Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 21 Distributed System Security Copyright © 2008.

Published byMarianna Woods Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 21 Distributed System Security Copyright © 2008."— Presentation transcript:

1 Chapter 21 Distributed System Security Copyright © 2008

2 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.2Operating Systems, by Dhananjay Dhamdhere2 Introduction Issues in Distributed System Security Message Security Authentication of Data and Messages Third-Party Authentication

3 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.3Operating Systems, by Dhananjay Dhamdhere3 Issues in Distributed System Security Kinds of security threats in distributed OSs: –Leakage  of message contents –Tampering  of message contents –Stealing  use of resources without authorization –Denial of service to authorized users Leakage and tampering are threats to message security Threats addressed through two means: –Message security techniques –Authentication of remote users

4 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.4Operating Systems, by Dhananjay Dhamdhere4 Security Mechanisms and Policies

5 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.5Operating Systems, by Dhananjay Dhamdhere5 Security Attacks in Distributed Systems Additionally, security attacks can be classified into: –Passive attacks and active attacks

6 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.6Operating Systems, by Dhananjay Dhamdhere6 Message Security Approaches to message security can be: –Link-oriented Tends to be expensive –Cost depends on the number of links over which a message travels –End-to-end Approach assumed in following discussions Three approaches to message security: –Private (or secret) key encryption –Public key encryption –Session keys

7 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.7Operating Systems, by Dhananjay Dhamdhere7 Message Security (continued)

8 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.8Operating Systems, by Dhananjay Dhamdhere8 Distribution of Encryption Keys KDC: Key distribution center –For public key encryption, KDC maintains a directory containing public keys of all entities in the system –When session keys are used, KDC generates a new session key on demand

9 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.9 Distribution of Public Keys Steps –Step 1: P i → KDC : E U kdc (P i, P j ) –Step 2: KDC → P i : E U i (P j, U j ) Encryption is employed merely to prevent message tampering Operating Systems, by Dhananjay Dhamdhere9

10 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.10 Distribution of Session Keys Steps –Step 1: P i → KDC : P i, P j –Step 2: KDC → P i : E V i (P j, Sk i,j, EV j (P i,Sk i,j )) –Step 3: P i → P j : E V j (P i, Sk i,j ), E SK i,j ( ) Operating Systems, by Dhananjay Dhamdhere10

11 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.11Operating Systems, by Dhananjay Dhamdhere11 Preventing Message Replay Attacks Message replay attack: intruder copies messages passing over network and “plays them back” later –Replayed message may mislead recipient into taking wrong or duplicate actions May affect data consistency May reveal confidential information Solution: use challenge-response protocol to check whether message exchange is in real time –Steps: challenge, response, detect P j → P i : E SK i,j (n) P j → P i : E SK i,j (n+1) Challenge string n is called a nonce

12 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.12Operating Systems, by Dhananjay Dhamdhere12 Mutual Authentication Processes in a communication session should validate each other’s identity at start of session –Defeats masquerading attacks

13 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.13Operating Systems, by Dhananjay Dhamdhere13 Authentication of Data and Messages Authenticity: requires process to verify that data was originated/sent by a claimed person or process –And that it has not been tampered with by intruder Latter aspect implies integrity of data To ensure integrity, use a hash or message digest –One-way hash function for which a birthday attack is infeasible Certification authority (CA) provides information concerning encryption keys used by persons or processes in a secure manner

14 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.14Operating Systems, by Dhananjay Dhamdhere14 Certification Authorities and Digital Certificates A certification authority (CA): –Assigns public and private keys to an entity After ascertaining its identity by using some means of physical verification Keys are valid for a specific period of time –Acts like a key distribution center –Keeps a record of keys assigned by it –Issues public key certificates Used to avoid man-in-the-middle attacks

15 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.15Operating Systems, by Dhananjay Dhamdhere15 Certification Authorities and Digital Certificates (continued) A public key certificate includes: –Serial number of the certificate –Owner’s distinguished name (DN) DNS name of the owner, and owner’s name, unit, locality, state, and country in a textual form –Identifying information of owner E.g., address –Owner’s public key –Date of issue and date of expiry, and issuer’s DN –Digital signature on the above information by CA

16 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.16Operating Systems, by Dhananjay Dhamdhere16 Message Authentication Codes and Digital Signature A message authentication code (MAC) is used to check the integrity of data –A one-way hashing function is used to obtain a message digest of data –It is encrypted using a secret key known only by sender and intended recipient A digital signature is used to verify authenticity of data –This identification is non-repudiable –Can also be used to detect any modifications of data after the data was created or sent by a process –Both are achieved through use of private keys

17 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.17Operating Systems, by Dhananjay Dhamdhere17 Message Authentication Codes and Digital Signature (continued)

18 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.18Operating Systems, by Dhananjay Dhamdhere18 Third-Party Authentication How does a server know whether a process wishing to act as its client was created by an authorized user? –Require each server to authenticate every user through a password Inconvenient –Use a third-party authenticator and a secure arrangement Kerberos  uses an authentication database SSL  decentralized

19 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.19 Kerberos Developed in project Athena at MIT Kerberos authentication server (KAS) uses an authentication data base Authorization is performed by giving tickets to processes –A ticket is like a capability, it authorizes a process to use a service –It contains the process and server ids, a session key for communication, and the lifetime over which it is valid At log in time, each process gets a ticket to a ticket granting server (TGS); TGS generates tickets for other servers Operating Systems, by Dhananjay Dhamdhere19

20 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.20 Kerberos (continued) When a process wishes to use a server It submits a ticket for the server and an authenticator containing a time-stamp encrypted with the session key Server checks validity of ticket, extracts the session key and checks the authenticator to ensure that the request is made in ‘real time’ Operating Systems, by Dhananjay Dhamdhere20

21 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.21Operating Systems, by Dhananjay Dhamdhere21 Kerberos (continued) Initial authentication: Obtaining ticket for server: Obtaining service:

22 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.22Operating Systems, by Dhananjay Dhamdhere22 Secure Sockets Layer (SSL) SSL is a message security protocol providing authentication and communication privacy Works on top of a reliable transport protocol such as TCP/IP Transport layer security (TLS) protocol is based on SSL 3.0 Two phases: –SSL handshake protocol –SSL record protocol

23 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.23Operating Systems, by Dhananjay Dhamdhere23 Secure Sockets Layer (SSL) Handshake protocol: –Performs server authentication –Selection of session’s cryptographic algorithms –(Optionally) performs client authentication –Enables client and server to generate shared secret Used to generate session keys Record protocol: – securely sent using a session key, where m is text of message To avoid man-in-the-middle attacks, certificate is verified and challenge-response protocol used to authenticate client

24 Operating Systems, by Dhananjay Dhamdhere Copyright © 200821.24Operating Systems, by Dhananjay Dhamdhere24 Summary Intruders can launch a variety of attacks: leakage, tampering, masquerading, or denial of service –Leakage/tampering are threats to message security Solution: Use encryption –Private, public and session keys –Session keys are typically used Message replay attacks can be avoided using challenge-response protocol Third-party authenticators: Kerberos, SSL Digital signature: used to verify authenticity of data –Public key certificate used to securely distribute public key

Download ppt "Chapter 21 Distributed System Security Copyright © 2008."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
1 Authentication Applications Ola Flygt Växjö University, Sweden +46 470 70 86 49.

1 Authentication Applications Ola Flygt Växjö University, Sweden
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Authentication & Kerberos

Authentication & Kerberos

Similar presentations

Ads by Google