IEG 312 – Distributed System Security

Dr. Jobin Jose

Asistant Professor
Department of CSE - Cyber Security
Indian Institute of Information Technology, Kottayam
Module 1
• Introduction- Background, Distributed Systems , Distributed Systems Security, Common Security
Issues and Technologies
• Host-Level Threats and Vulnerabilities- Background, Malware, Eavesdropping, Job Faults, Resource
Starvation, Privilege Escalation, Injection Attacks.
• Infrastructure-Level Threats and Vulnerabilities- Introduction, Network- Level Threats and
Vulnerabilities, Grid Computing Threats and Vulnerabilities, Storage Threats and Vulnerabilities,
Overview of Infrastructure Threats and Vulnerabilities.
Ice-Cream Truck
 Distributed Systems

 A system in which the failure of a computer you didn’t even know

existed can render your own computer unusable
Leslie Lamport
 Distributed System(DS)
• A distributed system is a collection of independent computers that appears to its users as a single coherent
system.
• Involve the interaction between disparate independent entities, bounded by common
language and protocols and working towards a common goal.

• This definition has several important aspects.

1. Distributed system consists of components (i.e., computers) that are autonomous.
2. Users (be they people or programs) think they are dealing with a single system.
 Why make a system Distributed

 It is inherently distributed
 eg:sending message from phone to phone over network
 For better reliability
 Failure of one node, will not make any effect on overall system running
 For better performance
 get data from the near by devices rather than farther one.
 To solve large problems
 Scientific computing
 Characteristics of DS:
• Mandatory Characteristics

• Multiple entities - Users or sub-systems which compose the DS

• Heterogeneity – Type of system or user, underlying policies
and/or the data/resources that the subsystem consumes.
• Eg:Internet
• Concurrency – Main difference with centralized one.
• Different components of DSs may run concurrently as
components may be loosely coupled. There is a need to
understand the synchronization issues during the design of DS.
• Resource Sharing
• Desirable Characteristics
• Openness – Architecture, protocols, resources, and infrastructure, where they can be
extended or replaced without affecting the system behavior.
• Scalability
• Limitations

• Transparency
• under lying system should be transparent(user/system view)
• Location transparency – Location disparity between different systems
• System Transparency - system issues like failure, concurrency, scaling, migration,
and so on.
Other Types of Transparencies
• Types of DS:
• Distributed Computing System – Providing computation in a distributed way
• Distributed Information System – responsible for storing and retrieving information in a distributed
manner
• Distributed Pervasive System – Next-generation DS which is ubiquitous(everywhere) in nature
Distributed Computing Systems
• Cluster computing system
• A characteristic feature of cluster computing is its homogeneity.
• Hardware consists of a collection of similar workstations or PCs, closely connected by means of
a highspeed local-area network. In addition, each node runs the same operating system.
• Became popular when the price/performance ratio of personal computers and workstations improved.
At a certain point, it became financially and technically attractive to build a supercomputer using off-
the- shelf technology by simply hooking up a collection of relatively simple computers in a high-speed
network.
• In virtually all cases, cluster computing is used for parallel programming in which a single
(compute- intensive) program is run in parallel on multiple machines.
Distributed Computing Systems
• Grid Computing System
• Grid computing systems have a high degree of heterogeneity: no assumptions are made concerning
hardware, operating systems, networks, administrative domains, security policies, etc.
• This system consists of distributed systems that are often constructed as a federation of computer
systems, where each system may fall under a different administrative domain, and may be very different
when it comes to hardware, software, and deployed network technology.
• A key issue in a grid computing system is that resources from different organizations are brought
together to allow the collaboration of a group of people or institutions. Such a collaboration is realized in
the form of a virtual organization.
Distributed Information System
• Transaction processing system
• Single database
• Transaction primitives: Start_Transaction,
• End_Transaction, Abort_Transaction,
• Read and Write
• ACID Properties
• Nested Database
• The top-level transaction may fork off children that run in parallel with one another, on different machines, to
gain performance or simplify programming.
• Each of these children may also execute one or more sub-transactions, or fork off its own children.
• Nested transactions are important in distributed systems, for they provide a natural way of distributing a
transaction across multiple machines. They follow a logical division of the work of the original transaction.
Distributed Information System
Enterprises Application system
• CORBA, RPC/RMI, DCOM
• RPC and RMI have the disadvantage that the caller and callee both need to be up and running at the time of
communication.
• Message-oriented middleware (MOM), publish/subscribe systems form an important and expanding class of
distributed systems.
• Current trends in the application space suggest that enterprises are moving away from
monolithic tightly-coupled systems toward loosely-coupled dynamically-bound components.
• Web Services can be thought of as reusable, loosely-coupled software components that are
deployed over the network, or specifically the World Wide Web.
• Simplicity: Implementation of Web Services is very simple from the point of view of
programmers and as a result, easy and fast deployments are possible.
• All the underlying technologies and protocols are based on Extended Markup Language (XML)
• Loosely coupled: Since the very design of Web Services is based on the loose coupling of
its different components, they can be deployed on demand.
• Platform independent: Web Services architecture is platform- and language-independent since
it is based on XML technologies. Therefore, one can write a client in C++ running on Windows,
while the Web Service is written in Java running on Linux.
• Transparent: Since most of the deployed Web Services use Hypertext Transfer Protocol
(HTTP) for transmitting messages, they are transparent to firewalls, which generally
allow HTTP to pass through.
• This may not always be the case for CORBA, RMI, and so on.
Distributed Pervasive System
• Home system
• Electronic health care system
• Sensor networks
• A sensor network typically consists of tens to hundreds or thousands of relatively small nodes, each
equipped with a sensing device.
• Most sensor networks use wireless communication, and the nodes are often battery-powered.
• Their limited resources, restricted communication capabilities, and constrained power consumption
demand that efficiency be high on the list of design criteria.
• The relation with distributed systems can be made clear by considering sensor networks as distributed
databases.
• To organize a sensor network as a distributed database, there are essentially two extremes.
• First, sensors do not cooperate but simply send their data to a centralized database located at the
operator's site.
• The other extreme is to forward queries to relevant sensors and to let each compute an answer, requiring
the operator to sensibly aggregate the returned answers.
Different Distributed architecture
• Client-server-based architecture
• Drawbacks
• Scalability – Scale up (High-end server ) and scale out (Distributed the server into multiple servers)
• Flexibility – Two-tier architecture faces inflexibility, and three-tier architecture tackles this problem.
• Multinode-distribute the server
• Parallel processing
• Components
• Processing nodes
• Scheduler or load balancer
• Clients
• Advantage
• Performance
• Fault tolerance
• Scalability
• Challenges
• Synchronization
• Security
• Load balancing
Different Distributed architecture
• Peer to Peer-no client-server
• Applications – File distribution and transfer, data and
• information storage
• Advantage – Scalability and fault tolerance
• Disadvantage – Security and service level agreement.
• Eg:Gnutella, Napster
• Service Oriented Architecture (SOA)
• Service refers to a modular, self-contained piece of software, which has well-defined functionality
expressed in abstract terms independent of the underlying implementation.
• Three fundamental roles
• Service provider
• Service requestor
• Service registry
• Three fundamental operations
• Publish
• Find
• Bind
• Example: Web services
Challenges in Designing Distributed Systems

• Synchronization
• This problem of synchronizing concurrent events also occurs in a non-distributed system.
• But in DS, the problem gets amplified many times.
• Absence of a globally-shared clock, absence of global shared memory in most cases, and the
presence of partial failures make synchronization a complex problem to deal with.
• Issues:
• Clock synchronization – (i) Time server information to all nodes and (ii) nodes exchange
information P2P.
• Leader election
• Collection of global state (Summation of local states and states in transit)
– Debugging and knowledge of the global state is useful.
• Mutual exclusion
• To emulate the centralized system by having the server manage the process lock through the use
of tokens.
• Tokens can also be managed in a distributed manner using a ring or a P2P system
Challenges in Designing Distributed Systems
• Fault Tolerance
• Both an opportunity and a threat.
• Opportunity: Natural redundancy, which can be used to provide fault tolerance.
• Threat: The issue of fault tolerance is complex.
• One of the issues that haunt distributed systems designers is the source of many failures.
• Processing site
• In DS, processing sites are independent meaning that they are independent points of failure.
• User point of view no issue but developer’s point of view, it is a complex problem.
• Processing site failure means that the software on the remaining sites needs to detect and
handle that failure in some way.
Challenges in Designing Distributed Systems
• Fault Tolerance
• Communication media
• A permanent hard failure of the entire medium, which makes communication between processing
sites impossible.
• In the most severe cases, this type of failure can lead to the partitioning of the system into multiple
parts that are completely isolated from each other.
• The danger here is that the different parts will undertake activities that conflict with each other.
• Intermittent failures are more difficult to detect and correct, especially if the media is wireless in
nature.
• Errors due to Transmission delays
• Two types of problems caused by Message delays – Variable time delay and constant time delay.
• The delay depends on a number of factors: route taken through the communication medium,
congestion in the medium, congestion at the processing sites (e.g. a busy receiver), intermittent
hardware failures, etc..
• Even if the transmission delay is constant, there is still the problem of out-of-date information.
• Since messages are used to convey information about state changes between components of the
distributed system if the delays experienced are greater than the time required to change from one
state to the next, the information in these messages will be out of date
Challenges in Designing Distributed Systems

• Fault Tolerance
• Distributed agreements
• Many variations of this problem, including time synchronization, consistently distributed
state, distributed mutual exclusion, distributed transaction commit, distributed
termination, distributed election, and so on.
• All of these reduce the common problem of reaching an agreement in a distributed
environment in the presence of failures.
• Security
• The complexity of the issue arises from the different points of vulnerability that exist in a
distributed system.
• The processing nodes, transmission media and clients are the obvious points that need to be
secured.
• With the growth of heterogeneity in different layers of enterprise infrastructure, the complexity
increases enormously.
Distributed Systems Security

• Security in distributed systems is critical and absolutely essential. However, it is also extremely
challenging.
• Protecting physical infrastructure vs Distributed security in the digital world.
• IT enterprises layered view
 Common Security Issues and Technologies
• Security Issues
• Authentication- verify user claim
• Authorization-levels of access
• Discretionary Access Control-different principals , different levels of access-ACL
• Role-based Access Control
• Mandatory Access Control->level based(principal ‘s level>resource level)
• Data Integrity->non tampering(MAC,Digital signature)
• Confidentiality->restrict access
• Availability->information to authorized users
• Denial of Service Attack
• Trust
• an entity can be said to “trust” a second entity when the first entity makes the assumption that the second entity

will behave exactly as the first entity expects.’

• Privacy-keeping information and reveal selectively
• Phishing
• HIPAA
• Identity Management- with unique identifier credentials-passwords,sso,id cards
Common Security Techniques
• Encryption
• Symmetric Key Encryption
• Asymmetric Key Encryption->public-private key pair of owner
• Digital Signature and Message Authentication Codes
• Digital signing- with mathematical summary(hash/digest)
• Sign the hash code with a key(private)
• MAC-symmetric shared key
• Authentication mechanism
• Password Based Authentication
• Certificate Based Authentication
• Biometric Based Authentication->physical aspects of person
• Smart cards Based Authentication-ATM
Common Security Techniques
• Public Key Infrastructure (PKI)-based on the digital certificates for validating user
• management of certificate life cycle- CA
• Components of PKI
• Certificate Authority-> sign the certificates and make the public keys available to user over
web browser
• CRL
• Registration Authority-verifying certificate request, sending one time PIN to requester(mail)
• Repositories->LDAP,X.500 directories
• Services of PKI
• Issuing of Certificate-identity verification and certificate issuance(physical and other means)
• Revoking of Certificate
• Governance->policies and procedures
• Archival->validation of certificate at any date
Common Security Techniques
• Models of Trust
• Implicit Trust Model->no explicit mechanism to validate credentials.eg:email sending
• (assumptive trust model)
• Explicit Trust Model->using passwords, CA
• Intermediary Trust Model->trust or proof–of- trust is transmitted through
intermediaries
• Used in peer –to-peer and distributed systems.
• Firewall- Inspects any network access made to a private network
• Packet filtering firewall-inspect every incoming packet
• Proxy firewall->control access to external sites
• Application-level firewall->application-specific filter rule