Exam 2 Review

Exam 2 Review - Answers to Distributed Computing - Problem...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Answers to Distributed Computing - Problem Solving Questions (1) Chapter 7 – Security (a) Why are distributed systems inherently insecure? The nature of the networking technology on which distributed systems are based allows one to use the public network to communicate with other systems connected to the network. (b) What are the security threats that distributed systems are exposed to? Leakage, tampering, resource stealing, vandalism and a combination of these threats (c) What are the principle methods of attacking a distributed system? Masquerading, eavesdropping, request tampering, replaying (d) How can distributed systems be infiltrated? Attacks by legitimate users, obtaining legitimate user's identity, smuggling client or server objects (e) Which role does encryption play in securing distributed systems? It prevents anyone from being able to read the content of messages on the network as well as providing authentication. (f) What is the difference between secret key and public key encryption? Secret key encryption comprises of a secret key held by each party which must be kept away from all others at all times. Both of the communication parties use the same key. Public key encryption operates by having a secret key and a public key and the public key must be distributed to anyone who wishes to communicate with you. (g) What is a key? A key is a fixed length bit string that has been computed using a certain mathematical algorithm (h) How are keys distributed? A common protocol used for public & secret key encryption systems is the Needham/Schroeder protocol. Whilst the protocol is different for public and private key encryption systems, they both involve communicating with a trusted Key Distribution server to obtain the key of the other party. (i) Why is the Needham/Schroeder protocol for public keys more complicated than the one for secret keys? It has to distributed two keys for each pair of objects that wish to communicate. (j) Why are nonce used in the Needham/Schroeder protocol? Detects replaying of messages
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
(k) What is authentication? Establishes a trusted association between the principal, who is using a client or on whose behalf a server is acting , and the credentials that the system maintains about this principal. (l) How are credentials managed in object-oriented systems? Principals are associated with certain credentials during authentication. Those credentials determine the rights or privileges that have been granted to the principal. (m) What is the relationship between authentication and access control? Access control is based on authentication in order to identify the principal requesting a service (n) Why is non-repudiation important for electronic commerce?
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 7

Exam 2 Review - Answers to Distributed Computing - Problem...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online