Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Slides:



Advertisements
Similar presentations
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Advertisements

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chapter 10: Security Threats Mechanisms Subject Object
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Security & Authentication (continued) CS-4513 D-term Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security and Authentication CS-4513, D-Term Security and Authentication (continued) CS-4513 D-Term 2007 (Slides include materials from Operating.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Network Security 4/17/2017
Security Strategies for securing Distributed Systems
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011 Network Security Chapter 8.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
Security Chapter 8.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Chapter 21 Distributed System Security Copyright © 2008.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Information Security in Distributed Systems Distributed Systems1.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Computer Communication & Networks
Chapter 8 Network Security.
Introduction to Security
9.2 SECURE CHANNELS Medisetty Swathy.
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
CDK: Chapter 7 TvS: Chapter 9
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Presentation transcript:

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 9 Security

Types of Threats  Interception. Unauthorized party gaining access to a service or data. E.g. eavesdropping, illegally copying data.  Interruption. Services or data becoming unavailable, unusable, destroyed. E.g. intentional file corruption, denial of service attacks.  Modification. Unauthorized changing of data or service so that it no longer adheres to its original specification.  Fabrication. Additional data or activity is generated that would normally not exist. E.g., adding entry to password file or database, breaking into a system by replaying previously sent messages.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Security Mechanism  Encryption. Encryption transforms data into something an attacker cannot understand. In other words, encryption provides a means to implement data confidentiality.  Authentication. Used to verify the claimed identity of a user, client, server, host, or other entity.  Authorization. It is necessary to check whether that client is authorized to perform the action requested.  Auditing. Used to trace which clients accessed what, and which way.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Example: The Globus Security Architecture (1)‏ 1.The environment consists of multiple administrative domains. 2.Local operations are subject to a local domain security policy only. 3.Global operations require the initiator to be known in each domain where the operation is carried out.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Example: The Globus Security Architecture (2)‏ 1.Operations between entities in different domains require mutual authentication. 2.Global authentication replaces local authentication. 3.Controlling access to resources is subject to local security only. 4.Users can delegate rights to processes. 5.A group of processes in the same domain can share credentials.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Example: The Globus Security Architecture (2)‏ Figure 9-1. The Globus security architecture.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Focus of Control (1)‏ Figure 9-2. Three approaches for protection against security threats. (a) Protection against invalid operations

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Focus of Control (2)‏ Figure 9-2. Three approaches for protection against security threats. (b) Protection against unauthorized invocations.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Focus of Control (3)‏ Figure 9-2. Three approaches for protection against security threats. (c) Protection against unauthorized users.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Layering of Security Mechanisms (1)‏ Figure 9-3. The logical organization of a distributed system into several layers.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Layering of Security Mechanisms (2)‏ Figure 9-4. Several sites connected through a wide-area backbone service.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Distribution of Security Mechanisms Figure 9-5. The principle of RISSC as applied to secure distributed systems.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Cryptography (1)‏ Figure 9-6. Intruders and eavesdroppers in communication.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Cryptography (2)‏ Figure 9-7. Notation used in this chapter.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Symmetric Cryptosystems: DES (1)‏ Figure 9-8. (a) The principle of DES.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Symmetric Cryptosystems: DES (2)‏ Figure 9-8. (b) Outline of one encryption round.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Symmetric Cryptosystems: DES (3)‏ Figure 9-9. Details of per-round key generation in DES.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Advanced Encryption Standard The Advanced Encryption Standard (AES) (also known as Rijndael), is a block cipher adopted as an encryption standard by the US government. It has been analyzed extensively and is now used worldwide. Unlike DES, AES is a substitution-permutation network. AES is fast in both software and hardware, is relatively easy to implement and requires little memory.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Public-Key Cryptosystems: RSA Generating the private and public keys requires four steps: Choose two very large prime numbers, p and q. Compute n = p × q and z = (p − 1) × (q − 1). Choose a number d that is relatively prime to z. Compute the number e such that e × d = 1 mod z.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Hash Functions: MD5 (1)‏ Figure The structure of MD5.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Hash Functions : MD5 (3)‏ The 16 iterations during the first round in a phase in MD5. The C's are predefined constants. A 512-bit block is divided into bit blocks b 0...b 15 for processing.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Authentication Based on a Shared Secret Key (1)‏ Authentication based on a shared secret key. An example of a challenge-response protocol.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Authentication Based on a Shared Secret Key (2)‏ In correct authentication based on a shared secret key, but using three instead of five messages.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Authentication Based on a Shared Secret Key (3)‏ Figure The reflection attack.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Authentication Using a Key Distribution Center (1)‏ The principle of using a KDC. What if Alice starts opening a connection with Bob before Bob receives his message from the KDC?

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Authentication Using a Key Distribution Center (2)‏ Figure Using a ticket and letting Alice set up a connection to Bob.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Observations Need for nonces. Suppose Alice does not send a nonce. Also suppose Chuck has stolen one of Bob's old keys and intercepted an old response from the KDC. When Alice requests to set up a secure channel with Bob. Chuck replays the old message, fooling Alice into thinking that he is Bob. And Chuck can also decrypt the ticket to confirm that he is Bob. Need for sending B in message 1 and 2. Without it, Chuck can intercept message 1 from Alice by replacing Bob's identity with Chuck's. The KDC would then think that Alice wants to set up a secure channel with Chuck and responds accordingly. As soon as Alice wants to contact Bob, Chuck intercepts the message and fools Alice into believing that she is talking to Bob.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Authentication Using a Key Distribution Center (4)‏ Figure Protection against malicious reuse of a previously generated session key in the Needham-Schroeder protocol.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Authentication Using a Key Distribution Center (5)‏ Figure Mutual authentication in a public-key cryptosystem.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Digital Signatures (1)‏ Figure Digital signing a message using public-key cryptography.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Digital Signatures (2)‏ Figure Digitally signing a message using a message digest.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Secure Replicated Servers Figure Sharing a secret signature in a group of replicated servers.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Example: Kerberos (1)‏ Figure Authentication in Kerberos. Authentication server Ticket Granting Service

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Example: Kerberos (2)‏ Figure Setting up a secure channel in Kerberos.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved General Issues in Access Control Figure General model of controlling access to objects.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Access Control Matrix (1)‏ Figure Comparison between ACLs and capabilities for protecting objects. (a) Using an ACL.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Access Control Matrix (2)‏ Figure Comparison between ACLs and capabilities for protecting objects. (b) Using capabilities.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Protection Domains Figure The hierarchical organization of protection domains as groups of users.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Firewalls Figure A common implementation of a firewall.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved

Protecting the Target (1)‏ Figure The organization of a Java sandbox.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Protecting the Target (2)‏ Figure (a) A sandbox. (b) A playground.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Protecting the Target (3)‏ Figure The principle of using Java object references as capabilities.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Protecting the Target (4)‏ Figure The principle of stack introspection.

Security Management  General management of cryptographic keys  Securely managing a group of servers  Authorization management with capabilities and attribute certificates

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Key Establishment Figure The principle of Diffie-Hellman key exchange.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Key Distribution (1)‏ Figure (a) Secret-key distribution.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Key Distribution (2)‏ Figure (b) Public-key distribution

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Secure Group Management Figure Securely admitting a new group member.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.