Distributed Systems Security - Distributed Operating Systems - Lecture Slides, Slides of Computer Science

These are the Lecture Slides of Distributed Operating Systems which includes Neumann Bottleneck, Networked Information, Memory Hierarchy, Evidence, Latency, Communication, Intelligent Service, Communication Latency, Routing Path etc.Key important points are: Distributed Systems Security, Historical Context, Evolution, Security Needs, Files, Identification, Authentication, Single Authority, Single Authorization, Network

Typology: Slides

2012/2013

Uploaded on 03/27/2013

ekana
ekana 🇮🇳

4

(44)

370 documents

1 / 29

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Case Study
On
Distributed Systems Security
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d

Partial preview of the text

Download Distributed Systems Security - Distributed Operating Systems - Lecture Slides and more Slides Computer Science in PDF only on Docsity!

Case Study

On

Distributed Systems Security

Docsity.com

Historical context: the evolution of

security needs

1965-75 1975-89 1990-99 Current

Platforms Multi-user timesharing computers

Distributed systems based on local networks

The Internet, wide- area services

The Internet + mobile devices

Shared resources

Memory, files Local services (e.g. NFS), local networks

Email, web sites, Internet commerce

Distributed objects, mobile code

Security requirements

User identification and authentication

Protection of services Strong security for commercial transactions

Access control for individual objects, secure mobile code

Security management environment

Single authority, single authorization database (e.g. /etc/ passwd)

Single authority, delegation, repli- cated authorization databases (e.g. NIS)

Many authorities, no network-wide authorities

Per-activity authorities, groups with shared responsibilities

Docsity.com

Secure channels

 Properties

 Each process is sure of the identity of the other

 Protection against repetition and reordering of data

 Employs cryptography

 Secrecy based on cryptographic concealment

 Authentication based on proof of ownership of secrets

 Cryptographic concealment is based on:

 Confusion and diffusion

 Conventional shared crypto keys

 Public/private key pair

Principal A

Process p (^) Secure channel Process q

The enemy^ Principal^ B

Cryptography

Docsity.com

Definitions

  • Asymmetric algorithm – public/private key cryptography that utilizes a trap-door function, such as RSA
  • Availability - system services are available when they are needed
  • Certificate - an electronic document containing a statement signed by a principal
  • Confidentiality - secrecy, information is only disclosed according to security policy
  • Integrity - information is not destroyed or corrupted and the system performs data operations correctly
  • DES - Data Encryption Standard adopted by National Bureau of Standards in 1977; famous cryptosystem that uses a 56-bit secret key
  • Digital Signature - emulates a conventional signature by using cryptography to verify to a third party that a message or document is produced by the signer
  • RSA - Rivest, Shamir, Adleman encryption algorithm; first public-key cryptosystem; based on the use of trap door function of two very large prime numbers
  • Symmetric algorithm – secret-key cryptography that uses a common key and a one-way encryption function, such as DES

Docsity.com

Bob is a file server; Sara is an authentication service. Sara shares secret key K A

with Alice and secret key K B with Bob.

1. Alice sends an (unencrypted) message to Sara stating her identity and

requesting a ticket for access to Bob. 

2. Sara sends a response to Alice. {{Ticket} KB, KAB} KA. It is encrypted in K A

and consists of a ticket (to be sent to Bob with each request for file access)

encrypted in K B and a new secret key K AB.

3. Alice uses K A to decrypt the response.

4. Alice sends Bob a request R to access a file: {Ticket} KB, Alice, R.

5. The ticket is actually {K AB, Alice} KB. Bob uses K B to decrypt it, checks

that Alice's name matches and then uses K AB to encrypt responses to Alice.

Features

Scenario 2: Authenticated communication

with a server

  • A ticket is an encrypted item containing the identity of the principal to whom it is issued and a shared key for a communication session.
  • This is a simplified version of the Needham and Schroeder (and Kerberos) protocol.

Docsity.com *

Bob has a public/private key pair <K Bpub , K Bpriv>

1. Alice obtains a certificate that was signed by a trusted authority

stating Bob's public key K Bpub

2. Alice creates a new shared key K AB , encrypts it using K Bpub using a

public-key algorithm and sends the result to Bob.

3. Bob uses the corresponding private key K Bpriv to decrypt it.

(If they want to be sure that the message hasn't been tampered with, Alice can add an agreed value to it and Bob can check it.)

Features

Scenario 3: Authenticated communication

with public keys

  • Mallory might intercept Alice’s initial request to a key distribution service for

Bob’s public-key certificate and send a response containing his own public key.

He can then intercept all the subsequent messages.

Docsity.com *

Features

X509 Certificate format

Subject (^) Distinguished Name, Publ ic Key

Issuer Distinguished Name, Signature Period of validity Not Before Date, Not Aft er Date Admi nistrat ive information Version, Serial Number Extended Informati on

Certificate: a statement signed by an appropriate authority.

Certificates require:

  • An agreed standard format
  • Agreement on the construction of chains of trust
  • Expiry dates, so that certificates can be revoked.

Docsity.com

Certificates as credentials

• Certificates can act as credentials

– Evidence for a principal's right to access a resource

• The two certificates shown could act as credentials

for Alice to operate on her bank account

– She would need to add her public key certificate

Docsity.com *

Structure

Cryptographic Algorithms

  • Symmetric (secret key)

E(K, M) = {M} (^) K D(K, E(K, M)) = M Same key for E and D M must be hard (infeasible) to compute (one-way function) Usual form of attack is brute-force: try all possible key values

  • Asymmetric (public key)
Separate encryption and decryption keys: Ke , Kd

D(K (^) d. E(K (^) e, M)) = M depends on the use of a trap-door function to make the keys. E has high computational cost. Very large keys > 512 bits

  • Hybrid protocols - used in SSL (now called TLS)

Uses asymmetric crypto to transmit the symmetric key that is then used to encrypt a session.

Message M, key K, published encryption functions E, D

Docsity.com

Structure

Cipher block chaining and stream ciphers

Most algorithms work on 64-bit blocks. Weakness of simple block cipher:- repeated patterns can be detected.

n

n+3 n+2 n+1 XOR E(K, M)

n-3 n-2 n-

plaintext blocks

ciphertext blocks

Cipher block chaining (CBC)

XOR

generatornumber n+3^ n+2^ n+1^ E(K, M)

plaintext stream

ciphertext stream

buffer

keystream

Stream cipher

Docsity.com *

Asymmetric encryption algorithms

RSA: The first practical algorithm (Rivest, Shamir and Adelman 1978) and still the

most frequently used. Key length is variable, 512-2048 bits.

Asymmetric algorithms are ~1000 x slower and are therefore not practical for bulk

encryption, but their other properties make them ideal for key distribution and

for authentication uses.

Depend on the use of trap-door functions

A trap-door function is a one-way function with a secret exit - e.g. product of two large numbers; easy to multiply, very hard to factor

Docsity.com *

Implementation

Digital signatures

Requirement:

  • To authenticate stored document files as well as messages
  • To protect against forgery
  • To prevent the signer from repudiating a signed document (denying their responsibility)

Encryption of a document in a secret key constitutes a signature

  • Impossible for others to perform without knowledge of the key
  • Strong authentication of document
  • Strong protection against forgery
  • Weak against repudiation (signer could claim key was compromised)

Docsity.com *

Implementation

Digital signatures with public keys

Signing

H(doc)^ h

D(Kpub,{h}) (^) h'

Verifying^ h = h'?authentic:forged

M

H(M)

128 bits

h (^) E(Kpri, h) {h}Kpri

M

signed doc

M

{h}Kpri

Docsity.com *

Implementation

Low-cost signatures with a shared secret

key

Signing
Verifying

M

K

M

K

h = h'?authentic:forged

h

M

signed doc H(M+K) h

h'

H(M+K)

Signer and verifier

share a secret key K

MAC: Message Authentication Code

Docsity.com