Real-Time & MultiMedia Lab Chapter:8 Security RTMM Lab Kyung Hee Univ. Distributed System.

Slides:



Advertisements
Similar presentations
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology
Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Katz, Stoica F04 EE 122: (More) Network Security November 5, 2003.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Security Strategies for securing Distributed Systems
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Security Chapter 8.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Distributed Systems Principles and Paradigms Chapter 08 Security 01 Introduction 02 Communication 03 Processes 04 Naming 05 Synchronization 06 Consistency.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Digital Signatures, Message Digest and Authentication Week-9.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Information Security in Distributed Systems Distributed Systems1.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
CS 6401 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Basics of Cryptography
Security Outline Encryption Algorithms Authentication Protocols
Computer Communication & Networks
9.2 SECURE CHANNELS Medisetty Swathy.
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
CDK: Chapter 7 TvS: Chapter 9
Public-Key, Digital Signatures, Management, Security
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Presentation transcript:

Real-Time & MultiMedia Lab Chapter:8 Security RTMM Lab Kyung Hee Univ. Distributed System

Real-Time & MultiMedia Lab Motivation 1. Social implications Do you still trust –Your bank –Your doctor 2. Economical implications –Your company loose credit 3. Legal implication –Your company in front of a court

Real-Time & MultiMedia Lab Outline 1.Introduction 2.Cryptography 3.Secure Channel 4.Access Control 5.Security Management 6.Examples

Real-Time & MultiMedia Lab Introduction Security in distributed system is generally similar to techniques used in a non- distributed system, but much more difficult to implement Difficult to get right, impossible to get perfect!

Real-Time & MultiMedia Lab Security Threats Interception – unauthorized access to data. Interruption – a service becomes unavailable. Modification – unauthorized changes to, and tampering of, data. Fabrication – non-normal, additional activity.

Real-Time & MultiMedia Lab Security Requirements Authentication: ensures that sender and receiver are who they are claiming to be Data integrity: ensure that data is not changed from source to destination Confidentiality: ensures that data is read only by authorized users Non-repudiation: ensures that the sender has strong evidence that the receiver has received the message, and the receiver has strong evidence of the sender identity –The sender cannot deny that it has sent the message and the receiver cannot deny that it has received the message

Real-Time & MultiMedia Lab Security Mechanisms Encryption –Transform data into something that an attacker cannot understand (confidentiality) –Check whether something has been modified (integrity) Authentication –Verify the identity of a subject Authorization – determine if a subject is permitted to request service Auditing – trace subjects and requests can help catch an attacker

Real-Time & MultiMedia Lab Key Point Matching security mechanisms to threats is only possible when a Policy on security and security issues exists. Security Policy: Prescribes how to use mechanisms to protect against attacks. Requires that a model of possible attacks is described

Real-Time & MultiMedia Lab Cryptography(1) Intruders and eavesdroppers in communication.

Real-Time & MultiMedia Lab Cryptography(2) Symmetric system (secret key cryptography): Use a single key to encrypt the plaintext and decrypt the ciphertext. sender and receiver share the secret key e.g. Data Encryption Standard (DES) Asymmetric system (public key cryptography): Use different keys for encryption and decryption one is private, the other public e.g. RSA algorithm Hashing system (message digest): Only encrypt data and produce a fixed-length digest There is no decryption; only comparison is possible e.g. MD5

Real-Time & MultiMedia Lab Data Encryption Standard (DES) DES encrypts a 64-bit block of plain text using a 56-bit key Three phases 1.Permute the 64 bits in the block 2.Apply a given operation 16 times on the 64 bits 3.Permute the 64 bits using the inverse of the original permutation Round 1 Round key 1 st phase IP(input) 3 rd phase IP -1 (input) 2 nd phase

Real-Time & MultiMedia Lab 2 nd Phase: Operation In Each Round Original Key K is 56 bits 16 rounds Each round i select a 48 bit key K i from the original 56 bit key K. Perform (F is a given function): + F KiKi L i-1 R i-1 LiLi RiRi

Real-Time & MultiMedia Lab Encrypting Larger Messages Initialization Vector (IV) is a random number generated by sender and sent together with the ciphertext + Block 1 Cipher 1 DES + Block 2 DES + Block 3 DES + Block 4 DES Cipher 2 Cipher 3 Cipher 4 IV

Real-Time & MultiMedia Lab DES Properties Provide confidentiality –No mathematical proof, but practical evidence suggests that decrypting a message without knowing the key requires exhaustive search –To increase security use triple-DES, i.e., encrypt the message three times

Real-Time & MultiMedia Lab Public-Key Cryptography: RSA (Rivest, Shamir, and Adleman) Generating Public and Private Keys Choose two large prime numbers p and q (~ 256 bit long) and multiply them: n = p*q Chose encryption key e such that e and (p-1)*(q-1) are relatively prime Compute decryption key d, where – d = e-1 mod ((p-1)*(q-1)) –(equivalent to d*e = 1 mod ((p-1)*(q-1))) Public key consist of pair (n, e) Private key consists of pair (n, d)

Real-Time & MultiMedia Lab RSA Encryption and Decryption Encryption of message block m: –c = m e mod n Decryption of ciphertext c: –m = c d mod n e.g. choose p=7 & q=11

Real-Time & MultiMedia Lab Properties Confidentiality A receiver B computes n, e, d, and sends out (n, e) –Everyone who wants to send a message to A uses (n, e) to encrypt it How difficult is to recover d ? (Someone that can do this can decrypt any message sent to B!) Recall that d = e -1 mod ((p-1)*(q-1)) So to find d, you need to find primes factors p and q –This is provable very difficult

Real-Time & MultiMedia Lab Message Digest (MD) 5 Can provide data integrity and non-repudation –Used to verify the authentication of a message Idea: compute a hash on the message and send it along with the message Receiver can apply the same hash function on the message and see whether the result coincides with the received hash

Real-Time & MultiMedia Lab Message Digest Operation Transformation contains complex operations 512 bits Message (padded) 128 constant Transformation... Message digest

Real-Time & MultiMedia Lab MD5: Operation in each round The 16 iterations during the first round in a phase in MD5.

Real-Time & MultiMedia Lab Applications of Cryptography Two Major Issues in DS Security Secure communications between parties. Authorization. Note that authentication and message integrity as technologies rely on each other Secure channels protect against (protected by): Interception (confidentiality). Modification (auth. and integrity). Fabrication (auth. and integrity). Authentication Message Integrity Confidentiality

Real-Time & MultiMedia Lab Authentication Authentication based on a shared secret key –A, B: sender and receiver identities –K A,B : shared secret key –R A,R B : random numbers exchanged by A and B to verify identities Alice Bob A 1 RBRB 23 K A,B (R B ) RARA 4 5 K A,B (R A )

Real-Time & MultiMedia Lab “Optimization” Is this authentication protocol secure? Alice Bob A, R A 1 2 R B, K A,B (R A ) 3 K A,B (R B )

Real-Time & MultiMedia Lab Reflection Attack An attacker (Chuck) can fool Bob in believing that he is Alice! Chuck A, R C 1 2 R B, K A,B (R C ) Alice Bob A, R B 3 4 R B2, K A,B (R B ) 2 nd session 1 st session 5 K A,B (R B ) 1 st session

Real-Time & MultiMedia Lab Authentication using KDC (Basic Protocol) KDC – Key Distribution Center Maintain only N keys in the system: one for each node Alice Bob A, B 1 KDC (generates K A,B ) 2 K A,KDC (K A,B )K B,KDC (K A,B ) 2

Real-Time & MultiMedia Lab Authentication using KDC (Ticket Based) No need for KDC to contact Bob Alice Bob A, B 1 KDC 2 K A,KDC (K A,B ), 3 K B,KDC (K A,B ) A, K B,KDC (K A,B ) Vulnerable to replay attacks if Chuck gets hold on K B,KDC old

Real-Time & MultiMedia Lab Authentication using KDC (Needham-Schroeder Protocol) Relate messages 1 and 2: use challenge response mechanism R A1, R A2, R B : nonces –Nonce: random number used only once to relate two messages Alice Bob R A1,A,B 1 KDC 2 K A,KDC (R A1,B,K A,B, K B,KDC (A,K A,B )) 3 K A,B (R A2 ), K B,KDC (A, K A,B ) 4 K A,B (R A2 -1, R B ) 5 K A,B (R B -1) Vulnerable to replay attacks if Chuck gets hold on K A,B

Real-Time & MultiMedia Lab What if R A1 is Missing? Assume Chuck intercepted –K A,KDC (B,K A,B, K B,KDC old (A,K A,B )) –Knows K B,KDC old Bob (K B,KDC ) A,B 1 KDC Alice 3 K A,B (R A2 ), K B,KDC old (A, K A,B ) 4 K A,B (R A2 -1, R B ) 5 K A,B (R B -1) Chuck (K B,KDC old ) 2 K A,KDC (B,K A,B, K B,KDC old (A,K A,B )) (replayed message) Here Chuck gets K A,B !

Real-Time & MultiMedia Lab What if B is Missing from Message 2? Assume Chuck intercepts message 1 Alice Bob (K B,KDC ) R A1,A,B 1 KDC 2 K A,KDC (R A1,K A,C, K C,KDC (A,K A,C )) 3 K A,C (R A2 ), K C,KDC (A, K A,C ) 4 K A,C (R A2 -1, R B ) 5 K A,C (R B -1) Chuck (K B,KDC old ) R A1,A,C Here Chuck gets K A,C !

Real-Time & MultiMedia Lab What if Chuck gets K A,B old ? Assume Chuck intercepted –K A,B (R A2 ), K B,KDC,(A,K A,B ) –Knows K A,B old Alice Bob R A1,A,B 1 KDC 2 K A,KDC (R A1,B,K A,B, K B,KDC (A,K A,B )) 3 K A,B old (R A2 ), K B,KDC (A, K A,B old ) 4 K A,B old (R A2 -1, R B ) 5 K A,B old (R B -1) (replayed message) Chuck (K A,B old )

Real-Time & MultiMedia Lab Defend Against leaking of K A,B Message 5 (former 3) contains an encrypted nonce (K B,KDC (R B1 )) provided by Bob Chuck can no longer replay message 4 (former 3) Alice Bob R A1,A,B, K B,KDC (R B1 ) 3 KDC 4 K A,KDC (R A1,B,K A,B, K B,KDC (A,K A,B,R B1 )) 5 K A,B (R A2 ), K B,KDC (A, K A,B,R B1 ) 6 K A,B (R A2 -1, R B2 ) 7 K A,B (R B2 -1) A 1 2 K B,KDC (R B1 )

Real-Time & MultiMedia Lab Authentication Using Public-Key Crypthography K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B (R B )

Real-Time & MultiMedia Lab More on Secure Channels In addition to authentication, a secure channel also requires that messages are confidential, and that they maintain their integrity. For example: Alice needs to be sure that Bob cannot change a received message and claim it came from her. And Bob needs to be sure that he can prove the message was sent by/from Alice, just in case she decides to deny ever having sent it in the first place. Solution: Digital Signing.

Real-Time & MultiMedia Lab Digital Signatures Digital signing a message using public-key cryptography. This is implemented in the RSA technology. Note: the entire document is encrypted/signed - this can sometimes be a costly overkill.

Real-Time & MultiMedia Lab Digital Signature Digests Digitally signing a message using a message digest. Message is sent as plaintext. However, the digest can be used to assure Bob of message integrity.

Real-Time & MultiMedia Lab 8.3 Access Control "The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable". The art of war, Sun Tzu

Real-Time & MultiMedia Lab General Issues in Access Control Controlling an access to an object is all about protecting the object against invocations by subjects that are not allowed to have specific method carry out. Also, protection may include the object management issues, such as creating, renaming, or deleting objects. Protection is often enforced by reference monitor. A reference monitor records which subject may do what and decides whether subject allowed to have specific operation carried out. Subject Object Reference Monitor Request for operation Authorized Request

Real-Time & MultiMedia Lab Access Control Matrix A common approach to modeling the access rights of subjects with respect to objects, is to construct an access control matrix. Each subject is represented by a row in this matrix. Each object is represented by a column. If a Matrix is denoted ‘M’, then an Entry M [ s, o] lists precisely which operation subjects s can request the invocation of method ‘m’ of a object ‘o’. Problem: –For large environment, where we have thousands of users and millions of objects that require protection, implementing Access control matrix is not efficient. –Many entries in the matrix will be empty: a single subject will generally have access to relatively few objects.

Real-Time & MultiMedia Lab Access Control Matrix (2) Two Techniques 1.Access Control List (ACL): in which each object maintain a list of the access rights of subjects that want to access the object. Matrix is distributed column-wise across all objects, and that empty entries are left out. Each object has its own ACL. 2.Capabilities: in which, distribute the matrix row –wise by giving each subject a list of capabilities it has for each object. In other words, a capability corresponds to an entry in the access control matrix. Not having the capability for a specific object means that subject has no access rights for the object.

Real-Time & MultiMedia Lab Access Control Matrix (3) Ref:

Real-Time & MultiMedia Lab Access Control Matrix (4) Fig: Using ACL Server Client Create access request r as subject s ACL Object if (s appear in ACL) if (r appear in ACL [s]) grant access; Fig: Using Capabilities Server Client Create access request r for object o Pass capability Object if (r appear in C) grant access;

Real-Time & MultiMedia Lab Protection Domains ACLs and capabilities help on efficiently implementing an access control matrix by ignoring all empty entries. Nevertheless, an ACL or capability list can still become quite large if no further measures are taken. One general way to reducing ACLs is to make use of “protection domain”. One approach to create “protection domain” is the formation of “groups”. Most common technique for forming a group is “hierarchical approach”

Real-Time & MultiMedia Lab Protection Domains Hierarchical Approach: –Advantage: managing group membership is relatively easy and that very large groups can be constructed efficiently. –Disadvantage: looking up a member can be quite costly if the membership database is distributed. –Alternative Approach: Instead of letting the reference monitor do all the work, an alternative is to let each subject carry a “certificate” listing the groups it belongs to. Whenever subject sends request, he handover the certificate to the reference monitor. It order to ensure that certificate is genuine digital signature mechanism is used.

Real-Time & MultiMedia Lab Firewalls Firewall is the special kind of reference monitor, which has capability to disconnects any part of distributed system from the outside world. All the outgoing and specially incoming packets are routed through special computer and inspected before they are passed. Unauthorized traffic is discarded and not allowed to continue.

Real-Time & MultiMedia Lab Limitations of Firewalls These are not capable of providing granular access control in which just part of application functionality is opened to specific group of users. Does not provide integrity or confidentiality. Do not predict or record suspicious activity, nor do they send alerts/alarms unless they are bundled with an IDS.

Real-Time & MultiMedia Lab Packet Filtering Firewalls Packet Filtering Firewalls: Examining packet header and make a decision based on rules e.g. protocol, Source address / destination address, Source port / destination port, etc Advantages: –Conceptually Simple – Higher Performance – More transparent Disadvantages –Difficulty of setting up packet filter rules –Lack of Authentication

Real-Time & MultiMedia Lab Application level Gateways Firewalls Application level Gateways: Examining contents of all incoming an outgoing packets. Typical example is mail gateway. Advantages –More rigorous security –Less Transparent –Better Control Disadvantages –Additional processing overhead on each connection

Real-Time & MultiMedia Lab Secure Mobile Code An important development in modern distributed systems is the ability to migrate the code between hosts instead of just migrating passive data. However mobile code introduces a number of serious security threads such as –How to protect agents from malicious hosts that try to steal or modify information carried by agent? –How to protect hosts against malicious agents?

Real-Time & MultiMedia Lab Protecting an Agent (1) Scenario # 1 –Consider a mobile agent that is roaming a distributed system on behalf of a user. –Such a agent may be searching for the cheapest airplane ticket from Seoul to Karachi, and has been authorized by its owner to make the reservation as soon as it found a flight. –For this purpose, the agent may carry an electronic card. Security Concerns: –When ever the agent moves to a host, that host should not be allowed to steal the agent’s credit card information. –Agent should be protected against the modifications that make the owner pay much more than actually is needed.

Real-Time & MultiMedia Lab Protecting an Agent (2) Unfortunately, fully protecting an agent against all types of attacks is impossible. This impossibility is primarily caused by the fact that no hard guarantees can be given that a host will do what it promises. Alternative Approach: is to organize agents in such a way that modification can be at least detected. This approach has been followed in Ajanta system (Karnik and Tripathi, 2001) Ajanta provides 3 mechanisms through which agent owner can be able to detect modifications. 1.Read only state 2.Append only logs and 3.Selective revealing of state to certain servers

Real-Time & MultiMedia Lab Protecting an Agent (3) Read Only State: of Ajanta agent consist of a collection of data items that is signed by the agent’s owner. Signing take place at the time when agent constructed and initialized before it is send off to other hosts. The owner first construct the message digest, which is subsequently encrypt with it private key. When the agent arrives at a host, the host can easily detect whether the read only state has been tampered with the verifying state against the signed message digest of the original state.

Real-Time & MultiMedia Lab Protecting an Agent (4) Append Only Logs: allow an agent to collect information while moving between hosts. These logs are characterized by the fact that data can only be appended to the logs; there is no way that data can be removed or modified without the owner being able to detect this. Initially the log is empty and has only an associated checksum owner C init calculated as C init = K + owner (N), K + owner is the public key of agent’s owner, and N is a secret nonce known only to owner. When the agent moves to the server S that wants to hand it some data X, S append X to the log then signs X with its sig(S,X) and calculates a checksum: Cnew = K + owner (C old, sig (S, X), S) where C old is the checksum used previously. When the agent comes back to its owner, the owner can easily verify whether the log has been tampered with.

Real-Time & MultiMedia Lab Protecting an Agent (5) Ajanta supports Selective revealing of state by providing an array of data items, where each entry is intended for a designated server. Each entry is encrypted with the designated server’s public key to ensure confidentiality. The entire array is signed by the agent’s owner to ensure integrity of the array as a whole. If any entry is modified by a malicious host, any of the designated servers will notice and can take appropriate action.

Real-Time & MultiMedia Lab Protecting the Target (1) One approach used for protection is “Sand Box”. Sand box is a technique by which a downloaded program is executed in such a way that each of its instructions can be fully controlled. If an attempt is made to execute an instruction that has been forbidden by the host, execution of the program will be stopped.

Real-Time & MultiMedia Lab Protecting the Target (2) The organization of a Java sandbox. 8-27

Real-Time & MultiMedia Lab 8.4 Security Management

Real-Time & MultiMedia Lab Key Establishment Scenario # 1 : By using Public Key Scheme Pre-requisites: –Both parties knows each other public key. Scenario # 2 : By using Shared Secret Key 1. Established Secure Channel 2. Generate session key and return it to Aliceby using her public key Alice Bob 1. Start secure communication

Real-Time & MultiMedia Lab Key Establishment: Public Key Cryptosystem An elegant and widely applied scheme for establishing a shared secret key across insecure channel, is Diffie-Hellman key exchange. 1.First they agree on two large numbers, ‘n’ and ‘g’ that are subject to a number of mathematical properties 2. Both n and g can be made public; there is no need to hide them from outsiders 3. Alice picks a large random number, say x, which she keeps secret 4. Similarly Bob picks a large random number, say y, which he keeps secret 5. Alice starts sending “g x mod n” to Bob along with “n”, “g”. 6.When Bob receive the msg, then he calculate “g xy mod n”. In addition he sends “g y mod n” to Alice, who can compute g xy mod n. 7. Now Alice and Bob have shared secret key g xy mod n. Eavesdropper

Real-Time & MultiMedia Lab Secret Key Distribution (1) In symmetric cryptosystem, the initial shared key must be communicate along a secure channel that provides authentication and confidentiality. If there is no key available to Alice and Bob to setup such a secure channel, it is necessary to distribute the key out-of-band.

Real-Time & MultiMedia Lab Public Key Distribution (2) In public cryptosystem, we need to distribute the public key in such a way that the receivers can be sure that the key is indeed paired to a claimed private key. In practice, public key distribution take place by means of public key certificates.

Real-Time & MultiMedia Lab Digital Certificates: Samples

Real-Time & MultiMedia Lab Secure Group Management (1) Many security systems make use of special services such as Key Distribution Centers (KDCs) or Certification Authorities (CAs). These services demonstrate a difficult problem in distributed systems –In the First place, they must be trusted. To Enhance the trust in security services, it is necessary to provide a high degree of protection against all kinds of security threats. e.g. as soon as CA has compromised, it becomes impossible to verify the validity of public key. –It must offer high availability. For example, in the case of KDC, each time two process want to setup a secure channel, at least one of them will need to contact the KDC for shared secret key. If the KDC is not available, secure communication cannot be established unless an alternative approach for key distribution is available. The solution for high availability is “replication”

Real-Time & MultiMedia Lab Secure Group Management (2) Problem: – How to actually manage a group of replicated servers. –The problem that needs to be solved is to ensure that when a process asks to join group G, the integrity of the group is not compromised. Solution: –A Group G is assumed to use secret key CK G shared by all group members for encrypting group messages. –In addition it also uses a public and private key pair (K G +, K G - ) for communication with non-group members. –When a process P wants to join th group G, it sends the join request JR identifying G, P, P’s local time T, a generated reply pad RP, and generated secret key K P,G. –RP and K P,G are jointly encrypted using groups public key K G +. –The joined request JR is signed by P, and is send along with a certificate containing P’s public key.

Real-Time & MultiMedia Lab Secure Group Management (3) When a group member Q receives such a joined request, it first authenticates P, after which communication with other group members takes place to see whether P can be admitted as a group member. Authentication of P takes place in the usual way by means of certificate.

Real-Time & MultiMedia Lab Authorization Management Managing security in distributed systems is also concerned with managing access rights. Most common technique for defining access rights is “capabilities”. Different implementations of capabilities exist. Here I will given you the implementation technique of “capabilities” that is used in “Amoeba operating system.” “Amoeba” is one of the first object-based distributed systems.

Real-Time & MultiMedia Lab Amoeba Capabilities When a object is created, its server picks a random check field and stores it both in the capability as well as internally in its own table. All the right bits in new capability are initially on, and it is this owner capability that is return to client. When the capability is sent back to server in a request to perform an operation, the check field is verified. A “capability” is 128-bit identifier. 48 bits24 bits8 bits48 bits Server portObjectRightsCheck

Real-Time & MultiMedia Lab Restricted Capabilities To create restricted capability, a client can pass a capability back to the server, along with a bit mask for the new rights. The server takes the original check field from its tables, XORs it with the new rights, and then runs the result through a one-way function. The server then creates a new capability, with the same value in the object field, but with the new rights field and the output of one-way hash value in the check field. The new capability is then return back to the caller. The client may send this new capability to another process.

Real-Time & MultiMedia Lab Attribute Certificates A generalization of capabilities that is used in modern distributed systems is the attribute certificate. Attribute certificates can be used to list the access rights that the holder of a certificate has with respect to the identified resources. Attributed certificates are handed out by special certification authorities, called attribute certification authorities.

Real-Time & MultiMedia Lab Delegation (1) Delegation: is the process of passing access rights from one process to another process. Advantage: –It become easier to distribute work between several processes without adversely affecting the protection of resources. There are several ways to implement delegation. A general approach is the use of proxy. A proxy in the context of security in CS, is a token that allows it owner to operate with the same or restricted rights and privileges as the subject that granted the token. A process can create a proxy with at best the same rights and privileges it has itself.

Real-Time & MultiMedia Lab Neuman’s Scheme for Proxy A proxy in Neuman’s scheme has two parts. 1.Let A be the process that create proxy. The first part of the proxy is a set C={R, S + proxy }, consisting of a set R of access rights that have been delgated by A, along with the publicly known part of a secret that is used to authenticate the holder of the certificate. The certificate carries signature sig (S, A) of A, to protect against modifications. 2.2 nd part contains the other part of the secret, denoted as S - proxy is protected against disclosures when delegating rights to another process.

Real-Time & MultiMedia Lab Delegation (2) Using a proxy to delegate and prove ownership of access rights.

Real-Time & MultiMedia Lab 8.5 Example: Kerberos (1)

Real-Time & MultiMedia Lab Example: Kerberos (2) Authentication in Kerberos.

Real-Time & MultiMedia Lab Example: Kerberos (3) Setting up a secure channel in Kerberos.

Real-Time & MultiMedia Lab Home Assignment Read following Examples by your self –8.6 SEAME : Secure European System for Application in a Multi-vendor Environment. –8.7 Electronic Payment System

Real-Time & MultiMedia Lab 8.8 Summary Security plays a an extremely important role in distributed systems. Three important issues has been discussed 1.How distributed system should offer facilities to establish secure channels between processes. 2.How can we implement access control or authorization. 3.How can we perform security management such as key management and authorization management.

Real-Time & MultiMedia Lab Any Questions? This chapter is presented by Weiwei & Riaz

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.