Computer Computer Science Science 425 425 Distributed Distributed Systems Systems Fall Fall 2009 2009 Lecture 26 Security in Distributed Systems Klara Nahrstedt Acknowledgement Acknowledgement The slides during this semester are based on ideas and material from the following sources Slides prepared by Professors M Harandi J Hou I Gupta N Vaidya Y Ch Hu S Mitra Slides from Professor S Gosh s course at University o Iowa Administrative Administrative MP3 posted Deadline December 7 Monday pre competition Top five groups will be selected for final demonstration on Tuuesday December 8 Demonstration Signup Sheets for Monday 12 7 will be made available Main Demonstration in front of the Qualcomm Representative will be on Tuesday December 8 afternoon details will be announced HW4 posted Deadline December 1 2009 Tuesday Administrati Administrati ve ve MP3 Readme file must include Bootstraping routine how one install your system developers manuscript How one use your system usage prescription for users Known bugs what are the issues with your system application Tar or zip your source code and upload it to agora wiki URL Information will be provided on the web in class on newsgroup Fill out project template as specified Template Information will be provided on the web in class on newsgroup ISIS ISIS algorithm algorithm for for total total ordering ordering P2 1 Message 3 22 2P 1 3 Agreed Seq 1 2 P1 3 P3 eq S d se ropo P4 Napste Napste rr 2 All servers search their lists ternary tree algo Store peer pointers napster com Servers for all files S S S Peers P P 3 Response 1 Query P P P P Store their own files 4 ping candidates 5 download from best host Chord Chord client client to to Atclient node n send query for key k to largest successor finger entry k client if none exist return successor n to requestor Say m 7 0 N112 N16 All arrows are RPCs N96 N32 Who has bad mp3 hashes to K42 N80 N45 File bad mp3 with key K42 stored here Security Security Threats Threats Leakage An unauthorized party gains access to a service or data eavesdropping Attacker obtains knowledge of a withdrawal or account balance Tampering Unauthorized change of data tampering with a service Attacker changes the variable holding your personal checking total Vandalism Interference with proper operation without gain to the attacker Attacker does not allow any transactions to your account E g DOS denial of service More More Concerns Concerns Attacks on Communication Channel Network Eavesdropping Obtaining copies of messages without authority Masquerading Sending or receiving messages with the identity of another principal user or corporation Message tampering Intercepting messages and altering their contents before passing them onto the intended recipient Replaying Intercepting messages and sending them at a later time Denial of Service Attack flooding a channel or other resources e g port with messages Addressing Addressing the the Challenges Challenges Security Security Leakage An unauthorized party gains access to a service or data eavesdropping Confidentiality protection against disclosure to unauthorized individuals Tampering Unauthorized change of data tampering with a service Integrity protection against alteration or corruption Vandalism Interference with proper operation without gain to the attacker Availability protection against interference with the means to access the resources Security Security Policies Policies Mechanisms Mechanisms A Security Policy indicates which actions each entity user data service is allowed or prohibited to take E g Only an owner is allowed to make transactions to his account CIA properties A Security Mechanism enforces the policy Encryption and decryption transform data to a form only understandable by authorized users and vice versa Authentication verify the claimed identity of a user client service process etc Authorization verify access rights for an authenticated entity Auditing make record of and check access to data and resources Mainly an analysis tool to measure the success of security policies and mechanisms Designing Designing Secure Secure Systems Systems Make worst case assumptions about attackers exposed interfaces insecure networks algorithms and program code available to attackers attackers may be computationally very powerful Tradeoff between security and performance impact difficulty Typically design system to withstand a known set of attacks Designing Secure Systems Traditionally done as a layer on top of existing protocols Three phases Specification of Protocols for Security to satisfy a policy Analysis of Protocol Behavior when under attacks Effect on overall performance if there were no attacks Familiar Familiar Names Names for for Principals Principals in in Security Security Protocols Protocols Alice First participant Bob Second participant Carol Participant in three and four party protocols Dave Participant in four party protocols Eve Eavesdropper Mallory Malicious attacker Sara A server Two party Two party Communication Communication PairPair Pairwise wise Key keys secure two party wise Key Eve or communications Data confidentiality Data integrity Source authentication Mallory Eavesdrop modify Inject Bob Alice Key distribution center Sara Cryptography Cryptography Notations Notations KA Alice s secret key KB Bob s secret key KAB Secret key shared between Alice and Bob KApriv Alice s private key known only to Alice KApub Alice s public key published by Alice for all to read M K Typical Message M encrypted with key Typical MessageM signed with keyK M K Cryptograp Cryptograp Encoding encryption of a message that can only be read hy hy decryption by a key In shared key cryptography symmetric cryptography the sender and the recipient know the key but no one else does E g DES Data Encryption Standard 56 bit key operates on 64 bit blocks of data Notation KAB M How do Alice and Bob get the shared key KAB to begin with In public private key pairs messages are encrypted with a published public key and can only be decrypted by a secret Code for E D private decryption key E g RSA PGP keys at least 512 b long E K M M K Alice Encryption K E Encryption Plain Text M M K is open source hence known to attacker D K M K M Decryption Plain Text M Bob Decryption K D Authenticati Authenticati on on Use of cryptography to have two principals verify each others identities Direct authentication the server uses a shared secret key to authenticate the client Indirect authentication a trusted
View Full Document
Unlocking...