760 likes | 1.31k Views
Tanenbaum
E N D
1. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMSPrinciples and ParadigmsSecond EditionANDREW S. TANENBAUMMAARTEN VAN STEENChapter 9Security
2. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Security Threats, Policies, and Mechanisms Security implies dependability, confidentiality, and integrity.
Types of security threats to consider:
Interception – an unauthorized party gains access to data or service
Interruption – situation where data or service becomes unavailable
Modification – unauthorized changig of data or tampering with a service so that it no longer adheres to its spec.
Fabrication – situation where data or activity generated that normally would not exist.
3. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Security Threats, Policies, and Mechanisms Security policy – describes which actions the entities in a system are allowed to take (and which are prohibited)
Security mechanism – way to enforce policy
Encryption – data confidentiality, data integrity
Authentication – verify the claims of a user, client, server or host
Authorization – see if an authenticated client is allowed to perform the requested action
Auditing – logging access
4. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Example: The Globus Security Architecture (1) Globus is a system supporting large scale distributed computations ? computational grid
The Globus security policy consists of rules:
The environment consists of multiple administrative domains.
Local operations are subject to a local domain security policy only.
Global operations require the initiator to be known in each domain where the operation is carried out.
5. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Example: The Globus Security Architecture (2) Operations between entities in different domains require mutual authentication.
Global authentication replaces local authentication.
Controlling access to resources is subject to local security only.
Users can delegate rights to processes.
A group of processes in the same domain can share credentials.
6. Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Example: The Globus Security Architecture (3)