Presence of the network makes a distributed system susceptible to security attacks such as tampering of messages and masquerading, which can be launched through interprocess messages. This chapter discusses authentication and message security measures used in distributed operating systems to thwart such attacks. Methods of verifying authenticity of data are also discussed. | Chapter 21 Distributed System Security Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Introduction Issues in Distributed System Security Message Security Authentication of Data and Messages Third-Party Authentication 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Issues in Distributed System Security Kinds of security threats in distributed OSs: Leakage of message contents Tampering of message contents Stealing use of resources without authorization Denial of service to authorized users Leakage and tampering are threats to message security Threats addressed through two means: Message security techniques Authentication of remote users 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security Mechanisms and Policies 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security . | Chapter 21 Distributed System Security Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Introduction Issues in Distributed System Security Message Security Authentication of Data and Messages Third-Party Authentication 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Issues in Distributed System Security Kinds of security threats in distributed OSs: Leakage of message contents Tampering of message contents Stealing use of resources without authorization Denial of service to authorized users Leakage and tampering are threats to message security Threats addressed through two means: Message security techniques Authentication of remote users 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security Mechanisms and Policies 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Security Attacks in Distributed Systems Additionally, security attacks can be classified into: Passive attacks and active attacks 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Message Security Approaches to message security can be: Link-oriented Tends to be expensive Cost depends on the number of links over which a message travels End-to-end Approach assumed in following discussions Three approaches to message security: Private (or secret) key encryption Public key encryption Session keys 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Message Security (continued) 21. Operating Systems, by Dhananjay Dhamdhere Copyright © 2008 Operating Systems, by Dhananjay Dhamdhere Distribution of Encryption Keys KDC: Key distribution center For public key encryption, KDC maintains a directory containing public keys of all entities in the system When session keys are used,
