Date post: | 19-Dec-2015 |
Category: |
Documents |
View: | 221 times |
Download: | 0 times |
© Chinese University, CSE Dept. Distributed Systems / 7 - 1
Distributed Systems
Topic 7: Security
Dr. Michael R. LyuComputer Science & Engineering Department
The Chinese University of Hong Kong
© Chinese University, CSE Dept. Distributed Systems / 7 - 2
Outline
1 Motivation
2 Styles of Attacks
3 Cryptography
4 Authentication
5 Security Systems
6 CORBA Security Service
7 Summary
© Chinese University, CSE Dept. Distributed Systems / 7 - 3
1 Motivation
More vital/secret data handled by distributed components.
Security: protecting data stored in and transferred between distributed components from unauthorised access.
Security is a non-functional requirement that cannot be added as a component but has to be built into all components.
© Chinese University, CSE Dept. Distributed Systems / 7 - 4
1 Why are Distributed Systems insecure?
Distributed component rely on messages sent and received from network.
Is network (especially WANs and wireless networks) secure?
Is client component secure? Is client component who it claims to be? Are users of calling components really who
they claim to be?
© Chinese University, CSE Dept. Distributed Systems / 7 - 5
1 Effects of Insecurity
Confidential Data may be stolen, e.g.:– corporate plans.
– new product designs.
– medical/financial records (e.g. Access bills....).
Data may be altered, e.g.:– finances made to seem better than they are.
– results of tests, e.g. on drugs, altered.
– examination results amended (up or down).
© Chinese University, CSE Dept. Distributed Systems / 7 - 6
1 Need for Security
Loss of confidence: above effects may reduce confidence in computerized systems.
Claims for damages: legal developments may
allow someone to sue if data on computer has
not been guarded according to best practice.
Loss of privacy: data legally stored on a
computer may well be private to the person
concerned (e.g. medical/personnel) record.
© Chinese University, CSE Dept. Distributed Systems / 7 - 7
2 Threats
Categorization of attacks (and goals of attacks) that may be made on system.
Three broad classes:– leakage: information leaving system.
– tampering: unauthorised information altering.
– vandalism: disturbing correct system operation.
Used to specify what the system is proof, or secure, against.
© Chinese University, CSE Dept. Distributed Systems / 7 - 8
2 Methods of Attack
Eavesdropping: Obtaining message copies without authority.
Masquerading: Using identity of another principal without authority.
Message tampering: Intercepting and altering messages.
Replaying: Storing messages and sending them later.
Denial of service: Flooding server resources with messages in order to deny other’s access.
© Chinese University, CSE Dept. Distributed Systems / 7 - 9
2 Some Security Attack Scenarios
Eavesdropping:
Peter Mary“Let’s meet at 5pm, old place”
Tom“hee hee…”
Tampering:Peter Mary
“Let’s meet at 5pm, old place”
Tom “Let’s meet at 3pm, old place”
Replaying:Peter
Tom
“Let’s meet at 5pm today” Mary
One day later:“Let’s meet at 5pm today”
© Chinese University, CSE Dept. Distributed Systems / 7 - 10
2 Infiltration
Launch of attack requires access to the system.– Launched by legitimate users.
– Launched after obtaining passwords of known users.
Subtle ways of infiltration:– Viruses
– Worms
– Trojan horses.
© Chinese University, CSE Dept. Distributed Systems / 7 - 11
3 Cryptography
1 Introduction
2 Terminology
3 Encryption
4 Secret Keys
5 Public Keys
6 RSA Encryption Algorithm
© Chinese University, CSE Dept. Distributed Systems / 7 - 12
3.1 Introduction
Cryptography: encode message data so that it can only be understood by intended recipient.
Romans used it in military communication. Given knowledge of encryption algorithm, a
brute force attempt: try every possible decoding until a valid message is produced.
Computers are good at this! Modern schemes must be computationally
hard to solve to remain secure.
© Chinese University, CSE Dept. Distributed Systems / 7 - 13
3.2 Cryptographic Terminology
Plain text: the message before encoding. Cipher text: the message after encoding. Key: information needed to convert from plain
text to cipher text (or vice-versa). Function: the encryption or decryption
algorithm used, in conjunction with key, to encode or decode message.
Key distribution service: trusted service which hands out keys.
© Chinese University, CSE Dept. Distributed Systems / 7 - 14
3.3 Encryption
Encrypting data prevents unauthorised access to the data (i.e. prevents eavesdropping).
If encrypted data can only be encrypted with a matching key, this can be used to prove sender’s identity (i.e. prevents masquerading).
Likewise, it can be used to ensure that only intended recipients can use the data.
Two main ways: secret key and public key..
© Chinese University, CSE Dept. Distributed Systems / 7 - 15
3.4 Secret Keys
One key is used to both encrypt and decrypt data
Encryption and decryption functions are often chosen to be the same type
Security should not be compromised by making function well-known as security comes from secret keys
© Chinese University, CSE Dept. Distributed Systems / 7 - 16
3.4 Using Secret Keys
Sender and recipient exchange keys through some secure, trusted, non-network based means.
Sender encodes message using encryption function and sends the message, knowing that only the holder of key (the intended recipient) can make sense of it.
Recipient decodes message, and knows that only intended sender could generate it.
Message can be captured but is of no use.
© Chinese University, CSE Dept. Distributed Systems / 7 - 17
3.5 Public Keys
Gives 'one-way' security. Two keys generated, one used with decryption
algorithm (private key) and one with encryption algorithm (public key).
Generation of the private key, given only the public key, is computationally hard.
Do not need secure key transmission mechanism for key distribution.
© Chinese University, CSE Dept. Distributed Systems / 7 - 18
3.5 Using Public Keys
Recipient generates key pair. Public key is published by trusted service. Sender gets public key, and uses this to
encode a message. Recipient decodes the message. Replies can be encoded using sender’s public
key from the trusted distribution service if two-way security is needed.
Message can be captured but is of no use.
© Chinese University, CSE Dept. Distributed Systems / 7 - 19
3.6 RSA Encryption Algorithm
Named after the three inventors– Ron Rivest
– Adi Shamir
– Leonard Adleman
A common and well-known Public-key algorithm
© Chinese University, CSE Dept. Distributed Systems / 7 - 20
3.6 Methods used in RSA
Choose a pair of large prime number (p and q)
Calculate n = p * q Find an encryption key (e) such that
e and (p-1)(q-1) are relatively prime. Then decryption key (d) will be obtained by
the formula1 = e*d mod (p-1)(q-1)
ed = 1 mod (p-1)(q-1) d = e-1 mod (p-1)(q-1)
© Chinese University, CSE Dept. Distributed Systems / 7 - 21
3.6 RSA Encryption/Decryption Key
(e, n) will be the encryption key available to public:ci = mi
e mod n (d, n) will be the decryption key owners
keeps private:mi = ci
d mod n The decryption holds because
cid = (mi
e)d = mied = mi
k(p-1)(q-1)+1
= mimik(p-1)(q-1) = mi*1
= mi; all (mod n)
© Chinese University, CSE Dept. Distributed Systems / 7 - 22
4 Authentication
1 Motivation
2 Types of Authentication
3 Needham/Schroeder Protocol
© Chinese University, CSE Dept. Distributed Systems / 7 - 23
4.1 What is Authentication?
Authentication: Proving you are who you claim to be. In centralized systems: Password check at session
start. In distributed systems:
– Ensuring that each message came from claimed source.
– Ensuring that each message has not been altered.
– Ensuring that each message has not been replayed.
© Chinese University, CSE Dept. Distributed Systems / 7 - 24
4.2 Types of Authentication
Authentication can be used to ensure a number of different aspects of an interaction.
Proving that a client of a server is who it claims to be.
This can be refined to proving that the end user has the right to use a service.
© Chinese University, CSE Dept. Distributed Systems / 7 - 25
4.2 Types of Authentication
Proving both client and server are who they say they are.
This is needed to prevent impostor services from collecting information or disrupting (vandalizing) the system.
This is really just an extension of the idea of authentication a client.
© Chinese University, CSE Dept. Distributed Systems / 7 - 26
4.2 Types of Authentication
Securing communication from eavesdropping. Authentication will usually involve encrypting
data. This can be used just at the start to prove the
identity of ends of the communication link.
© Chinese University, CSE Dept. Distributed Systems / 7 - 27
4.3 Needham/Schroeder Protocol
Provides a secure way for pairs of components to obtain keys to be used during communication.
Based on an authentication server:– maintains a name and a secret key for each
component.– can generate keys for peer-to-peer
communications. Secret keys are used for communication with
authentication server.
© Chinese University, CSE Dept. Distributed Systems / 7 - 28
4.3 Needham/Schroeder Protocol
AuthenticationServer
C S
1: C
, S, N
C
2: {
N C,S
,KC
S,{
K CS,C
} K S} K C
3: {KCS,C}KS
4: {NS}KCS
5: {NS-1}KCS
C: Client NameS: Server NameKC: Client´s secret keyKS: Server´s secret keyKCS: Secret key for client/server
communicationNx: Nonce generated by x{M}K: Message encrypted in key K
© Chinese University, CSE Dept. Distributed Systems / 7 - 29
5.1 Security Systems: Kerberos
Based on Needham/Schroeder Protocol.
Developed by Steiner at MIT (1988).
Used in – OSF/DCE.
– Unix NFS.
© Chinese University, CSE Dept. Distributed Systems / 7 - 30
5.1 System architecture of Kerberos
ServerClient
DoOperation
Authenticationdatabase
Loginsession setup
Ticket-granting
service T
Kerberos Key Distribution Centre
Serversession setup
Authen-tication
service A1. Request for
TGS ticket
2. TGSticket
3. Request forserver ticket
4. Server ticket5. Service request
Request encrypted with session key
Reply encrypted with session key
Servicefunction
Step B
Step A
Step C
C S
© Chinese University, CSE Dept. Distributed Systems / 7 - 31
5.2 Security Systems: CORBA
Supports the following security algorithms: Authentication of users. Authentication between objects. Authorisation and access control. Security auditing. Non-repudiation. Administration of security information.
Cryptography is not exposed at interfaces.
© Chinese University, CSE Dept. Distributed Systems / 7 - 32
ORB
5.2 CORBA Security Architecture
The security model:
Client Server
Security Implementationenforcing security policy
Userrequests
•All object invocations are mediated by the security implementation
•No specific security policy defined in the model, so that a wide variety of different policies can be defined according to different needs
Messageprotection,
access controldevice, etc.
Messageprotection,
access controldevice, etc.
© Chinese University, CSE Dept. Distributed Systems / 7 - 33
5.2 CORBA Security
Principals– Human users or system entities (e.g., the client acting for
a user) registered in and authenticated to the system
Credentials– Each principal in a CORBA environment with Security
Service is associated with credentials– Credentials contain security attributes of an object, e.g.,
its identity and privileges (like gate-passes)– Credentials are used for access controls, authentication,
etc.– An object may have several credentials, representing
privileges in different domains
© Chinese University, CSE Dept. Distributed Systems / 7 - 34
5.2 CORBA Security
Delegation– Passing of credentials from one object to
another, so that the receiving object (intermediate) can invoke a third object (target) on behalf of the passing object (invoker)
– Options of delegation:» no delegation» simple delegation» composite delegation» combined delegation» traced delegation
invoker
intermediate
target
Client credentials
Client credentials / intermediate credentials / mixed, according to different options
© Chinese University, CSE Dept. Distributed Systems / 7 - 35
5.2 CORBA Security
Non-repudiation service– provide services that make users / principals accountable for
their actions
Implementation: SSL services come with Orbix; separate purchase for Visibroker
Object A Object B
Evidencegeneration
&verification
Evidencestorage
&retrieval
DeliveryAuthority
Non-repudiation service
Adjudicator
Dispute/judgement
Service requests / responses