Professional Documents
Culture Documents
Chapter 7 Security: Distributed System
Chapter 7 Security: Distributed System
Chapter 7 Security: Distributed System
Objectives
• Various mechanisms that incorporated in DS to support security.
• Security policies.
• General design issues on security
• Cryptography
Security Policies
• Describes precisely which actions the entities in a system are allowed to take and vice
versa.
• E.g. Students registration system.
• Requirements would include that students should not be able to
• Also, there may be a restricted group of people that should be given read access to
registration records, whereas only the responsible lecturer e.g. program leader/year leader
should be given full access.
Security Mechanisms
Types of security mechanisms to consider:
• Encryption – Transform the data in which attacker cannot understand.
• Authentication – used verify the claimed identity of a user, client, hosts, servers and other
entity.
• Authorization – Check whether client is authorised to perform the action requested.
• Auditing – Audit logs can be useful for the analysis of a security breach and taking
measures against intruders.
2. Local operations – i.e. operations that are carried out only within a single domain are subject
to a local domain security policy only.
3. Global operations – i.e. operations involved several domains, require the initiator to be known
in each domain where the operation is carried out.
Figure 7-2. Three approaches for protection against security threats. (a)
Protection against invalid operations
ALL RIGHTS RESERVED
No part of this document may be reproduced without written approval from Limkokwing University of Creative Technology Worldwide
FACULTY OF INFORMATION & COMMUNICATION TECHNOLOGY
Figure 7-2. Three approaches for protection against security threats. (b) Protection
against unauthorized invocations.
e.g. In many
universities/banks, certain
data/applications are
restricted to be used by
faculty/staff members only.
Students are not allowed.
Figure 7-2. Three approaches for protection against security threats. (c) Protection
against unauthorized users.
• Figure 7-3. The logical organization of a distributed system into several layers.
Organization located at different sites that are connected through a comm. Service such as
SMDS (Switched Multi-megabit Data Service)
- Security – Placing encryption device at each SMDS router.
Preventing client and their applications directly accessed to critical services – RISSC
Approach. Clients and their application run on different machines and can access the
secured server only through these network interface.
Cryptography
Fundamental of security in DS is the use of Cryptographic techniques.
• E.g. S R (send mesg. m)
• Before sending the sender encrypt m m’ (unintelligible)
• Upon receiving, R decrypt m’ m
• Encryption and decryption are accomplished by using cryptographic methods parameterized
by keys.
Cryptography (1)
Types of Cryptography
• Symmetric Cryptosystem – The same key is used to encrypt and decrypt a message.
P = DK(EK(P))
• Asymmetric Cryptosystem – The keys for encryption and decryption are different .
P = DKD(EKE(P))
There is a separate key KE and KD for encryption and decryption. One is made public and the
other is private.
Scenario
• Alice wants to send a confidential mesg to Bob, she should use Bob’s public key to encrypt
the mesg. because Bob is the only one holding the private decryption key.
A (Bob’s public key) encrypt mesg.
• Bob wants to ensure the mesg comes from Alice, In this case Alice keep her encryption key
private to encrypt the mesg she sent, and if Bob successfully decrypt the mesg using Alice’s
public key he knows that the mesg comes from Alice because the decryption key is uniquely
tied to the encryption key.
B (Alice’s public key) decrypt mesg.
Cryptography (2)
E.g. 2100 = 2 X 2 X 3 X 5 X 5 X 7
• brute force decryption (try each key - . It involves systematically checking all possible
keys until the correct key is found) taking 1 sec on DES, takes 149 trillion years for
AES
64-bit output
Security Management
• General management of cryptographic keys
• Problem of securely managing a group of servers
Key Establishment
-Value n & g – two large num. agreed upon by Alice and Bob.
-Value x and y is secret for both parties.
-Alice send value n and g together with g x mod n – send as plaintext.
- Now both party have shared secret key g xy mod n
X – Private key gx mod n – Public key
Figure 7-34. (a) Secret-key distribution. [see also Menezes et al. (1996)].
The shared secret key must be communicated along a secure channel but if there is no
keys available, they can send it through a phone call/send on a floppy disks.
Figure 7-34. (b) Public-key distribution [see also Menezes et al. (1996)].
Public key certificates – consists of public key together with a string identifying the entity to
which that the key is associated.
The public key + identifier signed by certification authority. E.g. the public keys of various
certification authorities are built into most Web browsers and shipped with the binaries
References
These slides are taken from Tanenbaum & Van Steen, Distributed Systems:
Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved.
0-13-239227-5
Sub Point #1
Security Threats,
Policies, and
Mechanisms
Sub Point #4
Diffie-Hellman Key KEY Sub Point #2
The Globus Security
Exchange POINTS Architecture
Sub Point #3
Cryptography
End of Lecture