Summary of Distributed Computing Security Yifeng Zou Georgia State University 2011.11.2.

Slides:

Advertisements

Similar presentations

Network Security Chapter 1 - Introduction.

Advertisements

Operating System Security

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Access Control Methodologies

SUMMARY OF INTER-PROCESS COMMUNICATION Chenguang Kong.

Fundamentals of Computer Security Geetika Sharma Fall 2008.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Applied Cryptography for Network Security

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Summary For Chapter 8 Student: Zhibo Wang Professor: Yanqing Zhang.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

© Synergetics Portfolio Security Aspecten.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński

Chapter 21 Distributed System Security Copyright © 2008.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Sensorweb Research Laboratory Georgia State University Fundamentals of Computer Security Song Tan Georgia State University.

Virtual Private Network Benefits Classification Tunneling technique, PPTP, L2TP, IPSec Encryption Technology Key Management Technology Authentication Settings.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Chapter 4 Using Encryption in Cryptographic Protocols & Practices.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

P ROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS. By Olumide Simeon Ogunnusi Shukor Abd Razak.

Security in Wireless Sensor Networks by Toni Farley.

Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking Author : Tommy Chin Jr., Xenia Mountrouidou, Xiangyang Li and Kaiqi.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Security. Cryptography (1) Intruders and eavesdroppers in communication.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan

History and Implementation of the IEEE 802 Security Architecture

Web Applications Security Cryptography 1

Install AD Certificate Services

Cryptography and Network Security

Security Mechanisms Network Security.

Presentation transcript:

Summary of Distributed Computing Security Yifeng Zou Georgia State University

Summary about distributed computer security issues discussed in chapter 8. Recent work in distributed computer security area. Potentially future work in distributed computer security area.

Why security? A distributed computer system can be described as a collection of clients and servers communicating by exchange of messages. System is running in an open environment Need to communicate with other heterogeneous systems

Security issues Access authorization One must be authorized to access the distributed computer system Message security Passing message confidentially between nodes using some cryptographic techniques Mutual authentication Two way authentication, both parties authenticate each other’s identity suitably

Categories of access authorization Discretionary access control Access control matrix (ACM) Implemented via access control list or capability list or both. pros and cons Mandatory access control Represented as information flow among communicating entities. Lattice model-information flow can be controlled by labeling communication entities. Bell-Lapadula model & Biba model

Cryptographic techniques private and public key systems Both provide integrity and authenticity of messages in addition to secrecy symmetric encryption: private key asymmetric encryption: private key & public key Implemented using intricate algorithm like RSA, DES. distributed authentication protocol Maintain three basic properties: authenticity, integrity, and freshness. mutual authentication protocol characterized by whether a third-party authentication server is assumed and by how the freshness of messages is guaranteed.

Recent work 1.Date Security management in distributed computer systems. From a system point of view it is possible to point out the following threats from distant stations in distributed computer system. The work stations approval mechanism of the users may be partial or non-existent. It is possible to carry out automation of the Login procedure. The work station may be installed in a public area or in a high risk area. The work station may activate strong utilities or development devices and thereby try to bypass the security mechanisms. In extreme cases the user may pretend to be another user and infiltrate the system.

The distributed security approach

software architecture The access security system software may operate at each of the network stations as an independent application. The various applications will receive the access security services via an access security interface which must be incorporated in each application where these services are required.

2. Distributed Network Security Management Using Intelligent Agents Introduced a novel architectures and mechanisms based on Intelligent Agents Technology in order to approach efficient, flexible, adaptable and effective solutions. focus on network intrusion detection systems and present two specific systems DIDS (Distributed Intrusion Detection System) and CSM (Co-operating Security managers). Basic distributed components like authentication, authorization, encryption and access control should be included in this intelligent agents.

A simple example diagram for IA

Future work Current encryption algorithm are sometimes expensive to execute and can be decrypted with some known information. A more efficient and secure algorithm is needed to achieve the security goal. Techniques to identify the eavesdropper in the communication network quickly and correctly. The intelligent agent is a good practice whereas it must introduced an third party monitor to the distributed computing system. And that monitor can be a potential secure issue in terms of system attack. As cloud computing has been widely used in recent years, the security issue becomes a harder problem since more computers in scattered locations join the system. Challenging work is proposed to ensure the safe communication among these endpoints.

References 1.R.Chow, T.Johnson. Distributed Operating system & Algorithm, Adi Armoni, “Data Security Management in Distributed Computer Systems”, Informing Science, Volume 5, K. Boudaoud; N. Agoulmine; J.N De Souza, “Distributed Network Security Management Using Intelligent Agents”, Mirtaheri S.L, Khaneghah E.M, Sharifi M, Azgomi M.A; “The influence of efficient message passing mechanisms on high performance distributed scientific computing”, Parallel and distributed Processing with Applications: , Naqvi, S.; Riguidel, M., “Security architecture for heterogeneous distributed computing systems”, security technology, 38 th international conference, Edara, U.R.; Subramanian, N.; Dwivedi, M.; Sinha, A., “A system for security assessment grid environment”, 2010 IEEE 4 th international conference, pages:1—6, 2010.

Thanks