1 / 18

Distributed Computer Security

Distributed Computer Security. 8320 Advanced Operating Systems Lanier Watkins. Outline. Distributed Computer Security-1997 Computer Security/Fault Tolerance Secure System Secrecy Integrity Availability Reliability Safety Fundamentals of Computer Security -1997 Subjects Objects

macario
Download Presentation

Distributed Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Distributed Computer Security 8320 Advanced Operating Systems Lanier Watkins

  2. Outline • Distributed Computer Security-1997 • Computer Security/Fault Tolerance • Secure System • Secrecy • Integrity • Availability • Reliability • Safety • Fundamentals of Computer Security -1997 • Subjects • Objects • Security Policies, Models, and Mechanisms-1997

  3. Outline (Continued) • Common Security Threats • Interruption • Interception • Modification • Fabrication • Security Approaches • Authentication • Authorization • Fault-Tolerance • Encryption • Auditing • Security Models • Security Issues in Distributed Systems-1997 • Interoperability • Transparency

  4. Outline (Continued) • Grid-based Intrusion Detection System-2003 • Cluster Security with NvisionCC: Process Monitoring by Leveraging Emergent Properties-2005 • GHIDS:Defending Computational Grids against Misusing of Shared Resources-2006 • Passive Identification of Unauthorized Use of Grid Computing Resources-2007

  5. Distributed Computer Security-1997 • Security and Fault Tolerance • Critical in Distributed Systems because of openness of environment • Solutions are closely related to design issues • Secure/Dependable System • Secrecy • Protection from unauthorized disclosure • Integrity • Only authorized users modify system objects • Availability • Authorized users are not prevented from accessing respective objects • Reliability and Safety are fault-tolerant features

  6. Fundamentals of Computer Security-1997 • Computer Systems • Can be represented by: • Subjects • Active entities that access objects • Objects • Passive entities that must be protected • Examples: data, hardware, software and communication links • Access Control Policy • Describes how objects are accessed by subjects • Flow Control Policy • Regulates the information flow between objects and subjects

  7. Security Policies, Models, and Mechanisms-1997 • 4 Categories of Security Threats • Interruption • Loss of data and denial of service • Interception • Related to secrecy • Modification and Fabrication are violations of system integrity • 3 Fundamental Approaches • Authentication • Verification • Authorization • Extending permission • Fault Tolerance • Sustaining faults • Encryption • Prevents exposure of information and maintains privacy • Auditing • Passive form of protection

  8. Security Policies, Models, and Mechanisms-1997 • Security Model • Discretionary • Provides separation of users and data • E.g. access control matrix • Mandatory • Requires access control of all subjects and orders under its control on a system wide basis • E.g. multilevel security, all subjects and objects in the system are assigned a sensitivity label. The labels are used as the basis for mandatory access control decisions.

  9. Security Issues in Distributed Systems-1997 • Interoperability and Transparency • Gives rise to security issues • System Architecture • 2 Approaches to Implementing New Services • Add an additional layer of software that runs on top of the existing system to provide the new services • Redesign the system so that the new services can be executed more efficiently in the kernel mode • Client/Server Model • Typically used by Distributed Operating Systems • Fits well with object oriented paradigm • Objects to be protected are associated with servers managing objects • Each object has a set of allowable well formed operations that can be invoked by the client processes

  10. Security Issues in Distributed Systems-1997 • Client/Server Security • A client initiates an access to an object through the kernel • Kernel authenticates the client and then invokes the object server • Implemented via Interprocess Communication at transport layer • Supported by secure host-to-host communications at the network layer and node to node communication at the link layer • Secure distributed system consists of communicating security servers using trusted gateway. • Simulate a Secure Private Network Over the Public Network • Balances interoperability and transparency • Interdomain authentication • Authorized by Interdomain access control • Secure message transfer between domains • Depends on successful interdomain authentication • Interdomain access control • Depends on ability to transmits secure request/reply messages • Security Transparency maintained via secure APIs (TAPI) • E.g. GSS-API developed by DEC

  11. Grid-Based Intrusion Detection System -(VChoon et al,2003) • Grid Based Intrusion Detection System Proposed • Design • Grid environment • GIDS must be applicable in Grid environment • Autonomous • GIDS must be independent of user intervention • Flexible • GIDS must be customizable • Scalable • GIDS must cover many nodes • Reusable • GIDS code must be easily deployed • Adaptable • GIDS must have on demand enablement • Low Overhead • GIDS must not have significant system impact • Timeliness • GIDS must solve problems just in time

  12. Grid-Based Intrusion Detection System -(VChoon et al,2003) • Approach • GIDS acts as a Virtual Organization • GIDS shares its resources in the form of application services • Services • Auditing • Anomaly type of intrusion detection • Signature Matching • Policy Language • Secure Communication • Monitoring • Distributed Database • Architecture • Agent-daemon running on machine being protected • Server-Service provider • Manager-Control center of the VO • Secure Communicator-Provides secure communication for VO

  13. Cluster Security with NVissionCC -(Koenig et al,2005) • Cluster Security Monitoring Tool • Design • Performance Impact • Central Control • Leverage Existing Software • Configurability • Effectiveness • Approach/Services • Monitors processes across cluster nodes • Looks for open network ports • Looks for irregular network traffic patterns • Looks for modifications to critical files • Raises alerts when deviations from profiles are detected • Architecture • PCP daemon • Collector Node • Data Analyzer • User Interface

  14. GHIDS: Defending Computational Grids Against Misusing of Shared Resources -(Feng et al,2006) • Grid Specific Host Based Intrusion Detection System • Design • Performance Impact • Central Control • Leverage Existing Software • Configurability • Effectiveness • Approach/Services • Uses Bottleneck Verification (Host) • Detects users that go from user to super user improperly • Monitors process creation, modification and destruction (Host) • Monitors accessing of critical resources (Host) • Grid User ID and Host Level ID stores when Grid services used • Architecture • Host and Grid level deployment • Virtual Kernel Device created • Grid Middleware modified • Data Analyzer • User Interface

  15. Non-Intrusive Security Monitoring in Cluster Grid Networks -(Watkins,2007) • Non-Intrusive Cluster Security Monitoring Tool • Design • Performance Impact • Central Control • Leverage Existing Software • Configurability • Effectiveness • Approach/Services • Host Level and Grid Level Support • Identifies unauthorized use resources • Identifies Misuse of resources • Raises alerts when deviations from profiles are detected • Architecture • NO daemons • Collector node

  16. Non-Intrusive Security Monitoring in Cluster Grid Networks -(Watkins,2007) Packet Analysis (TCPdump) Preprocessor (Wavelet Transform) Feature Extraction (Energy + Transients) Detection & Decision CPU Utilization Identification

  17. Min(PIII,PIV) Max(PIII,PIV) Average(PIII,PIV) Non-Intrusive Security Monitoring in Cluster Grid Networks -(Watkins,2007) • Problem has inherent uncertainty • Identification Scheme • Use Fuzzy Operators • Use Type I Fuzzy • Use Type II Fuzzy OR OR

  18. References • Distributed Operating Systems & Algorithms, Randy Chow and Theodore Johnson, Addison Wesley, 1997 • “Grid Based Intrusion Detection System”, O. Tian, A. Samsudin, IEEE 2003 • “Cluster Security with NVisionCC:Process Monitoring by Leveraging Emergent Properties”, Koeng et al,IEEE 2005 • “GHIDS:Defending Computational Grids Against Misusing of Shared Resources”, Feng et all, IEEE2006

More Related