cs 6393 at advanced topics in computer security reliable and secure distributed systems n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems PowerPoint Presentation
Download Presentation
CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

Loading in 2 Seconds...

play fullscreen
1 / 25

CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems - PowerPoint PPT Presentation


  • 118 Views
  • Uploaded on

CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems. Instructor: Professor Shouhuai Xu course page: http://www.cs.utsa.edu/~shxu/CS6463-Fall2007/index.html. Why “Distributed System”?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems' - kamal


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cs 6393 at advanced topics in computer security reliable and secure distributed systems
CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

Instructor: Professor Shouhuai Xu

course page:

http://www.cs.utsa.edu/~shxu/CS6463-Fall2007/index.html

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

why distributed system
Why “Distributed System”?
  • We studied from hardware layer to application layer: Architecture, OS, Networking, DBMS, Algorithm
  • We know what is computer, TCP/IP
  • But why do we need Distributed Systems?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

why distributed system1
Why “Distributed System”?
  • Think about the real world: It is distributed in nature.
    • We have many states: how are in-state and inter-state management done (e.g., license, legislation)?
    • We have many countries: how are in-country and inter-country management done (e.g., passport, UN, WTO)?
  • But can we make a super-computer (sufficiently large memory and disk, sufficiently powerful CPU etc)?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

why distributed system2
Why “Distributed System”?
  • But can we make a super-computer (sufficiently large memory and disk, sufficiently powerful CPU etc)?
    • It may cost $100B
  • We often build large “systems” from building-blocks:
    • Skyscrapers, bridges, space shuttle
    • Constitution and special laws
  • We facilitate large-scale and complex applications through commodity standalone computers.
    • Price/cost is an economic driven force

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

why distributed system3
Why “Distributed System”?
  • A distributed system consists of a set of networked computers.
  • Just like the diverse set of business/industries that exploit the transportation systems (interstate freeways, railways, air lines), distributed systems exploit the underlying hardware processor, OS/VM, TCP/IP networking.

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

why distributed system4
Why “Distributed System”?
  • The focus of distributed systems is “how to exploit the underlying hardware/OS to serve the application needs”
  • It is not about “how to build the underlying OS/Networking” --- we assume it is there.

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

what is a distributed system
What is a “Distributed System”?
  • A distributed system is one in which the failure of a computer you didn’t even know existed can render your own computer unusable. [Lesile Lamport]
  • Spiritually, it intends to build a system-of-networked-and-inherently-heterogeneous-systems for specific applications (e.g., distributed banking, stock exchanging, web services, Software as a Service, air traffic control), which may cost $100M, by “mimicking” a centralized or single-super-power-computer, which may cost $100B.
    • It is about money/cost!

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

how a distributed system looks
How a Distributed System Looks?

networking

Physically: heterogeneous, diverse locations in nature

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

how a distributed system looks1
How a Distributed System Looks?

Content distribution

Web service

Peer-to-peer computing

others

Applications

Reliable and secure group communication (with order/causality/atomicity guarantees)

Addressing / naming / group membership

Middleware

OS/VM w/ TCP/IP

OS/VM w/ TCP/IP

hardware

hardware

Individual computer (e.g., yours)

Individual computer (e.g., friend’s)

Logically view

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

goodness of distributed system
Goodness of “Distributed System”
  • How do we know whether a distributed system accomplish what we want it to accomplish?
  • Many attributes (just like how we would evaluate healthiness: heart, blood, etc.)
    • Price/cost
    • Performance
    • Availability
    • Scalability
    • Reliability
    • Security

Our focus

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

goodness of distributed system1
Goodness of “Distributed System”
  • We know that the attributes often cannot get along (just like arbitrarily eating food and healthiness/beauty):
    • (high) quality and (low) price
    • (high) reliability and (low) performance
    • (high) security and (low) availability
  • But how about reliability and security. Do they (naturally) get along?
    • Hope you will find the answer at the end of the class

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

it s all about management
It’s all about management!
  • In order to manage a state/country, we need postal office, laws/legislation, government/law-enforcement, …
  • In order to manage distributed system, we need
    • Addressing (postal vs. DNS)
      • But how to make DNS itself reliable and secure?
      • Chicken-and-egg problem?
    • Naming (passport/DMV vs. PKI): we need cryptography
      • How to make PKI itself reliable and secure?
    • Messaging (regular mail/registered mail vs. TCP-IP/messaging with guarantees such as ordering, causality)

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

how to facilitate management reliably
How to facilitate management, reliably!
  • In the real world, it is very costly and expensive to make the governmental systems etc run reliably (partially why we pay much taxes )
  • In distributed systems, what we have to pay to make them run reliably?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

example hotel room reservation
Example: Hotel room reservation

I need a non-smoking room.

Done!

client

server

client

Done!

I need a non-smoking room.

server

time

What if the server crashes? We replicate the servers, but …

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

example hotel room reservation1
Example: Hotel room reservation

client

Done!

I need a non-smoking room.

server 1

Done!

I need a non-smoking room.

server 2

I need a non-smoking room.

Done!

server 3

time

Ideal case

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

example hotel room reservation2
Example: Hotel room reservation

client

Done!

I need a non-smoking room.

server 1

Done!

I need a non-smoking room.

I need a non-smoking room.

server 2

server 3

time

Not so ideal, but still ok.

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

example hotel room reservation3
Example: Hotel room reservation

client 1

client 2

server 1

server 2

server 3

time

Who got the room?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

how to facilitate management securely
How to facilitate management, securely!
  • In the real world, we pay much to protect the boundaries etc (that’s why we also pay much taxes )
  • In distributed systems, how much we have to pay to make sure the distributed systems will not be exploited to launch attacks?
    • We have many large botnets.
    • We have many critical information infrastructures, or physical infrastructures that are managed by distributed information infrastructures. How to protect them?
    • How to make sure no (digital) identity theft?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

example hotel room reservation cont
Example: hotel room reservation (cont)
  • What if some servers are under attack so as to, for example, block the whole system with “minimal” effort.
  • That is, intelligent rather than simple-minded Denial-of-Service attack?
  • What if other attacks?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

course objective
Course objective
  • We emphasize the “practical” aspect of reliable and secure distributed systems.
  • However, if you choose to pursue the theoretic aspect, that is perfectly ok, too. In this case, please talk to the instructor. He will be more than happy to work with you on a one-to-one basis so as to match your hunger 

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

course objective1
Course objective
  • We want to establish a taste of the thinking of chief security officer or chief security architect
  • Can we brainstorm something?

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

course objective2
Course objective
  • We want to establish a taste of the thinking of chief security officer or chief security architect
    • You need to think about performance
    • You need to think about availability (even under DDoS attacks)
    • You need to think about random faults (not caused by attacks though)
    • You need to think about security (confidentiality, integrity, authentication, authorization, access control, non-repudiation)

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

textbook
Textbook
  • The content of this course consists of two parts
    • Reliable distributed system part:
      • Use book “Reliable Distributed Systems: Technologies, Web Services and Applications” by Prof. Ken Birman at Cornell University
      • His systems have been deployed in the real world: NYSE, Navy Warship etc.
    • Secure distributed system part:
      • The instructor will provide the necessary materials

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

grading policy
Grading Policy
  • Student paper presentation (5%; one presentation per student based on a paper listed on the course web)
    • Your slides will be posted on the web
  • Project proposal & presentation (20%: one proposal per team)
  • Take-home exam (10%; 5% each)
  • Final project report (30%; one report per team)
  • Final project presentation (with demo, if applicable) (10%; one presentation per team)
  • Final exam (20%)
  • Attendance (5%)

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems

office hour and management
Office Hour and Management
  • MW 2-3 pm or by appointment
  • Meeting with each team on case-by-case basis
    • Team up and elect a leader asap 
  • News announcement
    • We need a volunteer to formulate a mailinglist for this course or we can wait a bit until the department mailinglist is available

CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems