Presentation is loading. Please wait.

Presentation is loading. Please wait.

Issues Relevant To Distributed Security xuhong Zhang.

Similar presentations


Presentation on theme: "Issues Relevant To Distributed Security xuhong Zhang."— Presentation transcript:

1 Issues Relevant To Distributed Security xuhong Zhang

2  Security in Distributed Systems  Popular Security Mechanism in Distributed Systems  Protection Methods Against Security Threats  Complex Security Policies  Concept of Proxy  Covert channels  Traffic analysis prevention  Auditing  Current research  Future work OUTLINE

3  Different from operating system security:  No central trusted authority that mediates interaction between users and processes.  Distributed system runs on top of a large number of loosely coupled autonomous hosts, that maybe running different OS’s with possibly different security policies.  So, issue of security becomes even more complex in Distributed Systems.  Two Key Terms  Objects, example:- a file  Subjects, example:- a user Security in Distributed Systems[1]

4  Authentication  Allows only authentic subjects to have access to the system.  Authorization  Allows an object access only to authorized subjects.  Auditing  Process of maintaining an audit log which records all activity. This helps in tracing security attacks. Protection Methods Against Security Threats [2]

5 Complex Security policies  The Access Control List (ACL) and Capability List (CL) security models are stateless. Properties remain fixed unless explicitly changed by the server.  Complex Access Control Policies are state dependent. Authorization of access depends on subjects past history and interaction with other objects. [1998 Chow and Johnson]

6  Complex access control policies have state dependent security requirements.  Example:- A security policy which decides its course by reading the subject’s past access history:  A subject S is not allowed to access object O1 if it has read object O2.  “If” is the keyword here which makes the security policies in distributed systems state dependent. …..Complex Security policies[2]

7  Information flow model:  lattice structure in which information can flow in the direction the properties used to construct the lattice permit.  But, In Distributed Systems,  There are some applications which need information flow which violates some properties of lattice.  These are called information flow exceptions. Multilevel Information Flow Exceptions[2]

8  There are 3 types of information flow exceptions:  Transitivity: A->B and B->C implies A->C  Transitivity exception : A->B and B->C but A-/->C  Aggregation: A->C and B->C implies A U B ->C  Aggregation exception: A->C and B->C, but A U B -/->C  Separation: A U B ->C implies A->C and B->C  Separation exception: A U B ->C,but A -/-> C and B -/-> C ….. Multilevel Information Flow Exceptions[2]

9  Main operations between entities in access control are:  Read(confidentiality)&Write(integrity).  So, A → B means A writes information to object B. Redefining flow exceptions in terms of Access Control[2]

10 ……Redefining flow exceptions in terms of Access Control[2]

11 Computer Automated Bank Loan Application  Only clerk(S 1 ) can prepare loan application (write permissions for object O).  One of two bank officers, the manager (S 2 ) or accountant (S 3 ) (but not both) must approve the application (append permissions).  Approved loan is the appended with electronic check signed by both bank manager (S 2 ) and cashier (S 4 ). Example of a Complex Access Control Policy

12 Graphical Representation

13  Definition:  A “Proxy” is a certificate which verifies that a subject has truly given a subset of its rights to another subject for performing some tasks on its behalf.  Usage example:  A client process makes a request to a print server to print a file.  The client can make the print server its proxy. Proxy and its use[2][3]

14  Amount of file transfer in the network is reduced.  Client does not have to wait for print server even if it does not have sufficient buffer space for the file at the time of the request.  So, the delegation of responsibilities to proxies improves the efficiency of processing. Advantages of Proxy[2][3]

15  Definition:-  A communication path that conveys information illegitimately by seemingly legitimate use of computer resources.  Maybe intentional or unintentional  Traditionally, categories of covert channels:  Storage channels  Timing channels  Network covert channels Covert Channels[2][4]

16  The key is to regulate information flow in the network such that the spatial and temporal imparity of the network traffic pattern is reduced.  Common approaches:-  Encryption  Padding  Routing  Scheduling Traffic Analysis Prevention[2]

17  Passive protection – acts as a last resort when other mechanisms such as authentication and authorization are not sufficient to protect the security of the system  Can be performed online in the firewalls for early detection of threats or offline when an attack or problem has already occured  Maintain log files that record all activity in the system and the network Auditing

18  Security policy conformance is a crucial issue in large- scale critical cyber-infrastructure  Previous methods do not adequately addressed the issue of scaling to networks of thousands of nodes or of resilience to attacks  This new approach addresses the scaling problem by decomposing policies and distributing the validation process Current Research Distributed Security Policy Conformance

19  Each of the complex rules that define the compliant and non-compliant states of the system is decomposed into local components and an aggregate component  Securely delegate the validation of local components to secure agents installed on hosts.  These agents are able to reliably monitor the state of the system using virtual machine introspection.  Using this information, we partition the validation of aggregate components across several distributed servers. Current research

20

21  One approach in auditing : Artificially Intelligent systems that enforce security policies and detect/prevent attacks based on past occurrences and heuristics Future Work

22  [1]. Feng, Fujun; Lin, Chuang; Peng, Dongsheng; Li, Junshan. “A Trust and Context Based Access Control Model for Distributed Systems” High Performance Computing and Communications, HPCC '08. 10th IEEE International Conference on Sept Page(s):629 – 634 High Performance Computing and Communications, HPCC '08. 10th IEEE International Conference on  [2]. Distributed Operating Systems & Algorithms, Randy Chow and Theodore Johnson, Addison Wesley,  [3]. Dave, A.; Sefika, M.; Campbell, R.H.; “ Proxies, application interfaces, and distributed system” Object Orientation in Operating Systems, 1992., Proceedings of the Second International Workshop on Sept Page(s): Object Orientation in Operating Systems, 1992., Proceedings of the Second International Workshop on  [4]. 1 Nov.,2008  [5]. Montanari, Mirko, Chan Ellick, Larson Kevin, Yoo Wucherl, and Campbell Roy H. “Distributed Security Policy Conformance”, 2011Distributed Security Policy Conformance REFERENCES


Download ppt "Issues Relevant To Distributed Security xuhong Zhang."

Similar presentations


Ads by Google