{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

ch8 - CHAPTER 8 DISTRIBUTED COMPUTER SECURITY Security and...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
CHAPTER 8: DISTRIBUTED COMPUTER SECURITY Security and dependability Confidentiality - protection from unauthorized disclosure of objects or activities Integrity - protection from unauthorized modification of data Availability - protection from denial of service (DoS) Reliability - tolerance of system faults Safety - tolerance of user faults 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Security attacks External/internal intrusions Interruption, interception, modification, fabrication Prevention Methods: Security Threats: object subject fabrication modification interception interruption auditing encryption fault-tolerance authorization authentication data access or information flow AAA lines of defense 1. Authentication - outside intruders 2. Authorization - inside intruders 3. Auditing - passive deterrence 2
Background image of page 2
Security policy, model, and mechanism Policy - user requirements Model - formal representation of policies Mechanism - protection enforcement Separation of policy and mechanism Security servers and trusted kernel Authentication - proof of identity What you... Have (token, key) Are (biometrics) Know (password, crypto key) Variants Weak authentication Strong authentication (ZKP) 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Authorization - access control mandatory - systemwide, e.g., multilevel security discretionary - individual, e.g., access control matrix Discretionary access control models Access Control Matrix (ACM) Subjects: identity, class, or role-based Objects: subjects can also be objects Rights: access, transfer or copy ACM a sparse matrix Reducing the size by using groups and categories Distributed compartments Reference monitor 4
Background image of page 4
Access control matrix examples user A user B user C file a file b file c file d owner owner owner owner read / write execute copy read read append obj. subj. process A process B process C process A process B process C receive block send / unblock receive block send / unblock domain A domain B domain C domain A domain B domain C enter enter enter obj.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}