























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A set of lecture notes from ece151, focusing on security in distributed systems. It covers the basics of security, secure channels, access control, dependability, security mechanisms, policies, focus of control, and cryptography. The document also discusses authentication, integrity, confidentiality, and digital signatures.
Typology: Study notes
1 / 31
This page cannot be seen from the preview
Don't miss anything!
























Subject: Entity capable of issuing a request for a service provided by an object Channel: The carrier of requests and replies for services Object: Entity providing services to subjects. Channels and objects are subject to security threats : Threat Channel Object Interruption Preventing message Denial of service transfer Inspection Reading the content Reading the data of transferred contained in an messages object Modification Changing message Changing an object’s content encapsulated data Fabrication Inserting messages Spoofing an object
Issue: To protect against security threats, we have a number of security mechanisms at our disposal: Encryption: Transform data into something that an attacker cannot understand (confidentiality). It is also used to check whether something has been modified (integrity). Authentication: Verify the claim that a subject says it is S : verifying the identity of a subject. Authorization: Determining whether a subject is permitted to make use of certain services. Auditing: Trace which subjects accessed what, and in which way. Useful only if it can help catch an attacker. Note: authorization makes sense only if the requesting subject has been authenticated
Diagram of Globus security architecture. Policy statements lead to the introduction of mechanisms for cross-domain authentication and making users globally known => user proxies and resource proxies
Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized users Note: We generally need all three, but each requires different mechanisms What is our focus when talking about protection of data?
Several sites connected through a wide-area backbone service.
The principle of RISSC as applied to secure distributed systems.
Private key of A Public key of A KA, B Secret key shared by A and B Notation Description K A
K A !
out
S
in
S
in
out
S
S
S
S
S
Note: Authentication and data integrity rely on each other: Consider an active attack by Trudy on the communication from Alice to Bob. Authentication without integrity: Alice’s message is authenticated, and intercepted by Trudy, who tampers with its content, but leaves the authentication part as is. Authentication has become meaningless. Integrity without authentication: Trudy intercepts a message from Alice, and then makes Bob believe that the content was really sent by Trudy. Integrity has become meaningless. Question: What can we say about confidentiality versus authentication and integrity?
This is not sound