1 / 34

8.1 Fundamentals of Computer Security

WOOYOUNG KIM FALL 2009. 8.1 Fundamentals of Computer Security. Outline. Fundamentals of Computer Security Recent Study Future work. Fundamental of Computer Security [1]. Randy Chow, Theodore Johnson, “ Distributed Operating Systems & Algorithms ”, 1997. Contents. Goal

herring
Download Presentation

8.1 Fundamentals of Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WOOYOUNG KIM FALL 2009 8.1 Fundamentals of Computer Security

  2. Outline • Fundamentals of Computer Security • Recent Study • Future work

  3. Fundamental of Computer Security [1] Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, 1997

  4. Contents • Goal • Security Policies, Models, and Mechanisms • Security Issues in Distributed Systems

  5. Goal • Secrecy : protection from unauthorized disclosure • Integrity: protection from unauthorized modification • Availability : protection from denial of service (DoS) • Reliability: fault-tolerance • Safety: tolerance of user faults

  6. Security Policies, Models, Mechanisms • Four categories of common security threats • Interruption, interception, modification, fabrication. • Fundamental approach • Authentication. Authorization. Fault-tolerance. • Policy – user requirements • Model – formal representation of policies • Discretionary : separation of users and data under on a individual basis. • Mandatory : requires access control of all subject and objects under its control on a system-wide basis. • Mechanism – enforce protection

  7. Security Issues in Distributed Systems • Additional Goal • Interoperability – effective information exchange. • Transparency – uniform view of a system. • Approaches • Additional layer of software • Redesign the system • Issues • Structure: Client/server paradigm • Where to put security services.

  8. Recent Study [2] Naqvi, S.; Riguidel, M., "Security architecture for heterogeneous distributed computing systems," Security Technology, 2004. 38th Annual 2004 International Carnahan Conference on , vol., no., pp. 34-41, 2004

  9. Contents • Introduction • Grid Computing • Challenges (of Integrating Heterogeneous Devices and Networks in the Grid) • Proposed Security Architecture • Conclusions

  10. Introduction • Grid Computing • Security problem: • heterogeneity involves different administrative domains. • Security requires specialized Grid-enabled tools. • Mobile Computing • Harvesting the wireless mobile devices within the computational Grid is a challenge. • Recent works in nanotechnology make it possible to develop low-power, battery-operated devices for grid computing. • High level of security is necessary.

  11. Introduction – Cont’d • Goal • Develop an infrastructure for the secure integration of heterogeneous mobile devices in the distributed computing environments.

  12. Grid Computing • Grid computing focuses on large-scale pervasive resource sharing, virtual and pluggable high-performance orientation. • Problem: coordinated resource sharing and problem solving in dynamic, multi-institutional virtual organizations. • Virtual Organization (VO): a set of individuals and/or institutions defined by such sharing rules.

  13. Grid Computing – Cont’d • Infrastructure Requirements • Security • Resource Management • Information Services • Data Management • Rising concerns • Significant changes in accessing Grid resources • Introduce new security concerns.

  14. Challenges The heterogeneous mobile consumer devices connected through a potentially unreliable wireless network poses great security challenges, especially if they function as gateways to the Grid resources.

  15. Challenges – Cont’d • Challenges of Integrating Heterogeneous Devices and Networks in the Grid • Bandwidth – multi-path disturbances, power-signal degradation, inter-cell hand-off, always-on characteristics. • Power Supply • Software Support • Key Management Scheme for Smart Devices

  16. Challenges – Cont’d • Security Gaps – middle boxes Example of security Gap: If the SSL session was broken at C and re-established, then result in security gaps.

  17. Challenges – Cont’d • Heterogeneous Security Solutions • Security is always an issue with mobile wireless devices since wireless transmission can be widely attacked. • Various security mechanisms and protocols have been developed. • But this created a heterogeneous security environment. • Very little research on coordinating a set of distributed security modules. • Security service relies on establishment of Security Associations (SA), but two devices with different security capabilities cannot communicate and set up SA.

  18. Challenges – Cont’d • Efforts • Develop cryptographic algorithms for efficient utilization and management. • There is tradeoff between high-degree security and high speed communication • Challenge 1- Managing the diverse security capabilities so that an end-to-end security service can be provided with the highest performance possible • Challenge2-managing security capabilities so that they can be reconfigured dynamically upon route changes, policy update, detection of intrusion or security service degradation etc., to maintain adequate levels of end-to-end security service.

  19. Proposed Security Architecture • Computational Grids is steeped in complex and dynamic network environments. • Networks have ephemeral nodes, coming and leaving at any time in unpredictable ways. • Computer-based systems can be mobile. • These introduce peculiar challenging security requirements for Grid applications.

  20. Proposed Security Architecture – Cont’d • Security Requirements for Grid applications and the solution • Trust and Reputation • The time factor influences the trust. • Trust can be rapid (OAC) or sluggish (OBC) depending on the various parameters for trust. • If trust lost at t1, considerable time is required for retrieval. • Trust vs. Time graph

  21. Proposed Security Architecture – Cont’d • Entities may form alliances. • The trust model should compute the eventual trust based on a combination of direct trust and reputation and should be able to weigh the two components differently. Di Dj • Di: Trustworthiness of Dj is based more on the direct relationship than the reputation of Dj. • Direct relationship: (trust level in the direct-trust table[DTT]) X (decay function)‏ • Reputation: AVG(product of the trust level in the reputation trust table [RTT].)‏ • Propose: RTT=DTT, and introduce the recommender trust factor R

  22. Proposed Security Architecture – Cont’d • Semantic Interoperability • For interoperability, need to examine • Separation of symbol and concept • Nature of anthologies and their role • Difficulties for effective communication • Must provide data separation between trusted and untrusted systems. • VO determines levels of trustworthiness for its various actors. • Access control decisions are made by comparing a user’s level of trustworthiness with a sensitivity level already marked. • Application service must be provided for several operational environments.

  23. Proposed Security Architecture – Cont’d • Secure and Trusted Time Stamping Authority • Signed document should contain a secure timestamp. • Propose the construction of a secure and trusted time stamping authority by obtaining time for stamping from a precise clock that is synchronous to two atomic clocks. • Digital signature is obtained by using the RSA cryptosystem, and a secret key of a time stamping authority is stored at distributed servers. • For protection, the trusted clock frequently changes its location and the locations are computed with a random number of generator.

  24. Proposed Security Architecture – Cont’d • Space Consideration • Related to spatial-awareness • Primitive level: space is the network space, distance are measured with hops. • Can include more physically grounded concepts of space, requiring some computing scenario • Can map the peers of a network in any sort of virtual space, which should be supported by an appropriate routing mechanism.

  25. Proposed Security Architecture – Cont’d • Context-Awareness • Must transparently determine the sources and handle a high degree of context changes. • Propose a context-awareness module. • Environment Role Activation Service • Maintains information on the system state. • Context Management Services • Collect environment variables and their associated values • Smart Sensors • Collect useful security-relevant data.

  26. Proposed Security Architecture – Cont’d Context-Awareness module in the Security Architecture user resources Authorization server Authenticationserver Environment Role Activation Service Context Management Smart Sensors

  27. Proposed Security Architecture – Cont’d • Secure Code Mobility • Mobile code/agent is exposed to various security threats • The only existing defense is using trusted hardware • Propose a generic secure computation service that performs some cryptographic operations on behalf of the mobile code.

  28. Proposed Security Architecture – Cont’d • Virtualization of Security Services • Virtualization of security services is having the absolute freedom to choose the underlying security mechanism. User domain: user, local resource, authentication server Target domain: target resources, authorization server, a local CA, and access policy. Between two domains, need an intermediary architecture. Security services including pluggable security services, security units of two domains virtualizes the security dialogues.

  29. Proposed Security Architecture – Cont’d • Pluggable Security Services • Propose to extend the concept of security as services to security as pluggable services. • This extension permits the evolution of security infrastructure with less impact on the resource management functionalities. • It permits the users and resource providers to configure the security architecture based on their requirements and satisfaction level.

  30. Proposed Security Architecture – Cont’d • Evaluation of Security Quality • Quality of Protection (QoP) is defined in generic security service application program interface (GSS-API) • Propose Quality of Security Service (QoSS) is as an extension of QoP to cover a broad range of security services. • QoSS allows ranges of security to be specified, giving the opportunity to dynamically adjust to fit the security needs. • QoSS can be used for the evaluation of user mobility in ubiquitous environments in heterogeneous devices.

  31. Conclusions • Security is one of the biggest challenges for the coupling of mobile devices and geographically distributed computers. • Propose a new approach to deal with the challenges by the Grid. • The proposed approach is flexible and adaptive. • The design is consistent but fine-grained levels of trust and security in heterogeneous distributed computing systems.

  32. Future Works • The approach is a first attempt for the development of an adaptive Grid security mechanism. • A number of tests and simulations are required before it can be effectively implilented on a real Grid computing system.

  33. Reference • Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, 1997 • Naqvi, S.; Riguidel, M., "Security architecture for heterogeneous distributed computing systems," Security Technology, 2004. 38th Annual 2004 International Carnahan Conference on , vol., no., pp. 34-41, 11-14 Oct. 2004URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=1405366&isnumber=30459

  34. Thank You

More Related