Distributed Systems Fundamentals of Computer Security DM Rasanjalee Himali CSc8320 – Advanced Operating Systems  (SECTION ...
Section I The Basics
Introduction <ul><li>Computer security  and  fault tolerance  problems are more critical in distributed systems </li></ul>...
Introduction [contd.] <ul><li>A secure (dependable) computer system : </li></ul><ul><ul><li>A robust system that exhibits ...
Introduction [contd.] <ul><li>Secrecy :  </li></ul><ul><ul><ul><li>Privacy / Confidentiality </li></ul></ul></ul><ul><ul><...
Fundamentals of computer security <ul><li>The world of Computer Systems can be represented by: </li></ul><ul><ul><ul><li>S...
Security Threats <ul><li>Security threats may come from: </li></ul><ul><ul><li>External intruders,  </li></ul></ul><ul><ul...
Interruption <ul><li>In an  interruption attack , a network service is made degraded or unavailable for legitimate use. </...
Interruption <ul><li>Often called “Denial of Service” or “DoS” attacks. </li></ul>sender receiver channel data, control me...
Interception <ul><li>In an  interception attack , an unauthorized individual gains access to confidential or private infor...
Interception sender receiver channel data, control messages data data Alice Bob Trudy data
Modification <ul><li>In a  modification attack , an unauthorized individual not only gains access to, but tampers with inf...
Modification sender receiver channel data, control messages data different data Alice Bob Trudy
Fabrication <ul><li>In a  fabrication attack , an individual inserts counterfeit information, resources, or services into ...
Fabrication sender data Alice Trudy receiver data Bob Trudy
Security Threat Prevention <ul><li>Authentication & verification </li></ul><ul><ul><li>Exclude external intruders </li></u...
Security Threats and protection Models SUBJECT OBJECT Data access or Information Flow SECURITY THREATS PROTECTION MODELS I...
Section II Related Work
Cloud Computing [3] <ul><li>Cloud Computing = Virtual Centralization </li></ul><ul><li>The service and data maintenance is...
Cloud Computing Security <ul><li>Vendor has to provide some assurance in service level agreements (SLA) to convince the cu...
<ul><li>SLA has to describe different levels of security and their complexity based on the services to make the customer u...
Service Level Agreement <ul><li>SLA should: </li></ul><ul><li>• Identify and define the customer’s needs </li></ul><ul><li...
How to standardize SLA’s <ul><li>Privileged user access </li></ul><ul><ul><ul><li>Sensitive data processed outside the ent...
Service-level threats and vulnerabilities
Service-level Solutions
Section III Future Work
Cloud Computing Security <ul><li>Security in cloud brings complexities that needs to be addressed: </li></ul><ul><li>Since...
References <ul><li>[1] Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, Addison Wesley, 1997 </...
Upcoming SlideShare
Loading in...5
×

2nd Lecture for Chapter 8.1 (Fall 09)

207

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
207
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

2nd Lecture for Chapter 8.1 (Fall 09)

  1. 1. Distributed Systems Fundamentals of Computer Security DM Rasanjalee Himali CSc8320 – Advanced Operating Systems (SECTION 8.1) FALL 2009
  2. 2. Section I The Basics
  3. 3. Introduction <ul><li>Computer security and fault tolerance problems are more critical in distributed systems </li></ul><ul><ul><li>Reasons : </li></ul></ul><ul><ul><ul><li>Open architecture </li></ul></ul></ul><ul><ul><ul><li>Need for communication across heterogeneous systems across communication links. </li></ul></ul></ul><ul><li>Solutions are closely related to many of the fundamental issues in the design of distributed system. </li></ul>
  4. 4. Introduction [contd.] <ul><li>A secure (dependable) computer system : </li></ul><ul><ul><li>A robust system that exhibits the characteristics of: </li></ul></ul><ul><ul><ul><li>Secrecy </li></ul></ul></ul><ul><ul><ul><li>Integrity </li></ul></ul></ul><ul><ul><ul><li>Availability </li></ul></ul></ul><ul><ul><ul><li>Reliability </li></ul></ul></ul><ul><ul><ul><li>Safety </li></ul></ul></ul>
  5. 5. Introduction [contd.] <ul><li>Secrecy : </li></ul><ul><ul><ul><li>Privacy / Confidentiality </li></ul></ul></ul><ul><ul><ul><li>Protection from unauthorized disclosure of system objects </li></ul></ul></ul><ul><li>Integrity : </li></ul><ul><ul><ul><li>System objects can be modified only by authorized users </li></ul></ul></ul><ul><li>Availability : </li></ul><ul><ul><ul><li>Authorized users should not be prevented from accessing to which he or she has legitimate right of access </li></ul></ul></ul><ul><li>Reliability & Safety : </li></ul><ul><ul><ul><li>Fault tolerance features for unintentional system and user faults </li></ul></ul></ul><ul><li>Computer security in a narrow sense : secrecy + Integrity + availability due to intentional intrusions. In a broader sense reliability & safety is desired. </li></ul>
  6. 6. Fundamentals of computer security <ul><li>The world of Computer Systems can be represented by: </li></ul><ul><ul><ul><li>Subjects: </li></ul></ul></ul><ul><ul><ul><ul><li>Active entities that access objects </li></ul></ul></ul></ul><ul><ul><ul><li>Objects: </li></ul></ul></ul><ul><ul><ul><ul><li>Passive entities that must be protected </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Examples: data, hardware, software and communication links </li></ul></ul></ul></ul><ul><ul><li>Access Control Policy: </li></ul></ul><ul><ul><ul><li>Describes how objects are to be accessed by subjects </li></ul></ul></ul><ul><ul><li>Flow Control Policy: </li></ul></ul><ul><ul><ul><li>Describes how the information flow between objects and subjects is to be regulated </li></ul></ul></ul>
  7. 7. Security Threats <ul><li>Security threats may come from: </li></ul><ul><ul><li>External intruders, </li></ul></ul><ul><ul><li>internal intruders, </li></ul></ul><ul><ul><li>unintentional system faults or user faults </li></ul></ul><ul><li>Four categories : </li></ul><ul><ul><li>Interruption </li></ul></ul><ul><ul><ul><li>Ex: loss of data, denial of service </li></ul></ul></ul><ul><ul><li>Interception </li></ul></ul><ul><ul><ul><li>Related to security </li></ul></ul></ul><ul><ul><li>Modification </li></ul></ul><ul><ul><ul><li>violations of system integrity </li></ul></ul></ul><ul><ul><li>Fabrication </li></ul></ul><ul><ul><ul><li>violations of system integrity </li></ul></ul></ul>
  8. 8. Interruption <ul><li>In an interruption attack , a network service is made degraded or unavailable for legitimate use. </li></ul><ul><li>Interruption attacks are attacks against the availability of the network. </li></ul><ul><li>These attacks can take the form of: </li></ul><ul><ul><li>Overloading a server host so that it cannot respond. </li></ul></ul><ul><ul><li>Blocking access to a service by overloading an intermediate network or network device. </li></ul></ul><ul><ul><li>Redirecting requests to invalid destinations. </li></ul></ul>
  9. 9. Interruption <ul><li>Often called “Denial of Service” or “DoS” attacks. </li></ul>sender receiver channel data, control messages data Alice Bob Trudy
  10. 10. Interception <ul><li>In an interception attack , an unauthorized individual gains access to confidential or private information. </li></ul><ul><li>Interception attacks are attacks against network confidentiality . </li></ul><ul><li>These attacks can take the form of: </li></ul><ul><ul><li>Eavesdropping on communication. </li></ul></ul><ul><ul><li>Illicit copying of files or programs. </li></ul></ul><ul><ul><li>Obtaining copies of messages for later replay. </li></ul></ul>
  11. 11. Interception sender receiver channel data, control messages data data Alice Bob Trudy data
  12. 12. Modification <ul><li>In a modification attack , an unauthorized individual not only gains access to, but tampers with information, resources, or services. </li></ul><ul><li>Modification attacks are attacks against the integrity of the network. </li></ul><ul><li>These attacks can take the form of: </li></ul><ul><ul><li>Modifying the contents of messages in the network. </li></ul></ul><ul><ul><li>Changing information stored in data files. </li></ul></ul><ul><ul><li>Altering programs so they perform differently. </li></ul></ul><ul><ul><li>Reconfiguring system hardware or network topologies. </li></ul></ul><ul><li>Also called “ man in the middle ” attacks. </li></ul>
  13. 13. Modification sender receiver channel data, control messages data different data Alice Bob Trudy
  14. 14. Fabrication <ul><li>In a fabrication attack , an individual inserts counterfeit information, resources, or services into the network. </li></ul><ul><li>Fabrication attacks are attacks against the authentication , access control , and authorization capabilities of the network. </li></ul><ul><li>These attacks can take the form of: </li></ul><ul><ul><li>Inserting messages into the network using the identity of another individual. </li></ul></ul><ul><ul><li>Replaying previously intercepted messages. </li></ul></ul><ul><ul><li>Spoofing a web site or other network service. </li></ul></ul><ul><ul><li>Taking the address of another host or service, essentially becoming that host or service. </li></ul></ul><ul><li>Also called “ masquerading ” attacks. </li></ul>
  15. 15. Fabrication sender data Alice Trudy receiver data Bob Trudy
  16. 16. Security Threat Prevention <ul><li>Authentication & verification </li></ul><ul><ul><li>Exclude external intruders </li></ul></ul><ul><li>Authorization validation </li></ul><ul><ul><li>Exclude internal intruders </li></ul></ul><ul><li>Fault-tolerance Mechanisms </li></ul><ul><ul><li>Unintentional faults </li></ul></ul><ul><li>Data encryption </li></ul><ul><ul><li>Prevents the exposure of information & maintain privacy </li></ul></ul><ul><li>Auditing </li></ul><ul><ul><li>Passive form of protection </li></ul></ul><ul><ul><li>Ex: Auditing of an active log </li></ul></ul>
  17. 17. Security Threats and protection Models SUBJECT OBJECT Data access or Information Flow SECURITY THREATS PROTECTION MODELS Interruption Interception Modification Authentication Authorization Fault-tolerance Fabrication Encryption Auditing
  18. 18. Section II Related Work
  19. 19. Cloud Computing [3] <ul><li>Cloud Computing = Virtual Centralization </li></ul><ul><li>The service and data maintenance is provided by some vendor </li></ul><ul><li>Client/customer has no control over: </li></ul><ul><ul><li>where the processes are running or </li></ul></ul><ul><ul><li>where the data is stored. </li></ul></ul><ul><li>Uses the internet as the communication media </li></ul><ul><li>Leading vendors, including Amazon, Google, IBM and Microsoft, have all released cloud computing capabilities for end users to make use of their services </li></ul><ul><ul><li>Ex: Amazon,storage services (S3), computing capacity in the elastic compute cloud (EC2) services and application services for e-commerce (AWS). </li></ul></ul>
  20. 20. Cloud Computing Security <ul><li>Vendor has to provide some assurance in service level agreements (SLA) to convince the customer on security issues. </li></ul><ul><li>Guaranteeing the security of corporate data in the &quot;cloud&quot; is difficult, as they provide different services </li></ul><ul><ul><li>Ex: Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS). </li></ul></ul><ul><li>The SLA is the only legal agreement between the service provider and client. </li></ul><ul><li>The only means the provider can gain trust of client is through the SLA, so it has to be standardized. </li></ul>
  21. 21. <ul><li>SLA has to describe different levels of security and their complexity based on the services to make the customer understand the security policies that are being implemented. </li></ul><ul><li>This paper, describe security issues that have to be included in SLA. </li></ul>
  22. 22. Service Level Agreement <ul><li>SLA should: </li></ul><ul><li>• Identify and define the customer’s needs </li></ul><ul><li>• Provide a framework for understanding </li></ul><ul><li>• Simplify complex issues </li></ul><ul><li>• Reduce areas of conflict </li></ul><ul><li>• Encourage dialog in the event of disputes </li></ul><ul><li>• Eliminate unrealistic expectations </li></ul>
  23. 23. How to standardize SLA’s <ul><li>Privileged user access </li></ul><ul><ul><ul><li>Sensitive data processed outside the enterprise – risk </li></ul></ul></ul><ul><ul><ul><li>Get as much information about the people who manage our data . </li></ul></ul></ul><ul><li>Regulatory compliance </li></ul><ul><ul><ul><li>Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider </li></ul></ul></ul><ul><ul><ul><li>Traditional service providers are subjected to external audits and security certifications . </li></ul></ul></ul><ul><ul><ul><li>Cloud computing providers who refuse to undergo this scrutiny are signaling that customers can only use them for the most trivial functions. </li></ul></ul></ul><ul><li>Recovery </li></ul><ul><ul><ul><li>Even if we don't know where your data is, a cloud provider should tell us what will happen to our data and service in case of a disaster . </li></ul></ul></ul><ul><ul><ul><li>Any offering that does not replicate the data and application infrastructure across multiple sites is vulnerable to a total failure. </li></ul></ul></ul>
  24. 24. Service-level threats and vulnerabilities
  25. 25. Service-level Solutions
  26. 26. Section III Future Work
  27. 27. Cloud Computing Security <ul><li>Security in cloud brings complexities that needs to be addressed: </li></ul><ul><li>Since multiple providers are involved in the cloud, SLA management is complex. </li></ul><ul><ul><li>In normal systems, SLAs are arrived at between a single provider and the consumer. </li></ul></ul><ul><ul><li>In a complex cloud transaction with multiple providers , how would SLAs be managed? </li></ul></ul><ul><li>(2) Data privacy is another serious concern. </li></ul><ul><ul><li>How would privacy concerns be addressed by enterprises which wished to store data in the cloud? </li></ul></ul><ul><ul><li>This could be further complicated by legislative compliance issues. </li></ul></ul><ul><li>(3) The ability to dynamically provision and de-provision security information is crucial for cloud providers, as enterprise consumers will have a constantly changing user base. </li></ul>
  28. 28. References <ul><li>[1] Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, Addison Wesley, 1997 </li></ul><ul><li>[2] Balachandra Reddy Kandukuri, Ramakrishna Paturi V, Dr. Atanu Rakshit “Cloud Security Issues”, IEEE International Conference on Services Computing, 2009 </li></ul><ul><li>[3] Abhijit Belapurkar, Anirban Chakrabarti, Harigopal Ponnapalli, Niranjan Varadarajan, Srinivas Padmanabhuni, Srikanth Sundarrajan, “Distributed Systems Security” Wiley, 2009 </li></ul><ul><li>[4] www.csd.uwo.ca/courses/CS457a/notes/ </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×