Security In Distributed Systems - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Security In Distributed Systems

Description:

Computations may be carried out by any node in the network ... Malicious Code. Authentication. Passwords. Password Salting. Challenge / Response ... – PowerPoint PPT presentation

Number of Views:47
Avg rating:3.0/5.0
Slides: 25
Provided by: Erik268
Category:

less

Transcript and Presenter's Notes

Title: Security In Distributed Systems


1
Security In Distributed Systems
  • Erik Schneider
  • 4/25/2007

2
What is a Distributed System?
  • Description
  • Architectures
  • Client / Server
  • Distributed Object
  • Peer to peer
  • Service Oriented

3
Client / Server Architecture
  • Thin Client vs. Fat Client
  • Tiered Architecture

4
Distributed Object Architecture
5
Peer-to-Peer Architecture
  • Examples
  • Napster
  • Gnutella
  • Computations may be carried out by any node in
    the network
  • Links between any two nodes that are know to each
    other

6
Service Oriented Architecture
  • Loosely coupled services on a network
  • Smaller, more compact applications
  • Reactive and adaptive applications

7
What is Security?
  • Integrity
  • Authentication
  • Authorization
  • Confidentiality
  • Non-repudiation

8
Who to be afraid of?
  • Everyone!

9
Security Threats
  • Packet Sniffing
  • Replay Attack
  • Masquerade Attack
  • Denial of Service
  • Malicious Code

10
Authentication
  • Passwords
  • Password Salting
  • Challenge / Response
  • One-time passwords
  • Biometrics
  • Digital Certificates

11
Authorization
  • Access Control Lists
  • Capabilities
  • Application Level

12
Access Control Lists
  • List of permission attached to an object
  • Categories
  • Discretionary
  • Mandatory
  • Role based
  • Convenience

13
Capabilities
  • Tokens
  • Shared between processes
  • Possession grants permission
  • Like file descriptors
  • Confused Deputy Problem

14
Application Level
  • Be Creative

15
Confidentiality
  • Encryption
  • Public Key
  • Private Key
  • Protocols
  • TSL
  • HTTPS

16
Public Key Encryption
  • AKA Asymmetric cryptography
  • Pair of keys, public and private
  • Locked mailbox with a mail slot analogy
  • Authentication of public keys
  • PKI, PGP
  • Computationally intensive

17
Private Key Encryption
  • AKA Symmetric key algorithm
  • Algorithm Types
  • Stream Ciphers
  • Block Ciphers
  • Less computationally intensive than public key
  • Have to keep both keys a secret on both ends
    unless its useless
  • Difficult key management

18
TSL
  • Cryptographic protocol for secure communication
  • Endpoint authentication
  • Public key-based key exchange and
    certificate-based authentication
  • Symmetric cipher-based traffic encryption
  • Handshaking

19
HTTPS
  • Secure HTTP connection
  • Combination of HTTP and TSL
  • Prevent eavesdropping

20
Non-repudiation
  • Digital Signatures
  • Message Transfer Agents
  • Third party for proof

21
Digital Signatures
  • Type of asymmetric cryptography
  • Sealing of an envelope analogy
  • Used for Public Key Infrastructure
  • Consists of three algorithms
  • Key generation
  • Signing
  • Signature verification
  • Benefits
  • Authentication
  • Integrity

22
Technologies
  • DCE
  • Kerberos
  • Active Directory

23
Questions
  • ?

24
References
  • Bruce, Glen Dempsey, Rob Security in Distributed
    Computing. Hewlett-Packard Co 1997
  • Tanenbaum, Andrew Modern Operating Systems.
    Prentice-Hall 2006
  • Sommerville, Ian Software Engineering. 2004
  • http//en.wikipedia.org/wiki/Computer_security
  • http//en.wikipedia.org/wiki/Encryption
  • http//www.nihilent.com/white_papers/information_s
    ecurity_attacks.pdf
Write a Comment
User Comments (0)
About PowerShow.com