IEC 312 - Distributed System Security
IEC 312 - Distributed System Security
IEC 312 - Distributed System Security
System Security
Dr. E.Silambarasan
Assistant Professor
Department of CSE - Cyber Security
Indian Institute of Information Technology, Kottayam
Module 1
• Introduction- Background, Distributed Systems, Distributed Systems Security, Common Security
Issues and Technologies
• Host-Level Threats and Vulnerabilities- Background, Malware, Eavesdropping, Job Faults, Resource
Starvation, Privilege Escalation, Injection Attacks.
• Infrastructure-Level Threats and Vulnerabilities- Introduction, Network- Level Threats and
Vulnerabilities, Grid Computing Threats and Vulnerabilities, Storage Threats and Vulnerabilities,
Overview of Infrastructure Threats and Vulnerabilities.
Distributed System(DS)
• A distributed system is a collection of independent computers that appears to its users as a single coherent
system.
• Distributed systems involve the interaction between disparate independent entities, bounded
by common language and protocols and working towards a common goal.
• This definition has several important aspects. The first one is that a distributed system consists of components
(i.e., computers) that are autonomous. A second aspect is that users (be they people or programs) think they
are dealing with a single system.
Characteristics of DS:
• Mandatory Characteristics
• Multiple entities - Users or sub-systems which compose the DS
• Heterogeneity – Type of system or user underlying policies and/or the data/resources
that the subsystem consumes.
• Concurrency – Different components of DSs may run concurrently as components may
be loosely coupled. There is a need to understand the synchronization issues during the
design of DS.
• Resource Sharing
• Desirable Characteristics
• Openness – Architecture, protocols, resources, and infrastructure, where they can be
extended or replaced without affecting the system behavior.
• Scalability
• Transparency
• Location transparency – Location disparity between different systems
• System Transparency - system issues like failure, concurrency, scaling, migration,
and so on.
• Types of DS:
• Distributed Computing System – Providing computation
• Distributed Information System – responsible for storing and retrieving information in a distributed
manner
• Distributed Pervasive System – Next-generation DS which is ubiquitous(everywhere) in nature
Distributed Computing Systems
• Cluster computing system
• A characteristic feature of cluster computing is its homogeneity.
• Hardware consists of a collection of similar workstations or PCs, closely connected by means of a
highspeed local-area network. In addition, each node runs the same operating system.
• Became popular when the price/performance ratio of personal computers and workstations improved. At
a certain point, it became financially and technically attractive to build a supercomputer using off-the-
shelf technology by simply hooking up a collection of relatively simple computers in a high-speed
network.
• In virtually all cases, cluster computing is used for parallel programming in which a single (compute-
intensive) program is run in parallel on multiple machines.
Distributed Computing Systems
• Grid Computing System
• Grid computing systems have a high degree of heterogeneity: no assumptions are made concerning
hardware, operating systems, networks, administrative domains, security policies, etc.
• This system consists of distributed systems that are often constructed as a federation of computer
systems, where each system may fall under a different administrative domain, and may be very different
when it comes to hardware, software, and deployed network technology.
• A key issue in a grid computing system is that resources from different organizations are brought
together to allow the collaboration of a group of people or institutions. Such a collaboration is realized in
the form of a virtual organization.
Distributed Information System
• Transaction processing system
• Single database
• Transaction primitives: Start_Transaction, End_Transaction, Abort_Transaction, Read and Write
• ACID Properties
• Nested Database
• The top-level transaction may fork off children that run in parallel with one another, on different machines, to
gain performance or simplify programming.
• Each of these children may also execute one or more sub-transactions, or fork off its own children.
• Nested transactions are important in distributed systems, for they provide a natural way of distributing a
transaction across multiple machines. They follow a logical division of the work of the original transaction.
Distributed Information System
Enterprises Application system
• CORBA, RPC/RMI, DCOM
• RPC and RMI have the disadvantage that the caller and callee both need to be up and running at the time of
communication.
• Message-oriented middleware (MOM), publish/subscribe systems form an important and expanding class of
distributed systems.
• None of these systems were taken up in a big way by the industries, mainly because of their tightly-coupled
nature. Current trends in the application space suggest that enterprises are moving away from monolithic
tightly-coupled systems toward loosely-coupled dynamically-bound components.
• Web Services can be thought of as reusable, loosely-coupled software components that are deployed over the
network, or specifically the World Wide Web.
• Simplicity: Implementation of Web Services is very simple from the point of view of programmers and as a
result, easy and fast deployments are possible.
• All the underlying technologies and protocols are based on Extended Markup Language (XML )
• Loosely coupled: Since the very design of Web Services is based on the loose coupling of its different
components, they can be deployed on demand.
• Platform independent: Web Services architecture is platform- and language-independent since it is based on
XML technologies. Therefore, one can write a client in C++ running on Windows, while the Web Service is
written in Java running on Linux.
• Transparent: Since most of the deployed Web Services use Hypertext Transfer Protocol (HTTP) for
transmitting messages, they are transparent to firewalls, which generally allow HTTP to pass through.
• This may not always be the case for CORBA, RMI, and so on.
Distributed Pervasive System
• Home system
• Electronic health care system
• Sensor networks
• A sensor network typically consists of tens to hundreds or thousands of relatively small nodes, each
equipped with a sensing device.
• Most sensor networks use wireless communication, and the nodes are often battery-powered.
• Their limited resources, restricted communication capabilities, and constrained power consumption
demand that efficiency be high on the list of design criteria.
• The relation with distributed systems can be made clear by considering sensor networks as distributed
databases.
• To organize a sensor network as a distributed database, there are essentially two extremes.
• First, sensors do not cooperate but simply send their data to a centralized database located at the
operator's site.
• The other extreme is to forward queries to relevant sensors and to let each compute an answer, requiring
the operator to sensibly aggregate the returned answers.
Different Distributed architecture
• Client-server-based architecture
• Drawbacks
• Scalability – Scale up (High-end server ) and scale out (Distributed the server into multiple servers)
• Flexibility – Two-tier architecture faces inflexibility, and three-tier architecture tackles this problem.
• Multinode
• Parallel processing
• Components
• Processing nodes
• Scheduler or load balancer
• Clients
• Advantage
• Performance
• Fault tolerance
• Scalability
• Challenges
• Synchronization
• Security
• Load balancing
Different Distributed architecture
• Peer to Peer
• Applications – File distribution and transfer, data and information storage
• Advantage – Scalability and fault tolerance
• Disadvantage – Security and service level agreement.
• Service Oriented Architecture (SOA)
• Service refers to a modular, self-contained piece of software, which has well-defined functionality
expressed in abstract terms independent of the underlying implementation.
• Three fundamental roles
• Service provider
• Service requestor
• Service registry
• Three fundamental operations
• Publish
• Find
• Bind
• Example: Web services
Challenges in Designing Distributed Systems
• Synchronization
• This problem of synchronizing concurrent events also occurs in a non-distributed system.
• But in DS, the problem gets amplified many times.
• Absence of a globally-shared clock, absence of global shared memory in most cases, and the
presence of partial failures make synchronization a complex problem to deal with.
• Issues:
• Clock synchronization – (i) Time server information to all nodes and (ii) nodes exchange
information P2P.
• Leader election
• Collection of global state (Summation of local states and states in transit)
– Debugging and knowledge of the global state is useful.
• Mutual exclusion
• To emulate the centralized system by having the server manage the process lock through the use
of tokens.
• Tokens can also be managed in a distributed manner using a ring or a P2P system
Challenges in Designing Distributed Systems
• Fault Tolerance
• Both an opportunity and a threat.
• Opportunity: Natural redundancy, which can be used to provide fault tolerance.
• Threat: The issue of fault tolerance is complex.
• One of the issues that haunt distributed systems designers is the source of many failures.
• Processing site
• In DS, processing sites are independent meaning that they are independent points of failure.
• User point of you no issue but developer’s point of view, it is a complex problem.
• Processing site failure means that the software on the remaining sites needs to detect and
handle that failure in some way.
Challenges in Designing Distributed Systems
• Fault Tolerance
• Communication media
• A permanent hard failure of the entire medium, which makes communication between processing
sites impossible.
• In the most severe cases, this type of failure can lead to the partitioning of the system into multiple
parts that are completely isolated from each other.
• The danger here is that the different parts will undertake activities that conflict with each other.
• Intermittent failures are more difficult to detect and correct, especially if the media is wireless in
nature.
• Errors due to Transmission delays
• Two types of problems caused by Message delays – Variable time delay and constant time delay.
• The delay depends on a number of factors: route taken through the communication medium,
congestion in the medium, congestion at the processing sites (e.g. a busy receiver), intermittent
hardware failures, etc..
• Even if the transmission delay is constant, there is still the problem of out-of-date information.
• Since messages are used to convey information about state changes between components of the
distributed system if the delays experienced are greater than the time required to change from one
state to the next, the information in these messages will be out of date
Challenges in Designing Distributed Systems
• Fault Tolerance
• Distributed agreements
• There are many variations of this problem, including time synchronization, consistently
distributed state, distributed mutual exclusion, distributed transaction commit, distributed
termination, distributed election, and so on.
• All of these reduce the common problem of reaching an agreement in a distributed
environment in the presence of failures.
• Security
• The complexity of the issue arises from the different points of vulnerability that exist in a
distributed system.
• The processing nodes, transmission media and clients are the obvious points that need to be
secured.
• With the growth of heterogeneity in different layers of enterprise infrastructure, the complexity
increases enormously.
Distributed Systems Security
• Security in distributed systems is critical and absolutely essential. However, it is also extremely
challenging.
• Protecting physical infrastructure vs Distributed security in the digital world.
• IT enterprises layered view
Common Security Issues and Technologies
• Security Issues
• Authentication
• Authorization
• Discretionary Access Control
• Role-based Access Control
• Mandatory Access Control
• Data Integrity
• Confidentiality
• Availability
• Denial of Service Attack
• Trust
• Definition of Trust
• Privacy
• Identity Management
Common Security Techniques
• Encryption
• Symmetric Key Encryption
• Asymmetric Key Encryption
• Digital Signature and Message Authentication Codes
• Authentication mechanism
• Password Based Authentication
• Certificate Based Authentication
• Biometric Based Authentication
• Smart cards Based Authentication
Common Security Techniques
• Public Key Infrastructure (PKI)
• Components of PKI
• Certificate Authority
• Registration Authority
• Repositories
• Services of PKI
• Issuing of Certificate
• Revoking of Certificate
• Governance
• Archival
Common Security Techniques
• Models of Trust
• Implicit Trust Model
• Explicit Trust Model
• Intermediary Trust Model
• Firewall
• Packet filtering firewall
• Proxy firewall
• Application-level firewall