Đang chuẩn bị liên kết để tải về tài liệu:
Lecture Operating systems: A concept-based approach (2/e): Chapter 20 - Dhananjay M. Dhamdhere
Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Chapter 20 - Distributed system security. This chapter discusses authentication and message security measures used in distributed operating systems to thwart such attacks. Methods of verifying authenticity of data are also discussed. | PROPRIETARY MATERIAL. © 2007 The McGraw-Hill Companies, Inc. All rights reserved. No part of this PowerPoint slide may be displayed, reproduced or distributed in any form or by any means, without the prior written permission of the publisher, or used beyond the limited distribution to teachers and educators permitted by McGraw-Hill for their individual course preparation. If you are a student using this PowerPoint slide, you are using it without permission. Security issues in distributed systems Interprocess messages travel over the network Hence intruders can perpetrate attacks through messages Security threats in distributed systems Following threats can be posed through messages Leakage Message contents are read by intruder Tampering Messages are corrupted or altered Stealing Resources are accessed without authorization Denial of service Authorized users are prevented from accessing resources Mechanisms and policies for distributed system security Encryption ensures secrecy and . | PROPRIETARY MATERIAL. © 2007 The McGraw-Hill Companies, Inc. All rights reserved. No part of this PowerPoint slide may be displayed, reproduced or distributed in any form or by any means, without the prior written permission of the publisher, or used beyond the limited distribution to teachers and educators permitted by McGraw-Hill for their individual course preparation. If you are a student using this PowerPoint slide, you are using it without permission. Security issues in distributed systems Interprocess messages travel over the network Hence intruders can perpetrate attacks through messages Security threats in distributed systems Following threats can be posed through messages Leakage Message contents are read by intruder Tampering Messages are corrupted or altered Stealing Resources are accessed without authorization Denial of service Authorized users are prevented from accessing resources Mechanisms and policies for distributed system security Encryption ensures secrecy and integrity of meta data and messages Key distribution center generates encryption keys for communication Authentication is used to prevent masquerading Classes of security attacks Four classes of attacks Eavesdropping Intruder listens to messages on the network Message tampering Intruder corrupts or alters messages Message replay Intruder inserts copies of old messages in message communication to fool processes Masquerading Intruder is able to pass off as an authorized user to perform computations and use resources Message security Three techniques are used for message security Private key encryption All messages sent to a process are encrypted with its private key Problems: Private key is exposed to attacks all through process lifetime. Difficult for user processes to know each other’s keys. Used for communication from OS to user processes Public key encryption A process has a (public key, private key) pair Encryption is asymmetric: Messages sent to it are encrypted using its public key;