250 likes | 390 Views
CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems. Instructor: Professor Shouhuai Xu course page: http://www.cs.utsa.edu/~shxu/CS6463-Fall2007/index.html. Why “Distributed System”?.
E N D
CS 6393 AT: Advanced Topics in Computer Security: Reliable and Secure Distributed Systems Instructor: Professor Shouhuai Xu course page: http://www.cs.utsa.edu/~shxu/CS6463-Fall2007/index.html CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Why “Distributed System”? • We studied from hardware layer to application layer: Architecture, OS, Networking, DBMS, Algorithm • We know what is computer, TCP/IP • But why do we need Distributed Systems? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Why “Distributed System”? • Think about the real world: It is distributed in nature. • We have many states: how are in-state and inter-state management done (e.g., license, legislation)? • We have many countries: how are in-country and inter-country management done (e.g., passport, UN, WTO)? • But can we make a super-computer (sufficiently large memory and disk, sufficiently powerful CPU etc)? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Why “Distributed System”? • But can we make a super-computer (sufficiently large memory and disk, sufficiently powerful CPU etc)? • It may cost $100B • We often build large “systems” from building-blocks: • Skyscrapers, bridges, space shuttle • Constitution and special laws • We facilitate large-scale and complex applications through commodity standalone computers. • Price/cost is an economic driven force CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Why “Distributed System”? • A distributed system consists of a set of networked computers. • Just like the diverse set of business/industries that exploit the transportation systems (interstate freeways, railways, air lines), distributed systems exploit the underlying hardware processor, OS/VM, TCP/IP networking. CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Why “Distributed System”? • The focus of distributed systems is “how to exploit the underlying hardware/OS to serve the application needs” • It is not about “how to build the underlying OS/Networking” --- we assume it is there. CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
What is a “Distributed System”? • A distributed system is one in which the failure of a computer you didn’t even know existed can render your own computer unusable. [Lesile Lamport] • Spiritually, it intends to build a system-of-networked-and-inherently-heterogeneous-systems for specific applications (e.g., distributed banking, stock exchanging, web services, Software as a Service, air traffic control), which may cost $100M, by “mimicking” a centralized or single-super-power-computer, which may cost $100B. • It is about money/cost! CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
How a Distributed System Looks? networking Physically: heterogeneous, diverse locations in nature CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
How a Distributed System Looks? Content distribution Web service Peer-to-peer computing others Applications Reliable and secure group communication (with order/causality/atomicity guarantees) Addressing / naming / group membership Middleware OS/VM w/ TCP/IP OS/VM w/ TCP/IP hardware hardware Individual computer (e.g., yours) Individual computer (e.g., friend’s) Logically view CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Goodness of “Distributed System” • How do we know whether a distributed system accomplish what we want it to accomplish? • Many attributes (just like how we would evaluate healthiness: heart, blood, etc.) • Price/cost • Performance • Availability • Scalability • Reliability • Security • … Our focus CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Goodness of “Distributed System” • We know that the attributes often cannot get along (just like arbitrarily eating food and healthiness/beauty): • (high) quality and (low) price • (high) reliability and (low) performance • (high) security and (low) availability • But how about reliability and security. Do they (naturally) get along? • Hope you will find the answer at the end of the class CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
It’s all about management! • In order to manage a state/country, we need postal office, laws/legislation, government/law-enforcement, … • In order to manage distributed system, we need • Addressing (postal vs. DNS) • But how to make DNS itself reliable and secure? • Chicken-and-egg problem? • Naming (passport/DMV vs. PKI): we need cryptography • How to make PKI itself reliable and secure? • Messaging (regular mail/registered mail vs. TCP-IP/messaging with guarantees such as ordering, causality) CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
How to facilitate management, reliably! • In the real world, it is very costly and expensive to make the governmental systems etc run reliably (partially why we pay much taxes ) • In distributed systems, what we have to pay to make them run reliably? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Example: Hotel room reservation I need a non-smoking room. Done! client server client Done! I need a non-smoking room. server time What if the server crashes? We replicate the servers, but … CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Example: Hotel room reservation client Done! I need a non-smoking room. server 1 Done! I need a non-smoking room. server 2 I need a non-smoking room. Done! server 3 time Ideal case CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Example: Hotel room reservation client Done! I need a non-smoking room. server 1 Done! I need a non-smoking room. I need a non-smoking room. server 2 server 3 time Not so ideal, but still ok. CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Example: Hotel room reservation client 1 client 2 server 1 server 2 server 3 time Who got the room? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
How to facilitate management, securely! • In the real world, we pay much to protect the boundaries etc (that’s why we also pay much taxes ) • In distributed systems, how much we have to pay to make sure the distributed systems will not be exploited to launch attacks? • We have many large botnets. • We have many critical information infrastructures, or physical infrastructures that are managed by distributed information infrastructures. How to protect them? • How to make sure no (digital) identity theft? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Example: hotel room reservation (cont) • What if some servers are under attack so as to, for example, block the whole system with “minimal” effort. • That is, intelligent rather than simple-minded Denial-of-Service attack? • What if other attacks? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Course objective • We emphasize the “practical” aspect of reliable and secure distributed systems. • However, if you choose to pursue the theoretic aspect, that is perfectly ok, too. In this case, please talk to the instructor. He will be more than happy to work with you on a one-to-one basis so as to match your hunger CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Course objective • We want to establish a taste of the thinking of chief security officer or chief security architect • Can we brainstorm something? CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Course objective • We want to establish a taste of the thinking of chief security officer or chief security architect • You need to think about performance • You need to think about availability (even under DDoS attacks) • You need to think about random faults (not caused by attacks though) • You need to think about security (confidentiality, integrity, authentication, authorization, access control, non-repudiation) CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Textbook • The content of this course consists of two parts • Reliable distributed system part: • Use book “Reliable Distributed Systems: Technologies, Web Services and Applications” by Prof. Ken Birman at Cornell University • His systems have been deployed in the real world: NYSE, Navy Warship etc. • Secure distributed system part: • The instructor will provide the necessary materials CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Grading Policy • Student paper presentation (5%; one presentation per student based on a paper listed on the course web) • Your slides will be posted on the web • Project proposal & presentation (20%: one proposal per team) • Take-home exam (10%; 5% each) • Final project report (30%; one report per team) • Final project presentation (with demo, if applicable) (10%; one presentation per team) • Final exam (20%) • Attendance (5%) CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems
Office Hour and Management • MW 2-3 pm or by appointment • Meeting with each team on case-by-case basis • Team up and elect a leader asap • News announcement • We need a volunteer to formulate a mailinglist for this course or we can wait a bit until the department mailinglist is available CS6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems