tailieunhanh - Lecture Operating systems: A concept-based approach (2/e): Chapter 20 - Dhananjay M. Dhamdhere

Chapter 20 - Distributed system security. This chapter discusses authentication and message security measures used in distributed operating systems to thwart such attacks. Methods of verifying authenticity of data are also discussed. | PROPRIETARY MATERIAL. © 2007 The McGraw-Hill Companies, Inc. All rights reserved. No part of this PowerPoint slide may be displayed, reproduced or distributed in any form or by any means, without the prior written permission of the publisher, or used beyond the limited distribution to teachers and educators permitted by McGraw-Hill for their individual course preparation. If you are a student using this PowerPoint slide, you are using it without permission. Security issues in distributed systems Interprocess messages travel over the network Hence intruders can perpetrate attacks through messages Security threats in distributed systems Following threats can be posed through messages Leakage Message contents are read by intruder Tampering Messages are corrupted or altered Stealing Resources are accessed without authorization Denial of service Authorized users are prevented from accessing resources Mechanisms and policies for distributed system security Encryption ensures secrecy and . | PROPRIETARY MATERIAL. © 2007 The McGraw-Hill Companies, Inc. All rights reserved. No part of this PowerPoint slide may be displayed, reproduced or distributed in any form or by any means, without the prior written permission of the publisher, or used beyond the limited distribution to teachers and educators permitted by McGraw-Hill for their individual course preparation. If you are a student using this PowerPoint slide, you are using it without permission. Security issues in distributed systems Interprocess messages travel over the network Hence intruders can perpetrate attacks through messages Security threats in distributed systems Following threats can be posed through messages Leakage Message contents are read by intruder Tampering Messages are corrupted or altered Stealing Resources are accessed without authorization Denial of service Authorized users are prevented from accessing resources Mechanisms and policies for distributed system security Encryption ensures secrecy and integrity of meta data and messages Key distribution center generates encryption keys for communication Authentication is used to prevent masquerading Classes of security attacks Four classes of attacks Eavesdropping Intruder listens to messages on the network Message tampering Intruder corrupts or alters messages Message replay Intruder inserts copies of old messages in message communication to fool processes Masquerading Intruder is able to pass off as an authorized user to perform computations and use resources Message security Three techniques are used for message security Private key encryption All messages sent to a process are encrypted with its private key Problems: Private key is exposed to attacks all through process lifetime. Difficult for user processes to know each other’s keys. Used for communication from OS to user processes Public key encryption A process has a (public key, private key) pair Encryption is asymmetric: Messages sent to it are encrypted using its public key;

• Hệ điều hành
• Operating systems
• Lecture Operating systems
• Hệ điều hành
• Distributed system security
• Message security
• Authentication of data
• Multiprocessor operating systems
• Structure of operating systems
• Distributed operating systems
• Memory management
• Lecture Advanced Operating Systems
• Advanced Operating Systems
• Bài giảng Hệ điều hành nâng cao
• Server operating systems
• PC operating systems
• Main frame operating systems
• Real time operating systems
• Embedded systems
• Modern operating systems
• Evolution of operating systems
• Memory protection
• File systems
• Distributed systems
• Network operating systems
• Resource management
• User programs
• Computing environments
• Monolithic structure
• Implementing processes
• Process synchronization
• Scheduling policies
• Deadlock detection
• Handling deadlocks
• Message passing
• Implementing message passing
• Virtual memory
• Virtual memory manager
• File operations
• Distributed control algorithms
• Election algorithms
• Characteristics of real time operating systems
• Real time scheduling
• Networking essentials plus
• Lecture Networking essentials plus
• Novell operating systems
• Microsoft network operating systems
• Operating system
• Operating system concept
• Operating systems design
• Operating systems capabilities
• Network operating system
• Bài giảng Hệ điều hành
• Operating system structures
• Operating system design
• Operating system services
• Disk scheduling
• file management
• Embedded operating systems
• Virtual machines
• Operating system securit
• Cloud and IoT operating systems
• Internalsand design principles
• Computer system
• Operating system objectives