CTIS 490 DISTRIBUTED SYSTEMS

1
CTIS 490DISTRIBUTED SYSTEMS

• WEEK 6
• DISTRIBUTED SYSTEMS
• SECURITY

2
INTRODUCTION

• Security plays an extremely important role in
  distributed systems.
• A distributed system should provide the
  mechanisms that allow a variety of different
  security policies to be enforced.
• There are three important issues related to
  distributed systems security
• A distributed system should offer facilities to
  establish secure channels between processes. A
  secure channel provides the means to mutually
  authenticate the communicating parties and
  protect messages against tampering during their
  transmission.

3
INTRODUCTION

• A distributed system should offer facilities for
  authorization and access control. Authorization
  deals with protecting resources in such a way
  that only processes that have proper access
  rights can use the resources. Related to access
  control is firewalls, mobile code, and
  denial-of-service attacks.
• A distributed system should offer facilities for
  security management dealing with key management
  and authorization management.

4
INTRODUCTION

• Information security is the process of protecting
  data from unauthorized access, disclosure,
  destruction, modification, and interruption.
• The generic name for the collection of tools
  designed to protect data and stop hackers is
  called computer security.
• Network security protects data during its
  transmission and guarantees that it is authentic.

5
SECURITY POLICY

• Simply stating that a distributed system should
  be able to protect itself against all possible
  security threats is not the way to build a secure
  system.
• What is first needed is a description of security
  requirements, which is called a security policy.
• A security policy describes precisely which
  actions the entities in a system are allowed to
  take and which ones are prohibited.
• Entities include users, services, data, etc.

6
SECURITY POLICY

• Protection of data to ensure data integrity.

7
SECURITY POLICY

• Protection by specifying which operations may be
  invoked by whom.

8
SECURITY POLICY

• Protection by specifying roles. Based on the
  role, access to resource either granted or denied.

9
LAYERING OF SECURITY
10
LAYERING OF SECURITY

• Switched Multi-Megabit Data Service (SMDS)
  Datalink Level communications service connecting
  various LANs.
• Secure Socket Layer (SSL) Transport Level
  communications service.

11
SECURITY REQUIREMENTS

• Confidentiality Requires that data be
  accessible only by authorized parties. This type
  of access includes printing, displaying, and
  other forms of disclosure.
• Integrity Requires that only authorized parties
  can modify data. Modification includes writing,
  deleting, and creating.
• Authenticity (and also Non-repudiation)
  Requires that a host or service be able to verify
  the identity of a user. Ensures that the sender
  has strong evidence that the receiver has
  received the message, and the receiver has strong
  evidence of the sender identity.
• Availability Requires that data be available to
  authorized parties.

12
SECURITY ATTACKS

• Interception (eavesdropping) unauthorized party
  gains access to service or data. For example,
  communication between two parties has been
  overheard or illegal copying of file.
• Interruption (denial of service) services or
  data become unavailable. For example, someone
  maliciously attempts to make service
  inaccessible.
• Modification unauthorized party changes the
  data or tampers with the service. For example,
  intercepting and changing transmitted data or
  logging the activities of a user.
• Fabrication unauthorized party generate
  additional data or activity. For example,
  replaying of previously sent messages.

13
SECURITY MECHANISMS

• Encryption Fundamental to computer security. It
  transforms data into something an attacker cannot
  understand. It provides a mechanism to implement
  confidentiality and integrity.
• Authentication Used to verify the claimed
  identity of a user, client, server, host, or
  other entity. Typically, users are authenticated
  by means of passwords, but there are many other
  ways.
• Authorization Used to verify and grant access
  rights to resources.
• Auditing tools Used to trace which clients
  accessed to what and which way. Although it does
  not provide any protection against security
  threats, they are useful for analysis of a
  security breach.

14
CRYPTOGRAPGY

• Fundamental to security in distributed systems is
  the use of cryptographic techniques based on
  encryption and decryption key(s).

15
CRYPTOGRAPGY

• An intruder may intercepts the message without
  either the sender or receiver being aware that
  eavesdropping is happening (confidentiality).
• An intruder may modify the message by decrypting
  and encrypting again (integrity).
• An intruder may insert encrypted messages as if
  they are coming from the sender (authenticity).

16
CRYPTOSYSTEMS

• There are two types of cryptosystems
• Symmetric cryptosystems The same key is used to
  encrypt and decrypt a message. They are also
  referred as secret-key or shared-key systems,
  because sender and receiver are required to share
  the same key.
• P DK(EK(P))
• Asymmetric cryptosystems Encryption and
  decryption keys are different, but together they
  form a unique pair. One of the keys is kept
  private and the other key made public. For this
  reason, asymmetric cryptosystems are also
  referred as public-key systems.
• P DKD(EKE(P))

17
HASH FUNCTIONS

• Another application of cryptography in
  distributed systems is the use of hash functions.
• A hash function H takes a message m of arbitrary
  length as input and produces a bit string h
  having a fixed length as output
• h H (m)
• A hash h is somewhat comparable to the extra bits
  that are appended to a message in communication
  systems to allow for error detection, such as
  cyclic-redundancy check (CRC).

18
CRYPTOGRAPHIC ALGORITMS

• There are several cryptographic algorithms, but
  it is beyond our scope to discuss any of these
  algorithms in detail.
• Three most common cryptographic algorithms are
• Data Encryption Standard (DES) used for
  symmetric cryptosystems.
• RSA (Named after its inventors Rivest, Shamir,
  and Adleman) - used for asymmetric cryptosystems.
• Message Digest 5 (MD5) is a hash function for
  computing a 128-bit, fixed length message digest
  from an arbitrary length binary input string.

19
AUTHENTICATION

• Authentication and message integrity cannot do
  without each other.
• In other words, authentication is meaningless if
  message integrity cannot be provided.
• Also, message integrity is useless if the sender
  cannot be authenticated.
• For example, assume that Alice and Bob want to
  communicate, and Alice starts by sending a
  message.

20
AUTHENTICATION BASED ON A SHARED SECRET KEY

• This protocol is called challenge-response
  protocol whereby one party challenges the other
  to a response that can be correct only if the
  other knows the shared secret key (It is like
  asking the parola).

21
AUTHENTICATION BASED ON A SHARED SECRET KEY

• When Alice wants to set up a secure channel, she
  sends her identity to Bob (1).
• Bob sends a challenge to Alice (2).
• Alice encrypts the challenge and sends it to Bob
  (3).
• Alice sends a challenge to Bob (4).
• Bob encrypts the challenge and sends it to Alice
  (5).

22
AUTHENTICATION USING A KEY DISTRIBUTION CENTER

• If a distributed system contains N hosts, each
  host has to mange N-1 keys, and the system as a
  whole needs to manage N(N-1)/2 keys.
• An alternative is to use a centralized approach
  by means of Key Distribution Center (KDC) so that
  it shares a key with each host but no pair of
  hosts is required to have a secret key. As a
  result, only N keys are managed.

23
AUTHENTICATION USING A KEY DISTRIBUTION CENTER

• Alice first sends a message to the KDC telling
  that she wants to talk to Bob (1).
• The KDC returns the shared secret key KA,B. The
  message is encrypted with the secret key KA,KDC
  that Alice shares with the KDC (2).
• In addition, the KDC sends KA,B to Bob, but now
  encrypted with the secret key KB,KDC (2).
• From now on, they can use the shared secret key
  KA,B in their future message exchanges.

24
AUTHENTICATION USING A KEY DISTRIBUTION CENTER

• Alice sets up a connection using a ticket.
• This protocol is a varient of Needham-Schroeder
  authentication protocol used in Kerberos System
  developed by Masschusetts Institute of Technology
  MIT.

25
AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY
26
AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

• Alice sends a challenge RA to Bob encrypted with
  his public key KB (1).
• Bob decrypts Alices challenge RA with his
  private key and sends it to Alice along with his
  challenge RB. He also generates a session key
  KA,B that can be used for further communication.
  All three of them are encrypted using Alices
  public key KA (2).
• Alice returns her response to Bobs challenge
  using the session key KA,B generated by Bob. In
  this way, she will prove that she can decrypt
  message (2), and thus she is actually Alice to
  whom Bob is talking (3).

27
MESSAGE INTEGRITY AND CONFIDENTIALITY

• Message integrity often goes beyond the actual
  transfer through a secure channel.
• First, message should be digitally signed in such
  a way that it is uniquely tied to its content
  (think about a bank transaction).
• Second, if the signature can be verified to be
  authentic, the person who sent the message cannot
  later deny.

28
DIGITAL SIGNATURES USING PUBLIC-KEY CRYPTOGRAPHY

• Digital signing of a message using public-key
  cryptography.

29
DIGITAL SIGNATURES USING A MESSAGE DIGEST

• Alice computes a message digest and encrypt the
  digest with her private key.
• The encrypted digest is sent along with the
  message to Bob.
• Note that the message itself is sent as
  plaintext everyone is allowed to read it.
• If confidentiality is required, then the message
  should also be encrypted with Bobs bublic key.
• Bob descrypt with Alices public key and
  calculates the message digest.

30
ACCESS CONTROL

• Formally, verifying access rights is referred to
  as access control, whereas authorization means
  granting access rights. These two terms are
  related and used in an interchangable way.
• Protection is often enforced by a program called
  reference monitor.
• The reference monitor is called by the underlying
  operating system each time an object is invoked.

31
ACCESS CONTROL

• Controlling the access to an object is about
  protecting the object against invocations by
  subjects that are not allowed.
• Also, protection may include object management
  issues, such as creating, renaming, or deleting
  objects.
• A common approach to modeling the access rights
  of subjects with respect to objects is to
  construct an Access Control Matrix (ACM).
• Each subject is represented by a row and each
  object is represented by a column.
• Another widely-used approach is to have each
  object maintain a list of the access rights of
  subjects . This means that the matrix is
  distributed column-wise across all objects. This
  type of implementation is called Access Control
  List (ACL).

32
ACCESS CONTROL

• Another approach is to distribute the matrix
  row-wise by giving each subject a list of
  capabilities it has for each object. A capability
  corresponds to an entry in the access control
  matrix.
• A capability can be compared to a ticket i.e. its
  holder is given certain rights that are
  associated with that ticket.

33
ACCESS CONTROL
34
PROTECTION DOMAINS

• One general way of reducing ACLs is to make use
  of protection domains.
• A protection domain is a set of (object, access
  rights) pairs.
• Requests for carrying out an operation are always
  issued within a domain.
• Different uses of protection domain exists.
• One approach is to construct groups of users.
• For example, a Web page on a companys internal
  intranet.
• Instead of adding an entry for each possible
  employee to the ACL, a separate group Employee
  can be specified.
• Then, reference monitor only checks if the user
  is an Employee.

35
PROTECTION DOMAINS

• The hierarchical organization of protection
  domains as
• groups of users.

36
FIREWALLS

• External access to any part of a distributed
  system is controlled by a special kind of
  reference monitor known as firewall.
• A firewall disconnects any part of a distributed
  system from the outside world.

37
FIREWALLS

• There are two types of firewalls
• Packet-filtering gateway operates as a router
  and makes decisons as to whether or not to pass a
  network packet based on the source and
  destination address contained in the header. For
  example, if a companys network consists of
  multiple LANs, only the packets from other LANs
  can be allowed. In this way, a private virtual
  network can be set up.
• Application-level gateway inspects the contents
  of incoming or outgoing message. For example, a
  mail gateway that disregards a message exceeding
  certain size and filters spam email.

38
SECURE MOBILE CODE

• An important development in modern distributed
  systems is the ability to migrate code between
  hosts instead of just migrating passive data.
• However, mobile code introduces a number of
  serious security threats.
• When sending an agent across the Internet, its
  owner will want to protect it against malicious
  hosts that try to steal or modify information
  carried.
• Hosts also need to be protected against malicious
  code. Once a malicious program has settled itself
  in a computer, it can corrupt the host.

39
PROTECTING THE CODE

• Read-only state The owner constructs a message
  digest and encrypts it with its private key. When
  agent arrives, owner can check if read-only state
  has been tempered with by verifying the state
  against signed message digest of the original
  state.
• Selective revealing Each entry is encrypected
  with designated servers public key, so only the
  specified server can see the contents by using
  its private key.
• Append-only logs Servers can only append data
  to the log. Agent owner calculates an initial
  checksum.
• Cinit Kowner (N)
• N a random number
• Kowner Public key of agents owner
• When an agent moves to a server S that wants to
  hand in some data X, S appends X to the log, then
  signs X with its signature sig (S,X), and
  calculates a new checksum.

40
PROTECTING THE CODE

• When an agent moves to a server S that wants to
  hand in some data X, S appends X to the log, then
  signs X with its signature sig (S,X), and
  calculates a new checksum.
• Cnew Kowner (Cold, sig (S,X),S)
• When the agents comes back, the owner verifies
  whether the log has been tampered with by using
  the private key K-owner.

41
PROTECTING TARGET

• A sandbox is a technique by which a downloaded
  program is executed in such a way that each of
  its instructions can be fully controlled.
• Java programs are interpreted by the Java Virtual
  Machine (JVM).
• Downloading in Java is done by a set of class
  loaders. Each class loader is responsible for
  fetching a specified class from a server and
  installing it in the clients address space so
  that JVM can create objects from it.
• Byte code verifier checks whether a downloaded
  class obeys the security rules of the sandbox. In
  particular, it checks for instructions that could
  corrupt the memory.

42
PROTECTING TARGET

• The organization of a Java sandbox.

43
DENIAL OF SERVICE

• Another type of attack that is related to access
  control is maliciously preventing authorized
  processes from accessing resources.
• Defenses against such Denial of Service (DoS)
  attacks are becoming increasingly important as
  distributed systems are opened up through the
  Internet.
• There are two types of DoS
• Aimed at bandwidth depletion sending many
  messages
• Aimed at resource depletion initiate huge
  amounts of connections
• To prevent DoS attack, an organization must have
  routers further in the Internet, and routers
  should start dropping packets when they suspect
  an attack is going on before they reach to the
  organizations network.

44
SECURITY MANAGEMENT

• The main issues related to security management
  are
• General management of cryptographic keys, and
  especially the means by which public keys are
  distributed. Certificates play an important role.
• Authorization management by looking at
  capabilities and attribute certificates.

45
KEY ESTABLISHEMENT

• A widely used scheme for establishing a shared
  key across an insure channel is the
  Diffie-Hellman key exchange protocol.
• Alice and Bob agree on two large random numbers n
  and g.
• Alice picks a secret large random number x.
• Bob picks a secret large random number y.
• Shared secret key becomes gexp(xy) mod n

46
KEY DISTRIBUTION

• In a symmetric cryptosystem, the initial shared
  key must be communicated along a secure channel
  that provides authentication as well as
  confidentiality, they can even be exchanged over
  the phone.

47
KEY DISTRIBUTION

• In an asymmetric cryptosystem, we need to
  distribute the public key in such a way that the
  receivers can be sure that the key is paired to a
  private key.

48
KEY DISTRIBUTION

• In asymmetric cryptosystems, public-key
  distribution takes place by means of public-key
  certificates.
• Public-key certificate consists of a public key
  together with a string identifying the entity to
  which that key is associated.
• The public key and identifier have together been
  signed by a Certification Authority (CA), and
  this signature has been placed on the certificate
  as well.
• Signing takes place by means of a private key
  that belongs to the certification authority. The
  corresponding public key is assumed to be well
  known. For example, the public keys of various
  certification authorities are built into most web
  browsers.
• CAs revoke the certificates by using Certificate
  Revocation List (CRL).

49
AUTHORIZATION MANAGEMENT

• In non-distributed systems, managing access
  rights is relatively easy. When a new user is
  added to the system, the user is given initial
  rights, for example to create files and
  subdirectories in a specific directory.
• In other words, a complete account for a user is
  set up for one specific machine in which all
  rights have been specified in advance by the
  system administrator.
• In a distributed system, matters are complicated,
  since we cannot create an account for every user
  on each machine.
• So, we create a single account on a central
  server. The server is consulted each time a user
  accesses the resources.

50
AUTHORIZATION MANAGEMENT

• In modern distributed systems, another approach
  called attribute certificate is used.
• Attribute certificates are used to list the
  access rights that the holder of a certificate
  has with respect to the identified resource.
• Like other certificates, attribute certificates
  are handed out by special certification
  authorities, called attribute certification
  authorities.
• These authorities are usually the object servers.