安全与安全身份验证:SSL与SASL [英] Security & Authentication: SSL vs SASL
问题描述
我的理解是SASL是一个MD5 / Kerberos协议,几乎完全相同。
所以我的问题是:选择这两种方式的优缺点是什么?基本上,我正在寻找一些在选择SSL或使用SASL时遵循的指导原则。感谢提前!
由于SSL / TLS是一种通信协议,因此比较SSL / TLS和SASL非常困难,而SASL是与其他协议集成的框架。 (其实你可以在某些情况下同时使用。)
此外,你提到的是Kerberos,这是一个认证协议(可以与SSL / TLS或SASL一起使用或独立使用)。您的问题似乎表明,是否使用Kerberos您应该首先选择的主要子问题之一。
SASL本质上是一个允许可插拔认证的间接层系统和现有应用协议(例如LDAP,SMTP,Subversion,...)中的数据安全性,尽管这些协议需要了解此扩展(例如 SMTP验证)。是否以及如何提供安全身份验证和数据加密在很大程度上取决于底层机制在这个框架。以下是 svnserve 文档:内置的CRAM-MD5机制不支持加密,但DIGEST-MD5不支持加密。
如果要使用Kerberos与SASL,您将需要另一个间接级别: GSS-API (最常用于Kerberos,但也可以允许其他机制)。 (请注意,在SASL的上下文中, GSSAPI 似乎暗示了Kerberos,不像其 GS2 后继。)
SSL的一般目标/ TLS是为了确保客户端和服务器之间的通信(完整性和机密性)。客户端应始终检查SSL / TLS服务器的身份,并为服务器提供检查客户端身份的机制。它可以做的还取决于它的配置方式。 SSL / TLS最常用于X.509证书:浏览器可以检查HTTPS服务器的身份。还可以将服务器配置为请求客户端使用证书来识别自己(客户端证书身份验证)。
但是,如果要使用Kerberos,可以使用TLS Kerberos密码套件。这不太常见,但它们是在JSSE中实现
其实现通常提供类似于使用纯TCP连接的API类型:在Java中,一旦配置,您可以或多或少地使用 SSLSocket ,就像使用一个简单的 Socket 一样。虽然一些协议具有明确的命令来从普通的连接切换到SSL / TLS,但这并不需要在套接字顶部的协议的特定意识()。它也可以提供认证。在Java中, JSSE 是默认SSL / TLS实现,您可以访问 SSLSocket (或 SSLEngine ,如果您足够勇敢) / p>
您可能想要阅读 何时使用Java GSS-API与JSSE ,类似于SASL vs. SSL / TLS(尽管它不是似乎已经更新了一段时间,因为JSSE 现在支持Kerberos密码套件,至少从Oracle Java 6开始)。
我承认我对SASL的了解少于SSL / TLS,但是通过SASL进行数据加密听起来就像是要更多的工作。它似乎没有特定的SSL / TLS功能,如由EDH密码套件提供的完美转发保密。有一个使用SASL的示例在GSSAPI(Kerberos这里)在JGSS教程:你需要明确地打包/解开数据,你不必在使用 SSLSocket
我认为您的主要关注点应该是首先确定要使用哪种身份验证机制:Kerberos,X.509证书或其他内容。这将对您的整体架构产生更大的影响,并且都可以与SASL和SSL / TLS一起使用(更多的是,如果您使用具有 EXTERNAL 机制的SASL, SSL / TLS连接)。
- Kerberos非常集中。除了可以联系您的应用服务器外,客户端还需要能够联系KDC进行身份验证。客户端也需要配置使用该KDC。从用户的角度来看,他们可以使用密码。
- X.509更分散。但是,您可能需要为您的用户证书部署证书颁发机构(或使用商业版本)。用户需要获得证书和私钥,有些可能会发现这些密钥太复杂了。
JAAS进入它,因为它是一般的Java处理认证和授权的框架。这与安全管理人员的概念密切相关。它为您提供了 主题和主体 。这不直接与协议或通信相关联,而是与您在应用程序中建立身份验证和授权的方式。 (它为您提供了一套标准的课程。)
(我一般建议通过 Java参考文档,提到你所说的话:JGSS,SASL,...虽然他们'不一定很容易阅读。)
My understanding is that SSL combines an encryption algorithm (like AES, DES, etc.) with a key exchange method (like Diffier-Hellman) to provide secure encryption and identification services between two endpoints on an un-secure network (like the Internet).
My understanding is that SASL is an MD5/Kerberos protocol that pretty much does the same thing.
So my question: what are the pros/cons to choosing both and what scenarios make either more preferable? Basically, I'm looking for some guidelines to follow when choosing SSL or to go with SASL instead. Thanks in advance!
It's quite difficult to compare SSL/TLS and SASL, because SSL/TLS is a communication protocol, whereas SASL is a framework, integrated with other protocols. (In fact, you can use both at the same time in some circumstances.)
In addition, you're mentioning Kerberos, which is indeed an authentication protocol (which can be used with SSL/TLS or SASL or independently both). Your question seems to suggest that whether or not to use Kerberos one of the main sub-problems you should choose first.
SASL is essentially an indirection layer to allow for pluggable authentication systems and data security in existing application protocols (e.g LDAP, SMTP, Subversion, ...), although these protocols need to be aware of this extension (e.g. SMTP auth). Whether and how it provides secure authentication and data encryption depend heavily on what underlying mechanism is used within this framework. Here is an example from the svnserve documentation: "The built-in CRAM-MD5 mechanism doesn't support encryption, but DIGEST-MD5 does".
If you want to use Kerberos with SASL, you will need another level of indirection: GSS-API (which is most commonly used with Kerberos, but can also allow for other mechanisms). (Note that GSSAPI in the context of SASL seems to imply Kerberos anyway, unlike its GS2 successor.)
The general goal of SSL/TLS is to secure the communication (integrity and confidentiality) between a client and a server. The client should always check the identity of the SSL/TLS server, and it provides mechanisms for server to check the identity of the client too. What it can do also depends on how it is configured. SSL/TLS is most commonly used with X.509 certificates: that's how a browser can check the identity of an HTTPS server. Servers can also be configured to request the client to use a certificate to identify themselves (client-certificate authentication). However, if you want to use Kerberos, you can use TLS Kerberos cipher suites. This is much less common, but they are implemented in the JSSE.
Its implementations usually provide APIs similar to what you get with plain TCP connections: in Java, once configured, you can more or less use an SSLSocket as you would use a plain Socket. This doesn't require specific awareness by the protocol on top of the socket, although some protocols have explicit commands to switch to SSL/TLS from a plain connection (Implicit v.s. Explicit SSL/TLS). It can also provide authentication. In Java, the JSSE is the default SSL/TLS implementation, which gives you access to SSLSocket (or SSLEngine if you're brave enough).
You might want to read "When to use Java GSS-API vs. JSSE", which is similar to "SASL vs. SSL/TLS" (although it doesn't seem to have been updated for a while, since the JSSE does support Kerberos cipher suites now, at least since Oracle Java 6).
I'll admit I know less about SASL than about SSL/TLS, but doing data encryption via SASL sounds like it's going to be more work. It doesn't seem to have certain SSL/TLS features such as the Perfect Forward Secrecy offered by EDH cipher suites. There is an example that uses SASL with GSSAPI (Kerberos here) in the JGSS tutorial: you need to wrap/unwrap the data explicitly, which you wouldn't have to do when using SSLSockets.
I think your main concern should be to decide which authentication mechanism you want to use in the first place: Kerberos, X.509 certificates, or something else. This will have more impact on your overall architecture, and both can be used with SASL and SSL/TLS (more so if you use SASL with an EXTERNAL mechanism, when on top of an SSL/TLS connection).
- Kerberos is very centralised. The client will need to be able to contact the KDC to authenticate, in addition to being able to contact your application server. The clients will also need to be configured to use that KDC. From a user's point of view, they can use passwords.
- X.509 is more decentralised. However, you may need to deploy a Certification Authority (or use a commercial one) for your user certificates. Users will need to be given certificates and private keys, which some might find too complex.
JAAS comes into it because it's the general Java framework for dealing with authentication and authorisation. It's very closely linked to the notion of security managers. It gives you the notion of Subject and Principal. This isn't directly linked to the protocols or the communication, but rather to the way you model authentication and authorisation within your application. (It gives you a standard set of classes to do so.)
(I'd generally suggest to go through the Java reference documents that mention the words you're after: JGSS, SASL, ..., although they're not necessarily easy to read.)
这篇关于安全与安全身份验证:SSL与SASL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
