Security Management - Distributed Operating Systems - Lecture Slides, Slides of Operating Systems

Distributed Operating Systems course is designed to examine the fundamental principles of distributed systems, and provide students hands-on experience in developing distributed protocols. This lecture includes: Security Management, Key Management, Group Management, Authorization Management, Certification Authority, Registration Authority, Capabilities, Delegation

Typology: Slides

2013/2014

Uploaded on 02/01/2014

sailendra
sailendra 🇮🇳

4.3

(19)

113 documents

1 / 27

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Security Management
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b

Partial preview of the text

Download Security Management - Distributed Operating Systems - Lecture Slides and more Slides Operating Systems in PDF only on Docsity!

Security Management

Outline

Key Management

  • Group management
  • Authorization management

Security Management

  • Problem: how do you get keys in the first place?
  • Key distribution: securely associate an entity with a key
    • Example: Public Key Infrastructure (PKI), a system that manages public key distribution on a wide-scale
  • Key establishment: establish session keys
    • Use public key cryptography (we already know how to do it)
    • Diffie-Hellman key exchange

Components of a PKI

Certification Authority (CA)

  • People, processes responsible for creation, delivery and management of digital certificates
  • Organized in a hierarchy (use delegation) CA- 1 CA- 2 Root CA

Registration Authority

  • People, processes and/or tools that are responsible for
    • Authenticating the identity of new entities (users or

computing devices)

  • Requiring certificates from CA’s.

Example

  • Alice generates her own key pair public key Alice private key Alice

 Bob generates his own key pair

 Both send their public key to a CA and receive a digital

certificate

public key Bob private key Bob

Example

  • Alice gets Bob’s public key from the CA private key Alice private key Bob

 Bob gets Alice’s public key from the CA

Key Establishment Method 1

What’s your public key? Bob picks a symmetric key and encrypts it using Alice’s public key Alice decrypts the symmetric key using her private key Then sends the key to Alice Bob encrypts his message using the symmetric key Then sends the message to Alice Alice decrypts the message using the symmetric key hi

Key Establishment Method 2:

Diffie-Hellman Key Exchange

  • Agree on two numbers n, g; both numbers can be made public!
  • Alice and Bob pick two secret numbers x and y

Secure Group Management

  • Motivation: offer high availability for security services
  • How: replicate services
  • Problem: how to add a new replica to a group without compromising the integrity of the group?

Securely Admitting A New Group Member

  • CKG: secret key used for communication within group
  • KG
    • ,KG - : public-private key pair to communicate with non-group members
  • KP,G: secret key
  • RP: reply pad
  • T: local time
  • Notation: [X]Y: X was signed by Y join request New process Process in group G group admittance

Authorization Management

  • Granting authorization rights
  • Related with access control which verifies access rights

Capabilities (1)

 How to grant a capability?

 How to verify a capability?