CS 550-395
Security Concepts in Distributed Systems
By
HARISH R. KUMAR
INDEX
Page no
1. Introduction
2
2. What is Security?
3
3. Distributed System Authentication
4
4. Firewalls
5
5. Firewall components
6
6. Keys
8
7. Hash Algorithms
10
8. SSL
11
9. HMAC
12
10.Conclusion
13
11.References
14
1
Introduction
Security is increasingly important in modern networked computer systems. Some
organizations have a written security policy – generally a natural language specification
containing statements such as workstations require password based login before use;
personnel information must be accessible only to authorized users or the security
administrator must investigate all occurrences of more than 5 login failures from a single
source. In many cases the only specification is the actual implementation of security in
terms of access control lists or the procedures followed by administrators. It is therefore
very difficult to validate whether the security implementation in an organization
conforms to a policy specification, assuming one exists.
The situation may be further complicated when multiple different organizations cooperate via networked systems as they may have very different security policies,
procedures and implementation platforms. Also the information relating to user
permission may be held in different formats on the various systems. The system has to
cater for large numbers of objects, distributed across multiple computers and a dynamic
object population where object lifetimes can range from milliseconds to years.
Most current work on security policy concentrates only on authorization policy that is
essentially passive in that it is checked only when an operation is invoked to determine
whether the operation should be permitted or forbidden. The active aspects of security
policy, which define actions to be performed when events such as security violations are
detected, are often specified as procedures to be followed by administrators or are coded
into security components. A clear "formal" specification of security policy is needed that
covers obligation policy (who is responsible for performing actions related to
management and enforcement of security) as well as authorization policy (what
operations a subject is permitted to perform on a resource). There is also a need to specify
policies about permitted information flow and required information transformation c.f.
military style mandatory access control based on labels. Grouping the subjects or target
objects into domains, so a policy applies to all members of the domain, and grouping
policies into roles helps to cater for large-scale systems.
2
What is Security?
Different people mean different things when they talk about security, so it is probably
good to start by setting some basic definitions. Some people talk about security in terms
of computer viruses or hackers making a denial-of-service attack over the Internet. Others
refer to privacy and encryption or authentication and authorization. Securing systems
requires addressing all these areas. The elements of security fall under four headings:
Authentication




Is someone who he or she says he or she is?
Is some object (such as a program) what it says it is?
Does a message come from where it says it comes from?
Can someone deny something he or she did (non-repudiation)?
Authorization


What is a specific person or group of people allowed to do?
What is a specific program allowed to do?
Encryption

Who is allowed to see what information?
System Protection (Confidentiality)
This heading groups all protection against system damage. This includes virus protection,
firewalls and proxies, protection against denial-of-service attacks, and steps taken to
minimize accidental system failures. This protection can be partially addressed by
applying authentication, authorization, and encryption techniques. A number of other
facilities, such as virus-detection and removal software and virus-resistant systems
environments (like Java) help with this.
Today, there are point solutions that cover all these areas, but there are few provisions for
building complete security architecture. For example, current Secure Socket Layer (SSL)
implementations provide Internet server authentication and encryption but not user
authentication, although the latest SSL standards (now in version 3.0) address this.
3
Various Kerberos-based private key mechanisms provide all three capabilities, but they
are only viable when up to a few thousand user keys need to be administered.
Distributed System Authentication
1.Message Content Authentication
The ability to verify that the message received is exactly the message that was sent.
Message Content Authentication can be achieved by applying a cryptographic checksum
called a Message Authentication Code (MAC), or by applying a public-key digital
signature.
2. Message Origin Authentication:
The ability to verify that the actual sender of a received message is in fact the sender
claimed in the message using a symmetric (secret key) cryptosystem, the receiver of a
message can be assured of the validity of the sender since only the sender and receiver of
the message possess the key used to encrypt the message.
3. General Identity Authentication: the ability to verify that a principal's identity is who
is claimed. The other two types of authentication are message content authentication and
message origin authentication.
Authentication Methods
Much discussion on the authentication for distributed computing had been made in the
past and its methods are varied. Here below are the several simpler ones :
I. Password Authentication
This is usually the first line of defense against unauthorized access, using a login name
and a password. In fact, further protection on password should be made such as encrypted
password, instead of sending password as plain text for login authorization. It is because
the protocol of password authentication is easily defeated using eavesdropping. If a
hacker has access to the transmission media, the password message can be listened and
recorded by him/her for later intrusion into the host system. One-time password (OTP)
and smart card authentication are considered as another secure alternatives.
II. Address Resolution
4
This kind of authentication relies on the address of the packet at the network level, packet
with authorized address is supposed to be routed correctly to the destination. In TCP/IP
protocol suite the address of communicating entity is easily forged, with duplicating IP
numbers on a subnet with machines masquerading as the other machines.
III. Trusted Host Authentication
If using Data Encryption Standard (DES) and the public key distribution, certificate
hierarchy is the only trusted entity for identifies verification and public key acquisition.
This relies very much on a trusted root that everyone (at least the sender and receiver)
believes it to be trustworthy. However, the trusted host can have duplicates on the
network, thus authentication is still possible.
On the other extreme, mutual trust among clients would exists if the clients themselves
trusting each other can distribute public keys on their own.
IV. Public Key Encrypted Authentication
This kind of authentication usually goes with the one-way hash function, used one time.
For example Kerberos and SPX systems.
V. Biometrics Authentication
By using the personal physical features such as human retina or fingerprint, for
authentication. However, the weak point is that it relies on a device that converts the
physical feature of a person into bits. Moreover, this kind of information cannot be
changed for the person, the system will no longer secure if the information is
compromised. Consequently, security relies on a secure communication media used for
the transfer of the person’s biometric password.
Firewalls
Logically, a firewall is a separator, a restrictor; an analyzer that is used to protected the
internal network against any attack.
It mainly serves the following goals:
- to restrict people to entering at a carefully controlled point;
- to prevent intruders from getting close to your other defenses;
- to restrict people to leaving at a carefully controlled point
Because of the above purposes, a firewall is often installed at a point where the protected
internal network connects to the Internet. All the traffic from the internal network is
supposed to pass through the firewall. Basically it is a set of components that restricts
access between a protected network and the Internet, or between other sets of network.
When in physical implementations, there are many different configurations of firewall.
As often as not, a firewall is composed of a set of hardware components such as a router
5
or a computer, or some combination of routers, computers and networks with appropriate
software installed. The specific firewall configuration for an internal network will depend
a lot on the security policy, budget as well as the overall operations of a site.
Simply speaking, a firewall is a system, either software or hardware or both, that enforces
access control policy between two networks. It is the manifestation of a company security
policy.
Firewall Components
I. Screening Router
A screening router is a basic component of most firewalls and it can be a commercial
router or a host-based router with some kind of packet filtering capability. Typical
screening routers have the ability to block traffic between networks or specific hosts, on
an IP port level. Some firewalls consist of NOTHING more than a screen router between
a private network and the Internet..
II. Bastion host
It usually is a computer running proxy software that is exposed to the world outside the
internal network to be protected. A bastion can be used in all the firewall configurations
except the ‘screened network’ in which a proxy server is not used .
Another kind of bastion host is called a victim machine A victim machine is the victim as
all the communication or attacks are supposed to directed to it because it is the first
machine for the internal network exposed to the outside world. Only the information that
is supposed to share freely with anyone and only minimal service should be placed in the
victim machine.
A bastion host is a system identified by the administrator of firewall as a critical strong
point in the network’s security, to keep intruders out of the internal network.
Also the security of a bastion host is a matter of concern, it may undergo regular audits
and have modified software.
III. Dual Homed Gateway
It is a system or host bastion placing between the private network and the Internet, and
disabling TCP/IP forwarding. This kind firewall is implemented without a screening
router. This system or host called a dual homed gateway, is, by definition a bastion host.
The hosts on the private network, as well as the host on the Internet, can communicate
with the gateway, but there is no direct traffic between the two networks.
IV. Screened Host Gateway
Screened Host Gateway is the most common type of firewall configuration. This is
implemented by using a screening router and a bastion host. As often as not, the bastion
host is on the private network and the screening router is configured such that the bastion
6
host is the only system on the private network that is reachable from the Internet. The
screening router is configured to block traffic to the bastion host on specific ports,
allowing the authorized services to communicate with the LAN.
V. Screened Subnet
This is an isolated subnet is created and it is situated between the Internet and the private
network. Typically a screening router that implements varying levels of filtering, is used
to block the traffic across the screened subnet. A screened subnet is configured such that
both the Internet and the private network can access to the hosts on the screened subnet,
provided that the traffic from the networks can go through a screening router. In some
firewall configurations, a bastion host will be added to the screened subnet to support
interactive terminal sessions or application level gateway.
VI. Proxy Gateway
Much of the software on the Internet works in a stored-and-forward mode such as mailers
and USENET. Application level gateways are the service-specific forwarders or
reflectors, which usually operate in user mode rather than at a protocol level. In fact,
running this kind of forwarding service is important to the security of the whole. For
example, the sendmail hole that was exploited by the Morris Internet worm is one of the
security problems an application level gateway can present. Some kinds of applications
gateway are interactive, such as the FTP and Telnet gateways, which run on the Digital
Equipment Corporation firewalls. In general, the crucial applications level gateways are
run on bastion hosts.
VII. Hybrid Gateways
This kind of gateway is somehow different from that mentioned above. For instance, the
hosts connected to the Internet, but accessible only through serial lines connected to an
ethernet terminal server on the private network. Such kinds of gateways may take
advantage of multiple protocols, or tunneling one protocol over another. Routers might
maintain and monitor the complete state of all TCP/IP connections, or examine traffic to
try to detect and prevent an attack.
7
KEYS
The Key - The encryption key is the component that binds everything together. When
used in tandem with the algorithm it provides a unique method for the data to be
encrypted or decrypted. Consider a key to be similar to a password on a computer; when
a piece of information is encrypted you need to specify the correct key in order to decrypt
it.
The Key Length - Encryption keys usually have a predetermined length. Much like how
longer passwords are harder to crack, longer keys make it more difficult for an attacker to
guess as it takes many more iterations in a brute-force attack to break them.
SYMMETRIC KEY ENCRYPTION
Data Encryption Standard (DES)
DES is one of the most popular private key algorithms. It is developed by IBM and
became an official U.S. government standard in 1976. The U.S. government forbids
export of hardware and software product that contains DES implementations even though
the implementations of DES are widely available outside U.S. DES is very fast, at least
100 times faster than RSA algorithm when implemented in software, and even 1000
times faster when implemented in hardware where DES uses S-boxes and simple table
look-up functions, while RSA depends much on very-large-integer arithmetic.
8
Fig. Symmetric key is analogous to lock box
Symmetric key is analogous to a lock box. The key of DES can be just about any 64-bit
number. The effective length is regarded as 56 bits. There is only way to break DES,
through an exhaustive search of the key space with 2^56 total possible keys which have
to take 2000 years if one millions keys are tried for every second.
ASYMMETRIC KEY ENCRYPTION
This key encryption helps to eliminate the problems of distributing key to users.
However, the keys used for the algorithm are usually large, with 100 or more digits. As a
result it incurs key management and computing overhead problems.
RSA
Three scientists, Ron Rivest, Adi Shamir and Leonard Adleman in 1977, developed it. It
is well known as widely used in public key cryptosystem. The keys of RSA are devised
as follows
- Choose 2 large primes say p and q, and then find their product n = pq.
- Choose another number e, which is < n , but relatively prime to (p-1)(q-1), then find it
inverse, d, mod(p-1)(q-1). That is ed = 1.
- e is the public exponent and d is called the private exponent.
- The public key pair is (n, e). The private key is d. The factor p and q must be kept
secret.
Fig. Asymmetric key is analogous to mail box
Asymmetric key is analogous to a public mailbox: anyone can add something, only the
holder of the secret key can remove it.
9
HASH ALGORITHMS
A step beyond CRCs is one-way hash algorithms that produce "hash" values. "One way"
means it's easy to input A and get B, but it's impossible--or nearly impossible--to work
backward from B to A. A good hash algorithm has one very important property: The
values that it generates are so unique and so difficult to duplicate that not even someone
with a bank of supercomputers and a few centuries to kill could find two sets of input
data that produce the same hash value. Typically, hash values are at least 128 bits in
length. The greater the length, the more difficult it is to reproduce the input or to find
another set of input data that produces a matching result.
Two of the most widely known one-way hash algorithms are the MD5 message digest
algorithm developed by MIT professor Ron Rivest (one of the developers of the highly
regarded RSA public-key cryptosystem) and the Secure Hash Algorithm (SHA)
developed by the National Institute of Standards and Technology (NIST) and the
National Security Agency (NSA). MD5 produces a 128-bit digital fingerprint from a set
of input data, and SHA produces a 160-bit value. Assuming no one discovers a
heretofore-unknown "trap door" to either algorithm, it is computationally unfeasible to
take a hash value produced by SHA or a "message digest" produced by MD5 and work
backward to find the input data. Thus, if someone sends you a file and an MD5 or SHA
fingerprint generated from the file, and if you run the same hash algorithm on the file you
receive and get the same result, you can be virtually certain the file was received intact.
Message Authentication Codes (MAC)
A message authentication code is basically a message digest, which includes a password
or secret key. The hash value consists of both the variable length input and the secret key.
As the message digest includes the key, only someone knowing the key can recreate the
MAC and verify the authenticity.
Digital Signatures
With asymmetrical encryption the public key of the recipient is used to encrypt the
message and his or her private key is then used to decrypt it. Using a digital signature is a
similar process ran in reverse. The sender encrypts data with his or her private key thus
creating a personal digital signature. The data is then associated with the key. Recipients
10
are then able to decrypt the data by using the sender's public key. As only one key pair of
private and public keys exists, the authentication of the sender is guaranteed.
Due to the complexity of public key encryption, the sender does not usually encrypt the
entire data, but rather creates a message digest or message authentication code. The hash
value generated is then encrypted with the sender's private key effectively signing the
message and providing sender authentication. When the recipient receives the data, he or
she can then verify the authenticity of the message by decrypting the message digest with
the sender's public key and comparing that hash value against the data to ensure its
integrity. In one fell swoop, a message can be signed, encrypted, and verified by both
parties.
SSL
Design Goals
• Secure transmission between client and server at the lowest level – socket level. The
Protocol sits on top of TCP
• Peer Authentication – Server is automatically authenticated, client is optionally
authenticated.
• Efficiency- Session caching is available
• Extensible – Can use numerous cipher algorithms
SSL-Features
1. SSL is a layered protocol
2. SSL takes messages to be transmitted, fragments the data into manageable blocks,
optionally compresses the data, applies a MAC, encrypts, and transmits the result
3. Received data is decrypted, verified, decompressed, and reassembled, then
delivered to higher-level clients.
4. Connects on port 443 by default
5. Session-identifier cache timeout value of 100 seconds
11
SSL Problems
• People have been able to crack SSL encryption to find the key
• Many users currently use SSL 2.0 instead of the version 3.0 and Version 2.0 does not
authenticate the handshake
• Firewalls can’t regulate data
• Proxies can’t cache information
HMAC
HMAC is a secret key authentication algorithm. Data integrity and data origin
authentication as provided by HMAC are dependent upon the scope of the distribution of
the secret key. If only the source and destination know the HMAC key, this provides both
data origin authentication and data integrity for packets sent between the two parties; if
the HMAC is correct, this proves that it must have been added by the source.
HMAC is a mechanism for message authentication using cryptographic hash functions.
HMAC can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in
combination with a secret shared key. The cryptographic strength of HMAC depends on
the properties of the underlying hash function.
12
Conclusion
The various security aspects in Distributed systems have been reviewed in this report.
The main application area for encryption is transmission of sensitive information on the
Internet, such as information related to credit card transactions. Trusted techniques will
be increasingly required if the global Internet market is ever to get off the ground. With
the rapid growth of networking and Internet dependent activities in our daily life, security
of data communication has become an important issue. The main concern here is that
almost all these communications take place over public networks, and these networks are
accessible to anyone.
13
References
1. RSA Laboratories2. http://www.rsasecurity.com/rsalabs/pkcs/
3. SSL-http://www.ietf.org/SSL-v3
http://www.netscape.com/eng/ssl3/draft302.txt
4. openSSL- http://www.openssl.org/
5. www.zdnet.com
14