CSC8320

OutlineContent from the bookRecent WorkFuture Work

Distributed Systems SecurityDifferent from operating system securityNo central trusted authority that mediates

interaction between users and processes.Distributed system runs on top of a large number

of loosely coupled autonomous hosts, that maybe running different OS’s with possibly different security policies.

Application level security is not the solution as programmers are not security experts and security depends on application call chain

Thus the issue of security is complex in distributed systems

Security IssuesConfidentiality

Information might be revealed to unauthorized users

IntegrityData is corrupted or changed either

intentionally or unintentionallyAccountability

Information of actions cannot be attributed accurately to the person or user

Loss of ServiceService is denied to authorized users

DDoSDistributed Denial of ServiceAttempts to make an available resource

unavailableAttacker uses a “botnet” – hacked

computers/network of computers – to send traffic to a particular site or a system and this way slows down/denies regular users access to the site. With enough computers, the attacker could even bring down the site

Protection against threatsAuthentication

First line of defense. Only authenticated users have access to the system

AuthorizationSecond line of defense. Only authorized users

have acces to a file or objectAuditing

Maintain a security log that logs all activities in the system. This helps to trace security attacks

ProxyCertificate used to verify that a principal truly

delegates a subset of its rights to another principal for performing some tasks on its behalf

Properties that proxy protocols should ideally exhibit include authenticity, integrity, additivity, sufficiency and revocability

Advantage of proxy is that the amount of file transfer in the network is reduced. Thus delegation of responsibilities improves the efficiency of processing

Traffic Analysis PreventionUnauthorized users may gain useful

information from analyzing the network trafficTraffic Analysis Prevention (TAP) regulates

information flow in the networkCommon TAP approaches include

Encryption – messages are encrypted to prevent unauthorized disclosure of the contents

Padding – Packets are padded with redundant bytes such that all packets appear to be of same size

Routing and Scheduling

AuditingPassive protection – acts as a last resort

when other mechanisms such as authentication and authorization are not sufficient to protect the security of the system

Can be performed online in the firewalls for early detection of threats or offline when an attack or problem has already occured

Maintain log files that record all activity in the system and the network

Audit logs help to trace security attacks

Recent WorkA stateful CSG-based Distributed Firewall

Architecture for robust Distributed Security [2009, Ramsurrun.V, Soyjaudah]Distributed security model following a bottom-

up approach such that each cluster of end-user hosts are first secured using the Cluster Security Gateway architecture

Provides higher level of protection compared to traditional firewalls

Architecture

Architecture contdStateful CSG

Multiple active firewalls nodes acting in parallel to filter traffic

Network admin machineContains the Policy Repository (central

repository where all firewall scripts deployed in the network are stored) and the Policy Distributor (sends firewall updates to the CSMs by establishing secure and encrypted end-end connections with the CSM)

Architecture contdCluster Security Manager (CSM)

Receives firewall updates from the policy distributor. Each end user cluster has a CSM and this then distributes those updates across the multiple firewall nodes

Gateway firewallFirst line of access control and protection

against external attacksAlso has a CSM for receiving updates from the

network administrator

Future WorkArtificially Intelligent systems that enforce

security policies and detect/prevent attacks based on past occurrences and heuristics ?

Adaptive distributed systems that evolve their behavior based on the changes in their environment so that they continually provide their intended functionalities

References R. Chow,T. Johnson, “Distributed Operating , Systems & Algorithms”,

Addison Wesley, 1997 Distributed Denial-of-Service Attacks and You,

http://www.microsoft.com/technet/Security/bestprac/ddosatku.mspx?pf=true, April 11,2007

“A stateful CSG-based distributed firewall architecture for robust distributed security” , Ramsurrun.V, Soyjaudah K.M.S, Jan 2009