8.1 fundamentals of computer security
DESCRIPTION
WOOYOUNG KIM FALL 2009. 8.1 Fundamentals of Computer Security. Outline. Fundamentals of Computer Security Recent Study Future work. Fundamental of Computer Security [1]. Randy Chow, Theodore Johnson, “ Distributed Operating Systems & Algorithms ”, 1997. Contents. Goal - PowerPoint PPT PresentationTRANSCRIPT
WOOYOUNG KIMFALL 2009
8.1 Fundamentals of Computer Security
Outline
1. Fundamentals of Computer Security
2. Recent Study
3. Future work
Randy Chow, Theodore Johnson, “Distributed Operating Systems &
Algorithms”, 1997
Fundamental of Computer Security [1]
Contents
1. Goal
2. Security Policies, Models, and Mechanisms
3. Security Issues in Distributed Systems
1.Goal
Secrecy : protection from unauthorized disclosure
Integrity: protection from unauthorized modification
Availability : protection from denial of service (DoS)
Reliability: fault-tolerance
Safety: tolerance of user faults
2.Security Policies, Models, Mechanisms
Four categories of common security threats Interruption, interception, modification, fabrication.
Fundamental approach Authentication. Authorization. Fault-tolerance.
Policy – user requirements
Model – formal representation of policies
1. Discretionary : separation of users and data under on a individual basis.
2. Mandatory : requires access control of all subject and objects under its control on a system-wide basis.
Mechanism – enforce protection
3.Security Issues in Distributed Systems
Additional Goal Interoperability – effective information exchange. Transparency – uniform view of a system.
Approaches Additional layer of software Redesign the system
Issues Structure: Client/server paradigm Where to put security services.
Naqvi, S.; Riguidel, M., "Security architecture for
heterogeneous distributed computing systems,"
Security Technology, 2004. 38th Annual 2004 International
Carnahan Conference on , vol., no., pp. 34-41, 2004
Recent Study [2]
Contents
1. Introduction
2. Grid Computing
3. Challenges (of Integrating Heterogeneous Devices and Networks in the Grid)
4. Proposed Security Architecture
5. Conclusions
1. Introduction
Grid Computing Security problem:
heterogeneity involves different administrative domains. Security requires specialized Grid-enabled tools.
Mobile Computing Harvesting the wireless mobile devices within the
computational Grid is a challenge. Recent works in nanotechnology make it possible to develop
low-power, battery-operated devices for grid computing. High level of security is necessary.
1. Introduction – Cont’d
Goal Develop an infrastructure for the secure integration of
heterogeneous mobile devices in the distributed computing environments.
2. Grid Computing
Grid computing focuses on large-scale pervasive resource sharing, virtual and pluggable high-performance orientation.
Problem: coordinated resource sharing and problem solving in dynamic, multi-institutional virtual organizations.
Virtual Organization (VO): a set of individuals and/or institutions defined by such sharing rules.
2. Grid Computing – Cont’d
Infrastructure Requirements1. Security
2. Resource Management
3. Information Services
4. Data Management
Rising concerns Significant changes in accessing Grid resources Introduce new security concerns.
3. Challenges
The heterogeneous mobile consumer devices connected through a potentially unreliable wireless network poses great security challenges, especially if they function as gateways to the Grid resources.
3. Challenges – Cont’d
Challenges of Integrating Heterogeneous Devices and Networks in the Grid
1. Bandwidth – multi-path disturbances, power-signal degradation, inter-cell hand-off, always-on characteristics.
2. Power Supply
3. Software Support
4. Key Management Scheme for Smart Devices
3. Challenges – Cont’d
5. Security Gaps – middle boxes
Example of security Gap: If the SSL session was broken at C and re-established, then result in security gaps.
3. Challenges – Cont’d
6. Heterogeneous Security Solutions Security is always an issue with mobile wireless devices since
wireless transmission can be widely attacked.
Various security mechanisms and protocols have been developed.
But this created a heterogeneous security environment.
Very little research on coordinating a set of distributed security modules.
Security service relies on establishment of Security Associations (SA), but two devices with different security capabilities cannot communicate and set up SA.
3. Challenges – Cont’d Efforts
Develop cryptographic algorithms for efficient utilization and management.
There is tradeoff between high-degree security and high speed communication
Challenge 1- Managing the diverse security capabilities so that an end-to-end security service can be provided with the highest performance possible
Challenge2-managing security capabilities so that they can be reconfigured dynamically upon route changes, policy update, detection of intrusion or security service degradation etc., to maintain adequate levels of end-to-end security service.
4. Proposed Security Architecture
Computational Grids is steeped in complex and dynamic network environments.
1. Networks have ephemeral nodes, coming and leaving at any time in unpredictable ways.
2. Computer-based systems can be mobile.
These introduce peculiar challenging security requirements for Grid applications.
4. Proposed Security Architecture – Cont’d
Security Requirements for Grid applications and the solution
1. Trust and Reputation1) The time factor influences the trust.
Trust can be rapid (OAC) or sluggish
(OBC) depending on the various
parameters for trust.
If trust lost at t1, considerable time is
required for retrieval.
Trust vs. Time graph
4. Proposed Security Architecture – Cont’d
2) Entities may form alliances.
3) The trust model should compute the eventual trust based on a combination of direct trust and reputation and should be able to weigh the two components differently.
Di Dj
Di: Trustworthiness of Dj is based more on the direct relationship than the
reputation of Dj.
Direct relationship: (trust level in the direct-trust table[DTT]) X (decay function)
Reputation: AVG(product of the trust level in the reputation trust table [RTT].)
Propose: RTT=DTT, and introduce the recommender trust
factor R
4. Proposed Security Architecture – Cont’d
2. Semantic Interoperability For interoperability, need to examine
Separation of symbol and concept Nature of anthologies and their role Difficulties for effective communication
Must provide data separation between trusted and untrusted systems.
VO determines levels of trustworthiness for its various actors. Access control decisions are made by comparing a user’s level of
trustworthiness with a sensitivity level already marked. Application service must be provided for several operational
environments.
4. Proposed Security Architecture – Cont’d
3. Secure and Trusted Time Stamping Authority Signed document should contain a secure timestamp. Propose the construction of a secure and trusted time stamping
authority by obtaining time for stamping from a precise clock that is synchronous to two atomic clocks.
Digital signature is obtained by using the RSA cryptosystem, and a secret key of a time stamping authority is stored at distributed servers.
For protection, the trusted clock frequently changes its location and the locations are computed with a random number of generator.
4. Proposed Security Architecture – Cont’d
4. Space Consideration Related to spatial-awareness Primitive level: space is the network space, distance are measured
with hops. Can include more physically grounded concepts of space,
requiring some computing scenario Can map the peers of a network in any sort of virtual space, which
should be supported by an appropriate routing mechanism.
4. Proposed Security Architecture – Cont’d
5. Context-Awarenesso Must transparently determine the sources and handle a
high degree of context changes.o Propose a context-awareness module.
Environment Role Activation Service Maintains information on the system state.
Context Management Services Collect environment variables and their associated
values Smart Sensors
Collect useful security-relevant data.
4. Proposed Security Architecture – Cont’d
Context Management
Environment Role Activation Service
Authorization server
Authentication server
resources
Context-Awareness module in the Security Architecture
user
Smart Sensors
4. Proposed Security Architecture – Cont’d
6. Secure Code Mobilityo Mobile code/agent is exposed to various security threats
o The only existing defense is using trusted hardware
o Propose a generic secure computation service that performs some cryptographic operations on behalf of the mobile code.
4. Proposed Security Architecture – Cont’d
7. Virtualization of Security Serviceso Virtualization of security services is having the absolute
freedom to choose the underlying security mechanism.
User domain: user, local resource, authentication server
Target domain: target resources, authorization server, a local CA, and access policy.
Between two domains, need an intermediary architecture.
Security services including pluggable security services, security units of two domains virtualizes the security dialogues.
4. Proposed Security Architecture – Cont’d
8. Pluggable Security Serviceso Propose to extend the concept of security as services to
security as pluggable services.
o This extension permits the evolution of security infrastructure with less impact on the resource management functionalities.
o It permits the users and resource providers to configure the security architecture based on their requirements and satisfaction level.
4. Proposed Security Architecture – Cont’d
9. Evaluation of Security Qualityo Quality of Protection (QoP) is defined in generic security
service application program interface (GSS-API)
o Propose Quality of Security Service (QoSS) is as an extension of QoP to cover a broad range of security services.
o QoSS allows ranges of security to be specified, giving the opportunity to dynamically adjust to fit the security needs.
o QoSS can be used for the evaluation of user mobility in ubiquitous environments in heterogeneous devices.
5. Conclusions
Security is one of the biggest challenges for the coupling of mobile devices and geographically distributed computers.
Propose a new approach to deal with the challenges by the Grid.
The proposed approach is flexible and adaptive.
The design is consistent but fine-grained levels of trust and security in heterogeneous distributed computing systems.
Future Works
The approach is a first attempt for the development of an adaptive Grid security mechanism.
A number of tests and simulations are required before it can be effectively implilented on a real Grid computing system.
Reference
1. Randy Chow, Theodore Johnson, “Distributed Operating Systems & Algorithms”, 1997
2. Naqvi, S.; Riguidel, M., "Security architecture for heterogeneous distributed computing systems," Security Technology, 2004. 38th Annual 2004 International Carnahan Conference on , vol., no., pp. 34-41, 11-14 Oct. 2004URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=1405366&isnumber=30459
Thank You