logging in or signing up Security in Distributed System amiayan Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1649 Category: Science & Tech.. License: All Rights Reserved Like it (7) Dislike it (0) Added: November 13, 2009 This Presentation is Public Favorites: 1 Presentation Description send me mail @ rintu08@gmail.com for the ppt file Comments Posting comment... By: amiayan (9 month(s) ago) Sorry guys.. i am checking this site after long time.. now you can download it... If it helps you plz don't forget to put a comment. thanks to all .... Saving..... Post Reply Close Saving..... Edit Comment Close By: karthikgurunadh (9 month(s) ago) nice presentation send me download link to karthik.kanna143@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: savitamangalore (11 month(s) ago) excellent ppt. Pl send the ppt or allow me to download Savita Saving..... Post Reply Close Saving..... Edit Comment Close By: jeetukaushik (13 month(s) ago) ek dam mast ppt h. Saving..... Post Reply Close Saving..... Edit Comment Close By: Kace0104 (14 month(s) ago) hey am Wallace.........your presentation is awesome and very helping........please share it with me.......for reference purpose......my email....kenchb2@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Slide 1: SECURITY IN DISTRIBUTED SYSTEMS Slide 2: Introduction What is security in computer system? A computer system is said to be secured if it is Dependable. DEPENDIBILITY includes AVAILABILITY RELIABILITY MAINTAINABILITY CONFIDENTIALITY INTEGRITY In past two decades computer system has grown rapidly . e.g., WWW, automatic teller machines, distant learning. As computer systems become widely used, their security and reliability becomes very important. Slide 3: Threats In Security: INTERRUPTION Refers to the situation where services or data become unavailable. INTERCEPTION Refers to the situation where unauthorized party has gained access to a service or data. MODIFICATION Involves unauthorized change of data or tampering with a service. FABRICATION Generation of additional data or service that is irrelevant to the system. Slide 4: Security Policy It determines precisely which actions the entities in a system are allowed to take and which ones are prohibited. Security Mechanism The security policy can be enforced by following techniques ENCRYPTION Transforming data into coded text that an attacker cannot understand. AUTHENTICATION Verifying the claimed identity of different entities. AUTHORIZATION Verifying whether the client is allowed to perform the requested service. AUDITING Tracing each and every client’s activity . Slide 5: Design Issues For designing distributed security two main objectives are considered 1. FOCUS OF CONTROL (putting the perimeter into the system) Three different approaches are followed for protection of a distributed application a) Protection against invalid operations Protection against unauthorized invocations Protection against unauthorized users Slide 6: Layering Of Security Mechanism ( At which level security mechanism is placed) Level in this context is related to the logical organization of a system into a number of layers. Slide 7: Cryptography This technique is used to make the messages secure and immune to attack Data Secret from Data encryption decryption Slide 8: Classification Of Cryptography CRYPTOGRAPHY ASYMMETRIC SYMMETRIC Slide 9: Symmetric Key Cryptography Here same key is used by both parties . The sender uses this key and an encryption algorithm to encrypt data . The receiver uses the same key and corresponding decryption algorithm to decrypt the data. Encryption Decryption Shared secret key Ciphertext Plaintext Plaintext Slide 10: Example Secret Key: Shift every alphabet by 15 positions Plaintext: HELLO Cipher text: WTAAD Encryption Decryption Shared secret key HELLO HELLO WTAAD Slide 11: Asymmetric Key Cryptography Here basically two keys are used namely a) Public Key b) Private Key The private key is kept by the receiver . The public key is announced to the public. Encryption Decryption To the public Plaintext Plaintext Ciphertext Slide 12: Algorithm Receiver chooses two very large prime numbers p and q. Receiver calculates modulus for encryption n = p X q Receiver calculates another number Q = (p-1) X (q – 1) Receiver chooses a random integer e. Then calculates d so that d x e = 1 mod Q. Receiver announces e and n to the public and keeps Q and d secret. Cliphertext C = Pe(mod n) Plaintext P = Cd (mod n) Slide 13: Authentication Often the channels are not secure. When a message is exchanged between two parties any intruder can fabricate the correct message. Also interruption and modification may occur during communication. That’s why identity of both parties must be known to each other. The Process of doing so is called Authentication. Five Messages used for authentication : Five Messages used for authentication At the very outset MESSAGE with senders identity is sent to receiver. Next receiver sends a CHALLENGE to sender. Then the sender is responsible for encoding the challenge with Secrete Key and sends it to receiver. Receiver decrypts the message using shared key. If decrypted message contains the CHALLENGE sent by receiver then receiver knows that it was sent by authenticated sender. Then the sender follows the above process in reverse direction to authenticate the receiver. Slide 15: Implementation Five message authentication Slide 16: Three Message Authentication Sender sends IDENTITY along with CHALLENGE to receiver. Receiver encrypt the CHALLENGE with SHARED SECRET KEY. Receiver sends back encrypted CHALLENGE along with OWN CHALLENGE. Sender sends encrypted receiver’s CHALLENGE. Authentication using shared secret key and three messages : Authentication using shared secret key and three messages Slide 18: Authentication using Key Distribution Center For N hosts we need to maintain N x (N-1)/2 For large number of hosts, number of shared secret keys will be large. To avoid this problem Key Distribution Center is used. KDC maintains shared key with each of the host. Slide 19: Algorithm First sender sends a request to KDC that it wants to communicate with a particular host. KDC generates a SHARED SECRET KEY for both the host. The SHARED SECRET KEY is encrypted for both the hosts differently. Authentication using Key distribution center : Authentication using Key distribution center Slide 21: Message Integrity and Confidentiality Besides establishing secure channel the INTEGRITY and CONFIDENTIALITY must be maintained. INTEGRITY: Message is protected against fabrication and modification. CONFIDENTIALITY: The message should not be intercepted by third party. Solution? Digital Signature Digital Signatures : Digital Signatures Digital signing a message using public-key cryptography. Access Control : Access Control Formally verifying the access rights is called access control. The object that is to be protected is put behind the Reference Monitor. The subjects that wants to access the object sends request for operation to reference monitor. The reference monitor decides whether permission for access should be granted or not. Slide 24: General model of controlling access to objects Slide 25: Access Control Matrix Comparison between ACLs and capabilities for protecting objects. Using an ACL Using capabilities. Slide 26: Firewall A more sophisticated way to secure a large distributed network is Firewall. There are two types of firewall namely: Packet Filtering Gateway Application Level gateway Slide 27: Implementation Other Issues : Other Issues There are several other ways to implement security They are Protecting the target Security management Secure group management Summary : Summary The methods described before are used to implement security in distributed systems. Although providing security is a very difficult task different mechanisms and policies are used to maintain security. Some of the widely used security systems are Kerberos : based on shared key. SESAME : based on public key cryptography and shared secret key. Slide 30: THANK YOU You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Security in Distributed System amiayan Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1649 Category: Science & Tech.. License: All Rights Reserved Like it (7) Dislike it (0) Added: November 13, 2009 This Presentation is Public Favorites: 1 Presentation Description send me mail @ rintu08@gmail.com for the ppt file Comments Posting comment... By: amiayan (9 month(s) ago) Sorry guys.. i am checking this site after long time.. now you can download it... If it helps you plz don't forget to put a comment. thanks to all .... Saving..... Post Reply Close Saving..... Edit Comment Close By: karthikgurunadh (9 month(s) ago) nice presentation send me download link to karthik.kanna143@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: savitamangalore (11 month(s) ago) excellent ppt. Pl send the ppt or allow me to download Savita Saving..... Post Reply Close Saving..... Edit Comment Close By: jeetukaushik (13 month(s) ago) ek dam mast ppt h. Saving..... Post Reply Close Saving..... Edit Comment Close By: Kace0104 (14 month(s) ago) hey am Wallace.........your presentation is awesome and very helping........please share it with me.......for reference purpose......my email....kenchb2@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Slide 1: SECURITY IN DISTRIBUTED SYSTEMS Slide 2: Introduction What is security in computer system? A computer system is said to be secured if it is Dependable. DEPENDIBILITY includes AVAILABILITY RELIABILITY MAINTAINABILITY CONFIDENTIALITY INTEGRITY In past two decades computer system has grown rapidly . e.g., WWW, automatic teller machines, distant learning. As computer systems become widely used, their security and reliability becomes very important. Slide 3: Threats In Security: INTERRUPTION Refers to the situation where services or data become unavailable. INTERCEPTION Refers to the situation where unauthorized party has gained access to a service or data. MODIFICATION Involves unauthorized change of data or tampering with a service. FABRICATION Generation of additional data or service that is irrelevant to the system. Slide 4: Security Policy It determines precisely which actions the entities in a system are allowed to take and which ones are prohibited. Security Mechanism The security policy can be enforced by following techniques ENCRYPTION Transforming data into coded text that an attacker cannot understand. AUTHENTICATION Verifying the claimed identity of different entities. AUTHORIZATION Verifying whether the client is allowed to perform the requested service. AUDITING Tracing each and every client’s activity . Slide 5: Design Issues For designing distributed security two main objectives are considered 1. FOCUS OF CONTROL (putting the perimeter into the system) Three different approaches are followed for protection of a distributed application a) Protection against invalid operations Protection against unauthorized invocations Protection against unauthorized users Slide 6: Layering Of Security Mechanism ( At which level security mechanism is placed) Level in this context is related to the logical organization of a system into a number of layers. Slide 7: Cryptography This technique is used to make the messages secure and immune to attack Data Secret from Data encryption decryption Slide 8: Classification Of Cryptography CRYPTOGRAPHY ASYMMETRIC SYMMETRIC Slide 9: Symmetric Key Cryptography Here same key is used by both parties . The sender uses this key and an encryption algorithm to encrypt data . The receiver uses the same key and corresponding decryption algorithm to decrypt the data. Encryption Decryption Shared secret key Ciphertext Plaintext Plaintext Slide 10: Example Secret Key: Shift every alphabet by 15 positions Plaintext: HELLO Cipher text: WTAAD Encryption Decryption Shared secret key HELLO HELLO WTAAD Slide 11: Asymmetric Key Cryptography Here basically two keys are used namely a) Public Key b) Private Key The private key is kept by the receiver . The public key is announced to the public. Encryption Decryption To the public Plaintext Plaintext Ciphertext Slide 12: Algorithm Receiver chooses two very large prime numbers p and q. Receiver calculates modulus for encryption n = p X q Receiver calculates another number Q = (p-1) X (q – 1) Receiver chooses a random integer e. Then calculates d so that d x e = 1 mod Q. Receiver announces e and n to the public and keeps Q and d secret. Cliphertext C = Pe(mod n) Plaintext P = Cd (mod n) Slide 13: Authentication Often the channels are not secure. When a message is exchanged between two parties any intruder can fabricate the correct message. Also interruption and modification may occur during communication. That’s why identity of both parties must be known to each other. The Process of doing so is called Authentication. Five Messages used for authentication : Five Messages used for authentication At the very outset MESSAGE with senders identity is sent to receiver. Next receiver sends a CHALLENGE to sender. Then the sender is responsible for encoding the challenge with Secrete Key and sends it to receiver. Receiver decrypts the message using shared key. If decrypted message contains the CHALLENGE sent by receiver then receiver knows that it was sent by authenticated sender. Then the sender follows the above process in reverse direction to authenticate the receiver. Slide 15: Implementation Five message authentication Slide 16: Three Message Authentication Sender sends IDENTITY along with CHALLENGE to receiver. Receiver encrypt the CHALLENGE with SHARED SECRET KEY. Receiver sends back encrypted CHALLENGE along with OWN CHALLENGE. Sender sends encrypted receiver’s CHALLENGE. Authentication using shared secret key and three messages : Authentication using shared secret key and three messages Slide 18: Authentication using Key Distribution Center For N hosts we need to maintain N x (N-1)/2 For large number of hosts, number of shared secret keys will be large. To avoid this problem Key Distribution Center is used. KDC maintains shared key with each of the host. Slide 19: Algorithm First sender sends a request to KDC that it wants to communicate with a particular host. KDC generates a SHARED SECRET KEY for both the host. The SHARED SECRET KEY is encrypted for both the hosts differently. Authentication using Key distribution center : Authentication using Key distribution center Slide 21: Message Integrity and Confidentiality Besides establishing secure channel the INTEGRITY and CONFIDENTIALITY must be maintained. INTEGRITY: Message is protected against fabrication and modification. CONFIDENTIALITY: The message should not be intercepted by third party. Solution? Digital Signature Digital Signatures : Digital Signatures Digital signing a message using public-key cryptography. Access Control : Access Control Formally verifying the access rights is called access control. The object that is to be protected is put behind the Reference Monitor. The subjects that wants to access the object sends request for operation to reference monitor. The reference monitor decides whether permission for access should be granted or not. Slide 24: General model of controlling access to objects Slide 25: Access Control Matrix Comparison between ACLs and capabilities for protecting objects. Using an ACL Using capabilities. Slide 26: Firewall A more sophisticated way to secure a large distributed network is Firewall. There are two types of firewall namely: Packet Filtering Gateway Application Level gateway Slide 27: Implementation Other Issues : Other Issues There are several other ways to implement security They are Protecting the target Security management Secure group management Summary : Summary The methods described before are used to implement security in distributed systems. Although providing security is a very difficult task different mechanisms and policies are used to maintain security. Some of the widely used security systems are Kerberos : based on shared key. SESAME : based on public key cryptography and shared secret key. Slide 30: THANK YOU