distributed systems fundamentals of computer security l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Distributed Systems Fundamentals of Computer Security PowerPoint Presentation
Download Presentation
Distributed Systems Fundamentals of Computer Security

Loading in 2 Seconds...

play fullscreen
1 / 28

Distributed Systems Fundamentals of Computer Security - PowerPoint PPT Presentation


  • 130 Views
  • Uploaded on

Distributed Systems Fundamentals of Computer Security. DM Rasanjalee Himali CSc8320 – Advanced Operating Systems (SECTION 8.1) FALL 2009. Section I. The Basics. Introduction. Computer security and fault tolerance problems are more critical in distributed systems Reasons :

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Distributed Systems Fundamentals of Computer Security' - penha


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
distributed systems fundamentals of computer security

Distributed SystemsFundamentals of Computer Security

DM Rasanjalee Himali

CSc8320 – Advanced Operating Systems (SECTION 8.1)

FALL 2009

section i

Section I

The Basics

introduction
Introduction
  • Computer security and fault tolerance problems are more critical in distributed systems
    • Reasons:
      • Open architecture
      • Need for communication across heterogeneous systems across communication links.
  • Solutions are closely related to many of the fundamental issues in the design of distributed system.
introduction contd
Introduction [contd.]
  • A secure (dependable) computer system:
    • A robust system that exhibits the characteristics of:
      • Secrecy
      • Integrity
      • Availability
      • Reliability
      • Safety
introduction contd5
Introduction [contd.]
  • Secrecy:
      • Privacy / Confidentiality
      • Protection from unauthorized disclosure of system objects
  • Integrity:
      • System objects can be modified only by authorized users
  • Availability:
      • Authorized users should not be prevented from accessing to which he or she has legitimate right of access
  • Reliability & Safety:
      • Fault tolerance features for unintentional system and user faults
  • Computer security in a narrow sense : secrecy + Integrity + availability due to intentional intrusions. In a broader sense reliability & safety is desired.
fundamentals of computer security
Fundamentals of computer security
  • The world of Computer Systems can be represented by:
      • Subjects:
        • Active entities that access objects
      • Objects:
        • Passive entities that must be protected
        • Examples: data, hardware, software and communication links
    • Access Control Policy:
      • Describes how objects are to be accessed by subjects
    • Flow Control Policy:
      • Describes how the information flow between objects and subjects is to be regulated
security threats
Security Threats
  • Security threats may come from:
    • External intruders,
    • internal intruders,
    • unintentional system faults or user faults
  • Four categories :
    • Interruption
      • Ex: loss of data, denial of service
    • Interception
      • Related to security
    • Modification
      • violations of system integrity
    • Fabrication
      • violations of system integrity
interruption
Interruption
  • In an interruption attack, a network service is made degraded or unavailable for legitimate use.
  • Interruption attacks are attacks against the availability of the network.
  • These attacks can take the form of:
    • Overloading a server host so that it cannot respond.
    • Blocking access to a service by overloading an intermediate network or network device.
    • Redirecting requests to invalid destinations.
interruption9
Interruption

Alice

Bob

  • Often called “Denial of Service” or “DoS” attacks.

data, control messages

channel

data

sender

receiver

Trudy

interception
Interception
  • In an interception attack, an unauthorized individual gains access to confidential or private information.
  • Interception attacks are attacks against network confidentiality.
  • These attacks can take the form of:
    • Eavesdropping on communication.
    • Illicit copying of files or programs.
    • Obtaining copies of messages for later replay.
interception11
Interception

Alice

Bob

data, control messages

channel

data

data

sender

receiver

data

Trudy

modification
Modification
  • In a modification attack, an unauthorized individual not only gains access to, but tampers with information, resources, or services.
  • Modification attacks are attacks against the integrity of the network.
  • These attacks can take the form of:
    • Modifying the contents of messages in the network.
    • Changing information stored in data files.
    • Altering programs so they perform differently.
    • Reconfiguring system hardware or network topologies.
  • Also called “man in the middle” attacks.
modification13
Modification

Alice

Bob

data, control messages

channel

differentdata

data

sender

receiver

Trudy

fabrication
Fabrication
  • In a fabrication attack, an individual inserts counterfeit information, resources, or services into the network.
  • Fabrication attacks are attacks against the authentication, access control, and authorization capabilities of the network.
  • These attacks can take the form of:
    • Inserting messages into the network using the identity of another individual.
    • Replaying previously intercepted messages.
    • Spoofing a web site or other network service.
    • Taking the address of another host or service, essentially becoming that host or service.
  • Also called “masquerading” attacks.
fabrication15
Fabrication

Alice

Trudy

data

sender

Bob

Trudy

data

receiver

security threat prevention
Security Threat Prevention
  • Authentication & verification
    • Exclude external intruders
  • Authorization validation
    • Exclude internal intruders
  • Fault-tolerance Mechanisms
    • Unintentional faults
  • Data encryption
    • Prevents the exposure of information & maintain privacy
  • Auditing
    • Passive form of protection
    • Ex: Auditing of an active log
security threats and protection models

SECURITY THREATS

PROTECTION MODELS

Authentication

Authorization

Fault-tolerance

Interruption

Interception

Modification

SUBJECT

OBJECT

Data access or Information Flow

EncryptionAuditing

Fabrication

Security Threats and protection Models
section ii

Section II

Related Work

cloud computing 3
Cloud Computing [3]
  • Cloud Computing = Virtual Centralization
  • The service and data maintenance is provided by some vendor
  • Client/customer has no control over:
    • where the processes are running or
    • where the data is stored.
  • Uses the internet as the communication media
  • Leading vendors, including Amazon, Google, IBM and Microsoft, have all released cloud computing capabilities for end users to make use of their services
    • Ex: Amazon,storage services (S3), computing capacity in the elastic compute cloud (EC2) services and application services for e-commerce (AWS).
cloud computing security
Cloud Computing Security
  • Vendor has to provide some assurance in service level agreements (SLA) to convince the customer on security issues.
  • Guaranteeing the security of corporate data in the "cloud" is difficult, as they provide different services
    • Ex: Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS).
  • The SLA is the only legal agreement between the service provider and client.
  • The only means the provider can gain trust of client is through the SLA, so it has to be standardized.
slide21
SLA has to describe different levels of security and their complexity based on the services to make the customer understand the security policies that are being implemented.
  • This paper, describe security issues that have to be included in SLA.
service level agreement
Service Level Agreement
  • SLA should:
  • • Identify and define the customer’s needs
  • • Provide a framework for understanding
  • • Simplify complex issues
  • • Reduce areas of conflict
  • • Encourage dialog in the event of disputes
  • • Eliminate unrealistic expectations
how to standardize sla s
How to standardize SLA’s
  • Privileged user access
      • Sensitive data processed outside the enterprise – risk
      • Get as much information about the people who manage our data.
  • Regulatory compliance
      • Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider
      • Traditional service providers are subjected to external audits and security certifications.
      • Cloud computing providers who refuse to undergo this scrutiny are signaling that customers can only use them for the most trivial functions.
  • Recovery
      • Even if we don't know where your data is, a cloud provider should tell us what will happen to our data and service in case of a disaster.
      • Any offering that does not replicate the data and application infrastructure across multiple sites is vulnerable to a total failure.
section iii

Section III

Future Work

cloud computing security27
Cloud Computing Security
  • Security in cloud brings complexities that needs to be addressed:
  • Since multiple providers are involved in the cloud, SLA management is complex.
    • In normal systems, SLAs are arrived at between a single provider and the consumer.
    • In a complex cloud transaction with multiple providers, how would SLAs be managed?

(2) Data privacy is another serious concern.

    • How would privacy concerns be addressed by enterprises which wished to store data in the cloud?
    • This could be further complicated by legislative compliance issues.

(3) The ability to dynamically provision and de-provision security information is crucial for cloud providers, as enterprise consumers will have a constantly changing user base.

references
References
  • [1] Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, Addison Wesley, 1997
  • [2] Balachandra Reddy Kandukuri, Ramakrishna Paturi V, Dr. Atanu Rakshit “Cloud Security Issues”, IEEE International Conference on Services Computing, 2009
  • [3] Abhijit Belapurkar, Anirban Chakrabarti, Harigopal Ponnapalli, Niranjan Varadarajan, Srinivas Padmanabhuni, Srikanth Sundarrajan, “Distributed Systems Security” Wiley, 2009
  • [4]www.csd.uwo.ca/courses/CS457a/notes/