Embed Size (px)
Citation preview
Class 6Distributed Systems
CIS 755: Advanced Computer SecuritySpring 2015
Eugene Vasserman
http://www.cis.ksu.edu/~eyv/CIS755_S15/
Administrative stuff
• New teleconference information• Monday office hours moving to 2:30 (will be
2:30 – 4) starting March 23rd
– Except no office hours on March 23rd :(
• Exam I– Thoughts?–Post-mortem
• Quiz next week
Distributed Systems: Definition
• “A system of multiple communicating entities performing a coordinated function”
• “A system where a computer that you’ve never heard of, located somewhere you’ve never been, can cause your computer to stop functioning correctly”
–Humorous paraphrase of Lamport
Distributed Systems: Why?
• Increased robustness (maybe)– Eliminating single point of failure
• Resource sharing–e.g. Beocat–e.g. a mobile device and a server
• Improved scalability (maybe)–e.g. Beocat
Distributed Systems: Security
• Eliminating a single point of failure–Denial of service protection (robustness)
• Eliminating a single point of trust–What if your boss is malicious?
• If we want to reap benefits of distributed system designs, we have to take care of the “maybes” in previous slides
• How?
Distributed Systems: Privacy
• Local system – local information• Distributed system – more access to
potentially private information• Privacy vs. authentication• Sometimes privacy is not a security
requirement, sometimes it is• Are there other potential security
requirements related to privacy?
My voice is my passport; authorize me!
• User A says:– I want access to resource R–Kerberos server, authenticate me!
• R does not know if A has rights to access R• Kerberos server:–Checks if A is who she says she is–Checks if A is authorized for access to R
• R trusts Kerberos server but not A
Authentication → capability → access
• Kerberos server issues a “token” T to A– T is tied to A– T expires– T cannot be generated by anyone other than
Kerberos server (cannot be forged)
• T tells resource R that:– T was issued by the Kerberos server–A has the right to access R for a limited time
Physical security
• Why use physical security?–Do Kerckhoffs’ principle and/or Shannon’s
maxim apply?
• Tamper evidence• Tamper resistance• Properties? Differences?• Assumptions? Trade-offs?• Real-world examples
Exercise
Design and sketch an implementation of an expiring capability
(similar to a Kerberos token)in terms of what we have learned so far
Questions?
Reading discussion
![45G9E FHCC?K 5A8 DH5?=GK =FFH9F =A (9AGE5? 5A8 ......,2)0 %"-)% /0)3)170158.21 06:17.21 *97.3 ,7/.5 d`fcTVd Rd Zd eYV TRdV Z_ S`eY JfddZR R_U eYV M\cRZ_V W`c ViR^a]V) A_ eYV M\cRZ_V](https://img.pdfslide.us/doc/110x75/610f61f942575b15f41407f3/45g9e-fhcck-5a8-dh5gk-ffh9f-a-9age5-5a8-20-0317015821.jpg)
![VU ;]feV E]RjVc R U DeYVc Wc`?] eYV 6?] Vc3]](TRentnemdept.ufl.edu/cv/people/capinera/dl/insects_humpbacked_flute... · =J*>*]aSRT\VU ;]feV E]RjVc R_U DeYVc:_ e`3^(`3^(`caYd ... feV](https://img.pdfslide.us/doc/110x75/5bf7ec7009d3f2ab7d8bc167/vu-fev-erjvc-r-u-deyvc-wc-eyv-6-vc3-jasrtvu-fev-erjvc-ru.jpg)
![5th edition July 11th > 17th 2017fidmarseille.org/pdf/CatalogueFIDCampus2017.pdf · dYV [`Z_VU eYV >`fZd >f^ZVcV dTY``] Z_ >j`_ EYV Îc h`c\VU Sd 6 A B hZeY S VTZS] Z_eVcV Z_ d`f_U](https://img.pdfslide.us/doc/110x75/602337c9140e792bec3ee1e5/5th-edition-july-11th-17th-dyv-zvu-eyv-fzd-fzvcv-dty-z-j.jpg)
![EYV @WWZTZR] ?Vhd]VeeVc `W EYV 6 XZ VVcZ X DefUV …ess.uvic.ca/documents/stream_a/fishwrap/2000-09//2000-10-10.pdf · So come on out, have fun, and give that beat-up, striped down,](https://img.pdfslide.us/doc/110x75/5b5c375c7f8b9ad2198bf1f6/eyv-wwztzr-vhdveevc-w-eyv-6-xz-vvcz-x-defuv-essuviccadocumentsstreamafishwrap2000-092000-10-10pdf.jpg)
