Download presentation
Presentation is loading. Please wait.
Published byToby Shields Modified over 9 years ago
1
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology
2
Outline Introduction to security Secure channels Access control Security management Example: electronic payment systems 22009-2010
3
Security concerns in distributed systems SECURE CHANNELS authentication message integrity confidentiality ACCESS CONTROL authorization
4
What are security threats ? (1) Interception: an unauthorized party has gained access to resource – communication between 2 parties has been overheard by someone else – data illegally copied after breaking into private directoty Interrupt: resources unavailable, unusable, destroyed,… – Denial of Service
5
What are security threats ? (2) Modification: unauthorized changing of data or tampering with a service so that it loses original specifications – changing program to log secretly user’s activities Fabrication: additional data or activity generated that would normally not exist – add an entry to password file
6
Security policy & security mechanisms Building a secure system is not to protect against all threats – First, security policies must be created Security policy = to describe which actions the entities are allowed to take and which ones are prohibited Security mechanism = to enforce security policies
7
Security mechanisms Encryption – hacker cannot understand (cryptography) – provide confidentiality, integrity Authentication – verify a claimed identity Authorization – check permissions (rights) to perform actions Auditing – trace clients’ access
8
Globus security
9
Design issues Focus of control – protection on data Data is protected against wrong or invalid operations Invocation Method State Object Operations can be performed, but main concern is data integrity
10
Design issues Focus of control – protection on invocation Data is protected against unauthorized invocations Invocation Method State Object Main concern is access control mechanisms
11
Design issues Focus of control – protection on user Data is protected by checking the role of invoker Invocation Method State Object Main concern is defining roles that users have
12
Design issues Layer of security mechanisms Application Middleware OS Services OS kernel Hardware Transport Network Datalink Physical Application Middleware OS Services OS kernel Hardware Transport Network Datalink Physical network low-level protocols high-level protocols Main concern is where security mechanisms are placed IDEA: TRUST depending on the trust a client has in how secure the services are in a particular layer
13
Trust on different layers SMDS Encryption device Different LANs trust each other, but do not trust SMDS Trust router (encryption device) If notUse SSL In distributed system, security mechanisms often placed in middleware
14
Design issues Distribution of security mechanisms Middleware-base distributed system trusts local OS it depends on – If not, part of functionality of OS must be integrated in distributed system Use the approach “Reduced Interfaces for Secure System Components” servers running secure services no direct access from other machines access control device
15
Design issues Simplicity Few, simple security mechanisms easily understood and trusted to work, the better it is – It is not easy in practice Applications are inherently complex, therefore security services, protocols should be simple
16
Cryptography Encryption method Plaintext, P Encryption key, E K Sender Decryption method Plaintext, P Decryption key, D K Receiver Ciphertext C=E K (P) Passive intruders only listen to C Active intruders can alter messages Active intruders can insert messages Symmetric cryptosystems: DES Public-key cryptosystems: RSA Hash functions: MD5
17
Secure channels Protecting clients and servers against – interception: ensureing confidentiality – modification, fabrication: mutual authentication and message integrity authentication and message integrity must go together Ex: A sends B a message m. A and B both authenticated, but how guaranteeing m is not modified
18
Authentication based on shared secret key ALICEALICE BOBBOB A RBRB K A,B (R B ) RARA K A,B (R A ) 1 2 3 4 5 Challenge-response protocol - R A, R B : challenge from A, B respectively - K A,B : secret key shared by A, B - Key distribution center can reduce number of keys - No longer used because defeated by reflection attack
19
Authentication based on public-key cryptography ALICEALICE BOBBOB K B + (A, R A ) K A + (R A,R B,K A,B ) K A,B (R B ) 1 2 3 -K A +, K A - : public and private keys of A respectively - K A,B : session key shared by A, B
20
Digital signatures Example: – Bob sells Alice an item with price $500 – Alice sends Bob an email to confirm – Two issues happen Alice needs to be sured Bob maliciously change to price to higher value Bob needs to be sures Alice cannot deny the price (preventing second thoughts) Require a signature associated with the email’s content
21
Digital signature using public-key Bob’s public key, K B + Alice’s private key, K A - m Bob’s private key, K B - Alice’s public key, K A + m Alice’s computerBob’s computer K B + (m, K A - (m))K A - (m)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.