Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Chinese University, CSE Dept. Distributed Systems / 7 - 1 Distributed Systems Topic 7: Security Dr. Michael R. Lyu Computer Science & Engineering Department.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© Chinese University, CSE Dept. Distributed Systems / 7 - 1 Distributed Systems Topic 7: Security Dr. Michael R. Lyu Computer Science & Engineering Department."— Presentation transcript:

1 © Chinese University, CSE Dept. Distributed Systems / 7 - 1 Distributed Systems Topic 7: Security Dr. Michael R. Lyu Computer Science & Engineering Department The Chinese University of Hong Kong

2 © Chinese University, CSE Dept. Distributed Systems / 7 - 2 Outline 1 Motivation 2 Styles of Attacks 3 Cryptography 4 Authentication 5 Security Systems 6 CORBA Security Service 7 Summary

3 © Chinese University, CSE Dept. Distributed Systems / 7 - 3 1 Motivation  More vital/secret data handled by distributed components.  Security: protecting data stored in and transferred between distributed components from unauthorised access.  Security is a non-functional requirement that cannot be added as a component but has to be built into all components.

4 © Chinese University, CSE Dept. Distributed Systems / 7 - 4 1 Why are Distributed Systems insecure?  Distributed component rely on messages sent and received from network.  Is network (especially WANs and wireless networks) secure?  Is client component secure?  Is client component who it claims to be?  Are users of calling components really who they claim to be?

5 © Chinese University, CSE Dept. Distributed Systems / 7 - 5 1 Effects of Insecurity  Confidential Data may be stolen, e.g.: –corporate plans. –new product designs. –medical/financial records (e.g. Access bills....).  Data may be altered, e.g.: –finances made to seem better than they are. –results of tests, e.g. on drugs, altered. –examination results amended (up or down).

6 © Chinese University, CSE Dept. Distributed Systems / 7 - 6 1 Need for Security  Loss of confidence: above effects may reduce confidence in computerized systems.  Claims for damages: legal developments may allow someone to sue if data on computer has not been guarded according to best practice.  Loss of privacy: data legally stored on a computer may well be private to the person concerned (e.g. medical/personnel) record.

7 © Chinese University, CSE Dept. Distributed Systems / 7 - 7 2 Threats  Categorization of attacks (and goals of attacks) that may be made on system.  Three broad classes: –leakage: information leaving system. –tampering: unauthorised information altering. –vandalism: disturbing correct system operation.  Used to specify what the system is proof, or secure, against.

8 © Chinese University, CSE Dept. Distributed Systems / 7 - 8 2 Methods of Attack  Eavesdropping: Obtaining message copies without authority.  Masquerading: Using identity of another principal without authority.  Message tampering: Intercepting and altering messages.  Replaying: Storing messages and sending them later.  Denial of service: Flooding server resources with messages in order to deny other’s access.

9 © Chinese University, CSE Dept. Distributed Systems / 7 - 9 2 Some Security Attack Scenarios Eavesdropping: Peter Mary “Let’s meet at 5pm, old place” Tom “hee hee…” Tampering: PeterMary “Let’s meet at 5pm, old place” Tom “Let’s meet at 3pm, old place” Replaying: Peter Tom “Let’s meet at 5pm today” Mary One day later: “Let’s meet at 5pm today”

10 © Chinese University, CSE Dept. Distributed Systems / 7 - 10 2 Infiltration  Launch of attack requires access to the system. –Launched by legitimate users. –Launched after obtaining passwords of known users.  Subtle ways of infiltration: –Viruses –Worms –Trojan horses.

11 © Chinese University, CSE Dept. Distributed Systems / 7 - 11 3 Cryptography 1 Introduction 2 Terminology 3 Encryption 4 Secret Keys 5 Public Keys 6 RSA Encryption Algorithm

12 © Chinese University, CSE Dept. Distributed Systems / 7 - 12 3.1 Introduction  Cryptography: encode message data so that it can only be understood by intended recipient.  Romans used it in military communication.  Given knowledge of encryption algorithm, a brute force attempt: try every possible decoding until a valid message is produced.  Computers are good at this!  Modern schemes must be computationally hard to solve to remain secure.

13 © Chinese University, CSE Dept. Distributed Systems / 7 - 13 3.2 Cryptographic Terminology  Plain text: the message before encoding.  Cipher text: the message after encoding.  Key: information needed to convert from plain text to cipher text (or vice-versa).  Function: the encryption or decryption algorithm used, in conjunction with key, to encode or decode message.  Key distribution service: trusted service which hands out keys.

14 © Chinese University, CSE Dept. Distributed Systems / 7 - 14 3.3 Encryption  Encrypting data prevents unauthorised access to the data (i.e. prevents eavesdropping).  If encrypted data can only be encrypted with a matching key, this can be used to prove sender’s identity (i.e. prevents masquerading).  Likewise, it can be used to ensure that only intended recipients can use the data..  Two main ways: secret key and public key.

15 © Chinese University, CSE Dept. Distributed Systems / 7 - 15 3.4 Secret Keys  One key is used to both encrypt and decrypt data  Encryption and decryption functions are often chosen to be the same type  Security should not be compromised by making function well-known as security comes from secret keys

16 © Chinese University, CSE Dept. Distributed Systems / 7 - 16 3.4 Using Secret Keys  Sender and recipient exchange keys through some secure, trusted, non-network based means.  Sender encodes message using encryption function and sends the message, knowing that only the holder of key (the intended recipient) can make sense of it.  Recipient decodes message, and knows that only intended sender could generate it.  Message can be captured but is of no use.

17 © Chinese University, CSE Dept. Distributed Systems / 7 - 17 3.5 Public Keys  Gives 'one-way' security.  Two keys generated, one used with decryption algorithm (private key) and one with encryption algorithm (public key).  Generation of the private key, given only the public key, is computationally hard.  Do not need secure key transmission mechanism for key distribution.

18 © Chinese University, CSE Dept. Distributed Systems / 7 - 18 3.5 Using Public Keys  Recipient generates key pair.  Public key is published by trusted service.  Sender gets public key, and uses this to encode a message.  Recipient decodes the message.  Replies can be encoded using sender’s public key from the trusted distribution service if two- way security is needed.  Message can be captured but is of no use.

19 © Chinese University, CSE Dept. Distributed Systems / 7 - 19 3.6 RSA Encryption Algorithm  Named after the three inventors –Ron Rivest –Adi Shamir –Leonard Adleman  A common and well-known Public-key algorithm

20 © Chinese University, CSE Dept. Distributed Systems / 7 - 20 3.6 Methods used in RSA  Choose a pair of large prime number ( p and q )  Calculate n = p * q  Find an encryption key ( e ) such that e and (p-1)(q-1) are relatively prime.  Then decryption key ( d ) will be obtained by the formula 1 = e*d mod (p-1)(q-1) ðed = 1 mod (p-1)(q-1)  d = e -1 mod (p-1)(q-1)

21 © Chinese University, CSE Dept. Distributed Systems / 7 - 21 3.6 RSA Encryption/Decryption Key  ( e, n ) will be the encryption key available to public: c i = m i e mod n  ( d, n ) will be the decryption key owners keeps private: m i = c i d mod n  The decryption holds because c i d = (m i e ) d = m i ed = m i k(p-1)(q-1)+1 = m i m i k(p-1)(q-1) = m i *1 = m i ; all (mod n)

22 © Chinese University, CSE Dept. Distributed Systems / 7 - 22 4 Authentication 1 Motivation 2 Types of Authentication 3 Needham/Schroeder Protocol

23 © Chinese University, CSE Dept. Distributed Systems / 7 - 23 4.1 What is Authentication? Authentication: Proving you are who you claim to be.  In centralized systems: Password check at session start.  In distributed systems: –Ensuring that each message came from claimed source. –Ensuring that each message has not been altered. –Ensuring that each message has not been replayed.

24 © Chinese University, CSE Dept. Distributed Systems / 7 - 24 4.2 Types of Authentication  Authentication can be used to ensure a number of different aspects of an interaction.  Proving that a client of a server is who it claims to be.  This can be refined to proving that the end user has the right to use a service.

25 © Chinese University, CSE Dept. Distributed Systems / 7 - 25 4.2 Types of Authentication  Proving both client and server are who they say they are.  This is needed to prevent impostor services from collecting information or disrupting (vandalizing) the system.  This is really just an extension of the idea of authentication a client.

26 © Chinese University, CSE Dept. Distributed Systems / 7 - 26 4.2 Types of Authentication  Securing communication from eavesdropping.  Authentication will usually involve encrypting data.  This can be used just at the start to prove the identity of ends of the communication link.

27 © Chinese University, CSE Dept. Distributed Systems / 7 - 27 4.3 Needham/Schroeder Protocol  Provides a secure way for pairs of components to obtain keys to be used during communication.  Based on an authentication server: –maintains a name and a secret key for each component. –can generate keys for peer-to-peer communications.  Secret keys are used for communication with authentication server.

28 © Chinese University, CSE Dept. Distributed Systems / 7 - 28 4.3 Needham/Schroeder Protocol Authentication Server CS 1: C, S, N C 2: {N C,S,K CS,{K CS,C} K S } K C 3: {K CS,C} K S 4: {N S } K CS 5: {N S -1} K CS C: Client Name S: Server Name K C :Client´s secret key K S : Server´s secret key K CS : Secret key for client/server communication N x : Nonce generated by x {M} K :Message encrypted in key K

29 © Chinese University, CSE Dept. Distributed Systems / 7 - 29 5.1 Security Systems: Kerberos  Based on Needham/Schroeder Protocol.  Developed by Steiner at MIT (1988).  Used in –OSF/DCE. –Unix NFS.

30 © Chinese University, CSE Dept. Distributed Systems / 7 - 30 5.1 System architecture of Kerberos Server Client DoOperation Authentication database Login session setup Ticket- granting service T Kerberos Key Distribution Centre Server session setup Authen- tication service A 1. Request for TGS ticket 2. TGS ticket 3. Request for server ticket 4. Server ticket 5. Service request Request encrypted with session key Reply encrypted with session key Service function Step B Step A Step C C S

31 © Chinese University, CSE Dept. Distributed Systems / 7 - 31 5.2 Security Systems: CORBA Supports the following security algorithms:  Authentication of users.  Authentication between objects.  Authorisation and access control.  Security auditing.  Non-repudiation.  Administration of security information. Cryptography is not exposed at interfaces.

32 © Chinese University, CSE Dept. Distributed Systems / 7 - 32 ORB 5.2 CORBA Security Architecture  The security model: Client Server Security Implementation enforcing security policy User requests All object invocations are mediated by the security implementation No specific security policy defined in the model, so that a wide variety of different policies can be defined according to different needs Message protection, access control device, etc. Message protection, access control device, etc.

33 © Chinese University, CSE Dept. Distributed Systems / 7 - 33 5.2 CORBA Security  Principals –Human users or system entities (e.g., the client acting for a user) registered in and authenticated to the system  Credentials –Each principal in a CORBA environment with Security Service is associated with credentials –Credentials contain security attributes of an object, e.g., its identity and privileges (like gate-passes) –Credentials are used for access controls, authentication, etc. –An object may have several credentials, representing privileges in different domains

34 © Chinese University, CSE Dept. Distributed Systems / 7 - 34 5.2 CORBA Security  Delegation –Passing of credentials from one object to another, so that the receiving object (intermediate) can invoke a third object (target) on behalf of the passing object (invoker) –Options of delegation: »no delegation »simple delegation »composite delegation »combined delegation »traced delegation invoker intermediate target Client credentials Client credentials / intermediate credentials / mixed, according to different options

35 © Chinese University, CSE Dept. Distributed Systems / 7 - 35 5.2 CORBA Security  Non-repudiation service –provide services that make users / principals accountable for their actions  Implementation: SSL services come with Orbix; separate purchase for Visibroker Object AObject B Evidence generation & verification Evidence storage & retrieval Delivery Authority Non-repudiation service Adjudicator Dispute/judgement Service requests / responses

36 © Chinese University, CSE Dept. Distributed Systems / 7 - 36 6 Summary  Threats, Methods of Attack, Infiltration  Cryptology: –Secret Keys –Public Keys  Authentication: Needham/Schroeder Protocol  Systems: –Kerberos –CORBA

Download ppt "© Chinese University, CSE Dept. Distributed Systems / 7 - 1 Distributed Systems Topic 7: Security Dr. Michael R. Lyu Computer Science & Engineering Department."

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Presentation 5: Security Internetteknologi 2 (ITNET2)

Presentation 5: Security Internetteknologi 2 (ITNET2)
Security and Reliability Issues in Distributed Systems Chan Hing Wing, Anthony MPhil Term 1, CSE CUHK December 11, 1998.

Security and Reliability Issues in Distributed Systems Chan Hing Wing, Anthony MPhil Term 1, CSE CUHK December 11, 1998.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
The Kerberos Authentication System Brad Karp UCL Computer Science CS GZ03 / M030 17 th November, 2008.

The Kerberos Authentication System Brad Karp UCL Computer Science CS GZ03 / M th November, 2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Cryptographic Technologies

Cryptographic Technologies
Applied Cryptography for Network Security

Applied Cryptography for Network Security
CS542: Topics in Distributed Systems Security. Why are Distributed Systems insecure?  Distributed component rely on messages sent and received from network.

CS542: Topics in Distributed Systems Security. Why are Distributed Systems insecure?  Distributed component rely on messages sent and received from network.

Similar presentations

Ads by Google