Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security, Accounting, and Assurance Mahdi N. Bojnordi 2004

Published byNorman McGee Modified over 9 years ago

Similar presentations

Presentation on theme: "Security, Accounting, and Assurance Mahdi N. Bojnordi 2004"— Presentation transcript:

1 Security, Accounting, and Assurance Mahdi N. Bojnordi 2004 mnbojnordi@yahoo.com

2 Overview Requirements Requirements What is expected from grids nowadays? What is expected from grids nowadays? Technologies Technologies Which are developed to provide the security. Which are developed to provide the security. Current Practice Current Practice Existing implementation of security services. Existing implementation of security services. Future Directions Future Directions What is met by existing technologies insufficiently? What is met by existing technologies insufficiently?

3 Requirements Authentication Authentication The process of verifying the identity of a participant. The process of verifying the identity of a participant. A verified entity called principal (e.g. user logged into system). A verified entity called principal (e.g. user logged into system). Authority to use delegation of identity. Authority to use delegation of identity. Authorization Authorization The process determining whether a particular operation is allowed. The process determining whether a particular operation is allowed. Supporting delegation of authority. Supporting delegation of authority.

4 Requirements (cont’d) Assurance Assurance A form of authorization validating the authority of service provider (i.e. accreditation). A form of authorization validating the authority of service provider (i.e. accreditation). Allow the requester to decide whether a system is secure, reliable, etc. Allow the requester to decide whether a system is secure, reliable, etc. Accounting Accounting A means to manage the quotas. A means to manage the quotas.

5 Requirements (cont’d) Audit Audit Records what have been performed by a system on behalf of a principal. Records what have been performed by a system on behalf of a principal. Integrity and Confidentiality Integrity and Confidentiality Correct functioning of applications on the network. Correct functioning of applications on the network. Optional Security Services Optional Security Services Is all the described requirements needed for our system? Is all the described requirements needed for our system?

6 Technologies Cryptography Cryptography The most basic technology for distributed system security. System is conditioned on secrecy of key. The most basic technology for distributed system security. System is conditioned on secrecy of key. Symmetric & Asymmetric methods Symmetric & Asymmetric methods

7 Technologies (cont’d) Authentication Authentication There is several authentication methods including assertion, passwords, encryption-based protocols. There is several authentication methods including assertion, passwords, encryption-based protocols. Certification Certification Provides binding between a particular key and a principal. Provides binding between a particular key and a principal. This binding certified by a Certification Authority. This binding certified by a Certification Authority.

8 Technologies (cont’d) Distributed Authorization & Assurance Distributed Authorization & Assurance Privilege attribute certificates or assurance credentials. Privilege attribute certificates or assurance credentials. Accounting Accounting Distributed database Distributed database Intrusion Detection & Auditing Intrusion Detection & Auditing www.cert.org/archive/pdf/IEEE_IDS.pdf www.cert.org/archive/pdf/IEEE_IDS.pdf www.cert.org/archive/pdf/IEEE_IDS.pdf

9 Current Practice File Encryption, Email, and Public-Key Auth. File Encryption, Email, and Public-Key Auth. Pretty Good Privacy (PGP) Pretty Good Privacy (PGP) http://www.pgp.com http://www.davidyaw.com/crypto/PGP.pdf http://www.davidyaw.com/crypto/PGP.pdf http://www.davidyaw.com/crypto/PGP.pdf http://www.pgpi.org/cgi/download.cgi?filename=p gpsrc658win32.zip http://www.pgpi.org/cgi/download.cgi?filename=p gpsrc658win32.zip http://www.pgpi.org/cgi/download.cgi?filename=p gpsrc658win32.zip http://www.pgpi.org/cgi/download.cgi?filename=p gpsrc658win32.zip Secure Sockets Layer & Transaction-Level Sec. Secure Sockets Layer & Transaction-Level Sec. Embedded in most Web browser Embedded in most Web browser

10 Current Practice (cont’d) Kerberos

11 Current Practice (cont’d) IPSec, IPv6, and Virtual Private Networks IPSec, IPv6, and Virtual Private Networks Disabling sniffers Disabling sniffers Firewalls Firewalls A barrier at the boundary A barrier at the boundary

12 Future Directions Group Communication Group Communication Better ways needed Better ways needed Distributed Accounting Distributed Accounting NetCheque NetCheque

13 Thank you

Download ppt "Security, Accounting, and Assurance Mahdi N. Bojnordi 2004"

Similar presentations

Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Authentication & Kerberos

Authentication & Kerberos
Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Introduction to Cryptography

Introduction to Cryptography
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Security Issues in Grid Computing Reading: Grid Book, Chapter 16: “Security, Accounting and Assurance” By Clifford Neuman.

Security Issues in Grid Computing Reading: Grid Book, Chapter 16: “Security, Accounting and Assurance” By Clifford Neuman.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
6/3/2015topic1 Web Security Qiang Yang Simon Fraser University Thanks: Francis Lau (HKU)

6/3/2015topic1 Web Security Qiang Yang Simon Fraser University Thanks: Francis Lau (HKU)

Similar presentations

Ads by Google