Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 1 DISTRIBUTED.

Published byMeryl Horn Modified over 8 years ago

Similar presentations

Presentation on theme: "Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 1 DISTRIBUTED."— Presentation transcript:

1 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 1 DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 9 Security

2 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 2 Security Threats, Policies, and Mechanisms (1) Types of security threats to consider: Interception (access by unauthorized users) Interruption (service or data becomes unavailable) Modification (unauthorized changing of data or tampering with service) Fabrication (additional data or info is fabricated)

3 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 3 Security Threats, Policies, and Mechanisms (2) Important security mechanisms: 1.Encryption 2.Authentication 3.Authorization 4.Auditing

4 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 4 Example: The Globus Security Architecture (1) Globus is a wide area system supporting large-scale distributed computation (referred to as “computational grid”) Recourses in this grid are located in different domains.

5 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 5 Example: The Globus Security Architecture (2) 1.The environment consists of multiple administrative domains. 2.Local operations are subject to a local domain security policy only. 3.Global operations require the initiator to be known in each domain where the operation is carried out.

6 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 6 Example: The Globus Security Architecture (3) 4.Operations between entities in different domains require mutual authentication. 5.Global authentication replaces local authentication. 6.Controlling access to resources is subject to local security only. 7.Users can delegate rights (e.g. Read, Write, eXecute) to processes. 8.A group of processes in the same domain can share credentials.

7 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 7 Example: The Globus Security Architecture (4) User Proxy: is a process that is given permission to act on behalf of a user for a limited period of time. Resource Proxy: is a process running within a specific domain that is used to translate global operations on recourses to local operations that comply with security based on the 4 protocols on the next page:

8 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 8 Example: The Globus Security Architecture (5) Figure 9-1. The Globus security architecture.

9 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 9 Focus of Control (1) Figure 9-2. Three approaches for protection against security threats. (a) Protection against invalid operations

10 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 10 Focus of Control (2) Figure 9-2. Three approaches for protection against security threats. (b) Protection against unauthorized invocations.

11 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 11 Focus of Control (3) Figure 9-2. Three approaches for protection against security threats. (c) Protection against unauthorized users.

12 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 12 Layering of Security Mechanisms Figure 9-3. The logical organization of a distributed system into several layers. i.e. separate general-purpose services from communication services.

13 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 13 Distribution of Security Mechanisms Figure 9-5. The principle of RISSC as applied to secure distributed systems. RISSC: Reduced Interfaces for Secure System Components. i.e. prevent direct access of clients to critical servers.

14 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 14 Cryptography (1) Cryptography = Encryption + Decryption via cryptographic methods using keys Symmetric cryptography: Same secret key is used for encryption and decryption ( Example: DES = Data Encryption Standard; a widely used Symmetric algorithm ) Asymmetric cryptography: Different keys are used for encryption and decryption however together they form a unique pair. ( Example: RSA = Rivest, Shamir and Adleman; a widely used Asymmetric algorithm )

15 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 15 Cryptography (2) Figure 9-6. Intruders and eavesdroppers in communication.

16 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 16 Cryptography (3) Figure 9-7. Notation used in this chapter.

17 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 17 Symmetric Cryptosystems: DES (1) Figure 9-8. (a) The principle of DES.

18 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 18 Symmetric Cryptosystems: DES (2) Figure 9-8. (b) Outline of one encryption round.

19 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 19 Symmetric Cryptosystems: DES (3) Figure 9-9. Details of per-round key generation in DES.

20 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 20 Public-Key Cryptosystems: RSA Generating the private and public keys requires four steps: Choose two very large prime numbers, p and q. Compute n = p × q and z = (p − 1) × (q − 1). Choose a number d that is relatively prime to z ( i.e. not divisible to that number; e.g. Z = 14, 6 is relatively prime ). Compute the number e such that e × d = 1 mod z.

21 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 21 Authentication Based on a Shared Secret Key (1) Figure 9-12. Authentication based on a shared secret key.

22 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 22 Authentication Based on a Shared Secret Key (2) Figure 9-13. Authentication based on a shared secret key, but using three instead of five messages.

23 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 23 Authentication Based on a Shared Secret Key (3) Figure 9-14. The reflection attack.

24 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 24 Authentication Using a Key Distribution Center (1) Figure 9-15. The principle of using a KDC.

25 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 25 Authentication Using a Key Distribution Center (2) Figure 9-16. Using a ticket and letting Alice set up a connection to Bob.

26 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 26 Authentication Using a Key Distribution Center (3) Figure 9-17. The Needham-Schroeder authentication protocol.

27 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 27 Authentication Using a Key Distribution Center (4) Figure 9-18. Protection against malicious reuse of a previously generated session key in the Needham-Schroeder protocol.

28 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 28 Authentication Using a Key Distribution Center (5) Figure 9-19. Mutual authentication in a public-key cryptosystem.

29 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 29 Digital Signatures (1) Figure 9-20. Digital signing a message using public-key cryptography.

30 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 30 Digital Signatures (2) Figure 9-21. Digitally signing a message using a message digest.

31 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 31 Example: Kerberos (1) Figure 9-23. Authentication in Kerberos.

32 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 32 Example: Kerberos (2) Figure 9-24. Setting up a secure channel in Kerberos.

33 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 33 General Issues in Access Control Figure 9-25. General model of controlling access to objects.

34 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 34 Access Control Matrix (1) Figure 9-26. Comparison between ACLs and capabilities for protecting objects. (a) Using an ACL.

35 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 35 Access Control Matrix (2) Figure 9-26. Comparison between ACLs and capabilities for protecting objects. (b) Using capabilities.

36 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 36 Protection Domains Figure 9-27. The hierarchical organization of protection domains as groups of users.

37 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 37 Firewalls Figure 9-28. A common implementation of a firewall.

38 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 38 Protecting the Target (1) Figure 9-29. The organization of a Java sandbox.

39 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 39 Protecting the Target (2) Figure 9-30. (a) A sandbox. (b) A playground.

40 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 40 Key Establishment Figure 9-33. The principle of Diffie-Hellman key exchange.

41 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 41 Key Distribution (1) Figure 9-34. (a) Secret-key distribution. [see also Menezes et al. (1996)].

42 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 42 Key Distribution (2) Figure 9-34. (b) Public-key distribution [see also Menezes et al. (1996)].

43 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 43 Capabilities and Attribute Certificates (1) Figure 9-36. A capability in Amoeba. A capability is an unforgeable data structure for a specific resource, specifying the access rights that holder of the capability has (i.e. what am I permitted to perform on this resource? E.g. Read, Write, X,… for a file)

44 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 44 Capabilities and Attribute Certificates (2) Figure 9-37. Generation of a restricted capability from an owner capability.

Download ppt "Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 1 DISTRIBUTED."

Similar presentations

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 10: Security Threats Mechanisms Subject Object

Chapter 10: Security Threats Mechanisms Subject Object
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Security & Authentication (continued) CS-4513 D-term 20081 Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include.

Security & Authentication (continued) CS-4513 D-term Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security and Authentication CS-4513, D-Term 20071 Security and Authentication (continued) CS-4513 D-Term 2007 (Slides include materials from Operating.

Security and Authentication CS-4513, D-Term Security and Authentication (continued) CS-4513 D-Term 2007 (Slides include materials from Operating.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Security Strategies for securing Distributed Systems

Security Strategies for securing Distributed Systems
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Similar presentations

Ads by Google