Security: Strategies For Securing Distributed Systems
Security: Strategies For Securing Distributed Systems
Refer to the
textbook for
additional
details on this
DS security
architecture.
Design Issues
There are three main design issues to consider when
considering security:
1. Focus of Control.
3. Simplicity.
Design Issue: Focus of Control
Fundamental technique
within any distributed systems
security environment:
Cryptography.
Types of Cryptosystems
Symmetric: often referred to as conventional
cryptography, defined as:
P = Dk ( Ek ( P ) )
P = Dkd ( Eke ( P ) )
Hash (One-Way) Functions
h = H( m )
Notation Description
K A Public key of A
K A Private key of A
Participants/Components
1. Authentication.
2. Message Integrity.
3. Confidentiality.
Authentication
Comparison between
ACLs and
capabilities for
protecting objects.
a) Using an ACL.
b) Using capabilities.
Protection Domains
1. Read-only state.
2. Append-only logs.
3. Selective Revealing.
Protecting the Target (1)
8-27
8-28
8-29
Key issues:
Secret-key distribution
Key Distribution (2)
Authentication in Kerberos.
Example: Kerberos (2)