Presentation is loading. Please wait.

Presentation is loading. Please wait.

The importance of Time Synchronisation in Information Security

Published byAlexina Osborne Modified over 6 years ago

Similar presentations

Presentation on theme: "The importance of Time Synchronisation in Information Security"— Presentation transcript:

1 The importance of Time Synchronisation in Information Security
By James Read

2 Introduction Nearly all IT systems keep the time and have done since 1982. “Information Security” often relies on accurately keeping the time for a variety of reasons. Quality of security Audit Trails Transaction based systems

3 Examples 1 Distributed Systems
DFS's depend upon a synchronized clock to track changes to files. For process scheduling. Transaction accuracy. Legitimate System Use / Hackers Accurate time keeping leads to an accurate audit trail. Being able to follow the trail of a hacker will certainly lead to easier protection.

4 Examples 2 Scheduled tasks and transaction accuracy
Most budget motherboard system clocks are set by hand / generalized by machine. Most of them use cheap oscillator chips, which are not as accurate as you would think. It's estimated, that most retail desktop machine, system clocks drift by up to 2 seconds/day. IBM compatible system clocks often return the time to the nearest 1 second. Heavyweight IBM servers, running Z/OS, are capable of accuracy up to 244 pico seconds!

5 Examples 3

6 What are the issues? In distributed computing, as well as clusters, changing the time of the node becomes extremely risky and complex. Inaccurate system clocks have are likely to have knock-on effects. A clock that is hacked to drift, can easily allow hackers into networks. Inaccurate times can break cryptography.

7 Keeping time synchronized
Public external time server using NTP Specialized external time server Internal time server Dedicated and specialized local time hardware Specialized hardware on a machine basis, kept synchronized by alternative methods. GPS CDMA

8 Risk Analysis Look at the a potential problems that lack of time synchronization could cause. eg: Transaction accuracy Analyse each problem as part of a risk analysis. eg: Could cause horrendous concurrency errors Put steps into place to prevent these problems before they occur

9 Conclusion A risk analysis is required in any computer network that requires time synchronization. Prevention, in mission critical systems is always better than cure. The level of “synchronization system” required should be relative to the potential problems that a lack of synchronisation could cause .

10 Thank you for listening. I welcome any questions you may have.
End of Presentation Thank you for listening. I welcome any questions you may have.

Download ppt "The importance of Time Synchronisation in Information Security"

Similar presentations

NetPay provides best and effective solution for company Managers to maintain their employee scheduling task (including staff in/out details, overtime,

NetPay provides best and effective solution for company Managers to maintain their employee scheduling task (including staff in/out details, overtime,
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
NTP Time for iThingies A Network Time Protocol app. for iPhone and iPad Presented to TTSO8 on 2456765.63542 by Chris Douglass 1.

NTP Time for iThingies A Network Time Protocol app. for iPhone and iPad Presented to TTSO8 on by Chris Douglass 1.
Distributed Systems Fall 2010 Time and synchronization.

Distributed Systems Fall 2010 Time and synchronization.
Cluster Computing and Genetic Algorithms With ClusterKnoppix David Tabachnick.

Cluster Computing and Genetic Algorithms With ClusterKnoppix David Tabachnick.
Teaching material based on Distributed Systems: Concepts and Design, Edition 3, Addison-Wesley 2001. Copyright © George Coulouris, Jean Dollimore, Tim.

Teaching material based on Distributed Systems: Concepts and Design, Edition 3, Addison-Wesley Copyright © George Coulouris, Jean Dollimore, Tim.
SYSchange for z/OS By Pristine Software April 2009 Thomas Phillips April 2009 SYSchange Pristine Software.

SYSchange for z/OS By Pristine Software April 2009 Thomas Phillips April 2009 SYSchange Pristine Software.
Cmpt-225 Simulation. Application: Simulation Simulation  A technique for modeling the behavior of both natural and human-made systems  Goal Generate.

Cmpt-225 Simulation. Application: Simulation Simulation  A technique for modeling the behavior of both natural and human-made systems  Goal Generate.
5205 – IT Service Delivery and Support

5205 – IT Service Delivery and Support
1 Introduction To The New Mainframe Stephen S. Linkin Houston Community College ©HCCS & IBM® 2008 Stephen Linkin.

1 Introduction To The New Mainframe Stephen S. Linkin Houston Community College ©HCCS & IBM® 2008 Stephen Linkin.
Disaster Recovery Strategies & criteria for evaluation of information management strategies.

Disaster Recovery Strategies & criteria for evaluation of information management strategies.
Thanks to Silberschatz, Galvin and Gagne  2002 1.1 Operating System Concepts Chapter 1: Introduction n What is an Operating System? n Mainframe Systems.

Thanks to Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 1: Introduction n What is an Operating System? n Mainframe Systems.
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.

Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
COMPTUER CLUSTERING WITH LINUX-ON-CD Robert Ibershoff Computer Electronic Networking.

COMPTUER CLUSTERING WITH LINUX-ON-CD Robert Ibershoff Computer Electronic Networking.
Advanced Principles of Operating Systems (CE-403).

Advanced Principles of Operating Systems (CE-403).
Presentation by James Vu, Daniel Chang, Andrew Cheung, Vicky Sorto Sanchez HealTech.

Presentation by James Vu, Daniel Chang, Andrew Cheung, Vicky Sorto Sanchez HealTech.
E- Learning and Writing Skills IGGU 1101 Operating System Windows Dr. Sana’a Wafa Al-Sayegh.

E- Learning and Writing Skills IGGU 1101 Operating System Windows Dr. Sana’a Wafa Al-Sayegh.
Distributed database system

Distributed database system
 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.

 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.
EPICS EPICS Collaboration Meeting Argonne National Laboratory drvTS improvements for soft timing EPICS Collaboration Meeting Argonne National Laboratory.

EPICS EPICS Collaboration Meeting Argonne National Laboratory drvTS improvements for soft timing EPICS Collaboration Meeting Argonne National Laboratory.

Similar presentations

Ads by Google