер34.8 Kb.
Securing Data Transfers:

An integrity algorithm for error recovery triangulation
Andrew Colarik

AndrewColarik.com,

mail@andrewcolarik.com
Jairo Gutiérrez

The University of Auckland

j.gutierrez@auckland.ac.nz
Lech Janczewski

The University of Auckland

l.janczewski@auckland.ac.nz

Abstract


Transferring data is one of the key operations performed by millions of users every day. Users do this by issuing direct commands, such as file transfer commands, or indirectly as a feature invoked by numerous end-user applications. The most important security characteristic of a successful data exchange is the integrity of that data. The receiver user desires to acquire data that has not been modified through malicious acts, or simple human or machine error. Applications that rely on the Transfer Control Protocol (TCP) as the main mechanism to provide end-to-end reliability, including error and sequence control, do not check the integrity of the file being transmitted prior to the transfer. In this paper, we present an overview of current data transfer mechanisms and their security provisions and propose an internal integrity mechanism that provides a triangulation means of error control through the use of one-way hash functions based on the original file being transferred; and a discussion of the implications and limitations that such a mechanism imparts on data transfer mechanisms.


Keywords

Secure Data Transfers, Security, Integrity, Error Recovery, Triangulation, Hash Product, and Hash Triplet.
Securing Data Transfers:

An integrity algorithm for error recovery triangulation


1. Introduction


Data transfers constitute one of the most commonly performed tasks in the Internet today. Users publishing files to a website, moving files that are too large for an email application, transferring files securely between different computers, uploading photos to services such as Flickr (www.flickr.com) or backing up a to a remote server are all engaged in data transfer operations. File Transfer Protocol (FTP), for example, is still used to perform bulk data transfers across networks (Grzywa et al. 2001). It is important to note that this simple-sounding task (data transfer) is essential for the interoperation of networked computers, especially when the different computing environments of modern heterogeneous networks are taken into account. Potential user devices in the network range from Personal Digital Assistants (PDAs) and mobile phones to specialized servers and large-scale corporate systems. All of these devices could operate using different word formats; they might store the data in different forms and forward their packets in non-compatible ways (big-endian vs. little-endian computers) (Tanenbaum, 2003).

2. Overview of data transfer mechanisms

There are two main approaches to perform data transfers in today’s IP-based networks. One is based on FTP and several variations to that protocol and the second, and much newer, approach is based on peer-to-peer networking configurations. Let’s review both of them.




2.1 FTP Overview


Essentially, FTP is a client-server protocol that facilitates the transfer of files between two computers connected via a network, such as the Internet (Brown & Jaatun 1992). The protocol has several fundamental components that perform the required functions for establishing the sessions between systems, and coordinates the transfer of the files. These components are as follows:

  • Server-FTP that consists of the Server Protocol Interpreter and the Server Data Transfer Process;

  • Server-side File System;

  • User-FTP that consists of the User Interface, User Protocol Interpreter, and the User Data Transfer Process;

  • User-side File System;

  • A User; and

  • A communication channel for the control and data connections.

An alternative configuration of FTP provides for the transfer between two servers through a third system that provides the control function between the servers. In both of the configurations, FTP requires that the control channel be open during the data transfer process (Postel & Reynolds 1985).


The FTP architecture is displayed below (see Figure 1):



Figure 1: FTP Architecture

Source: (Postel & Reynolds 1985)



2.1.1 Telnet authentication and encryption


As previously discussed, FTP utilizes the control connection to coordinate the data connection and execute commands on the File Systems of both the user and the server. FTP utilizes the Telnet protocol to execute the commands (Postel & Reynolds 1985). This fundamental design lends itself to security breaches that may permit eavesdropping of user ID’s, passwords, file names, and other information passed through the control channel. It also may allow an active attacker to change settings and execute commands on the file system (Brown & Jaatun 1992). This fundamental security flaw was initially addressed when Borman (1993) proposed the passing of authentication information, and a mechanism to enable encryption of the data after successful authentication for the Telnet protocol. The result was that user passwords would not be sent in clear text, and the data stream would be encrypted utilizing any general authentication and encryption system. However, it should noted that the “Telnet authentication and encryption option does not provide for integrity protection only (without confidentiality), and does not address the protection of the data channel” (Horowitz & Lunt 1997).


Scenarios

Send Request Response

Request Hash

Storage Hash

Generated Hash

Action Required / Notification Returned

h1

h1

h1

Validated file, integrity confirmed, send file

h1

h1

h2

File has changed since original message, original hash may not have been updated, confirm file integrity before continuing, regenerate hash and reconfirm

h1

h2

h2

Message to Recipient is invalid or out of date, may be invalid request, request retransmission of message

h1

h2

h1

Original hash may be corrupted, update hash file, confirm before transmitting file

h2

h1

h1

Message to Recipient is invalid or out of date, issue new notification, request retransmission of message

h2

h2

h1

File has changed since original message, original hash may not have been updated, confirm file integrity before continuing, regenerate hash and reconfirm

h2

h1

h2

Original hash may be corrupted, update hash, confirm before transmitting file

h2

h1

h3

Re-evaluate all controls for file, discontinue distribution of file, and

everyone is going to hell in a hand-basket 




Table 1: Send Request Response

5. Conclusions


A basic requirement by users is that files be transferred efficiently and without modification. File integrity, therefore, becomes a critical element in the sharing of files. During the transfer of a file, a self-correcting system would permit the user to acquire a file while the error controls would operate transparently in the background. An added feature of the Hash Triplet is that it provides the system with specific points of origins for the root error causes and allows system designers to promote a wider range of remedies.


References

    CAIS Style




Full References


Full references are single spaced, with lines after the first one indented by 5 spaces.

To achieve this indented format, use the Paragraph format in Word. Select Special: Hanging


Book

The format is: Single Space, Hanging: Author(s) (date) Title in Italics, edition in italics (if appropriate), Place of Publication: Publisher, pages(if appropriate)

Example:
McNurlin, B.C. and R.H. Sprague (1998) Information Systems Management in Practice, 6th edition, Upper Saddle River, NJ: Prentice Hall pp. 133-170. (Note that this reference uses the reference style in the style sheet. In fact, all the full references below use the reference style in the style sheet.)

Journal or Magazine Article


The format is: Single Space, Hanging: Author(s) (date) “Title”, Journal Name in Italics, (Volume) Issue, pages

Examples:


Lee, O. and P. Gray (1998) “Knowledge Base Clustering in KBS Maintenance”, Journal of Software Maintenance, (10)2, pp. 395-414

Sambamurthy, V. and W. W. Chin (1994) "The Effects of Group Attitudes toward Alternative GDSS Designs on the Decision-making Performance of Computer-Supported Groups", Decision Science (25)2, pp. 215-239.


Edited Book


The format is: Single Space, Hanging: Editors(s) (ed.) (date) Title in Italics, Publication: Publisher, pages (if appropriate)

Example:


Coleman, D. and R. Kanna (eds.) (1995) Groupware Technology and Applications, Upper Saddle River, NJ: Prentice Hall PTR.

Article in Edited Book


The format is: Single Space, Hanging: Authors(s) (date) “Title of Article” in Editor name(ed.) Title in Italics, Place of Publication: Publisher, pages

Example:


Nunamaker, J.F., R.O. Briggs, D.D. Mittleman (1995) “Electronic Meeting Systems: Ten Years of Lessons Learned” in Coleman, D. and R. Kanna (eds.) Groupware Technology and Applications, Upper Saddle River, NJ: Prentice Hall PTR, pp. 146-193.

Newspaper or Magazine Article


Author(s) (year) “Title of Article”, Name of Newspaper or Magazine in Italics, date, pages.

For newspapers and magazines, the year should be put in parenthesis after the name of the author. The exact date (but not the year) should be given after the name of the publication.


Example:
Brown, J. (1997) "Who, When, Why?" The New York Times, April 15, p. B3

DON’T FORGET!

  • To submit the copy with all the reviewing changes removed.

  • To follow the format and numbering of chapters and subchapters exactly as in the recommended paper format.

  • To show all the tables as MS-Word tables, not as in jpeg or similar format.







База данных защищена авторским правом ©shkola.of.by 2016
звярнуцца да адміністрацыі

    Галоўная старонка