New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Distribut Systems Security

by: Mr. Austyn Kemmer

Distribut Systems Security CIS 6375

Mr. Austyn Kemmer
GPA 3.83

Eduardo Fernandez

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Eduardo Fernandez
Class Notes
25 ?




Popular in Course

Popular in Computer Information Systems

This 48 page Class Notes was uploaded by Mr. Austyn Kemmer on Monday October 12, 2015. The Class Notes belongs to CIS 6375 at Florida Atlantic University taught by Eduardo Fernandez in Fall. Since its upload, it has received 59 views. For similar materials see /class/221643/cis-6375-florida-atlantic-university in Computer Information Systems at Florida Atlantic University.

Popular in Computer Information Systems


Reviews for Distribut Systems Security


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 10/12/15
Patterns for Secure System Design Eduardo B Fernandez httpwwwcsefauedued 10501 Outline 0 Internet security 0 Secure systems design 0 Use cases to nd rights 0 Patterns for security models 0 Authorized analysis patterns 0 Enforcement of security 0 Conclusions and future work 10501 Internet impact 0 Used practically everywhere in the world More than 300 million pages 0 Changes in information access and dissemination New ways of institution operation 0 New user activities 0 New architectures 10501 Web Services 0 A Web Service is a type of component that is available on the web and can be incorporated in applications or used as a standalone service 0 Require a standard supporting framework 0 The web is becoming a marketplace of web services 10501 A problem In 2000 computer crime resulted in about 3 80 M in losses Computer See Institute Really a lot more Average loss per system penetration 05M Average loss for theft of information 44M Number of new vulnerabilities 10 per week in 1999 25 per week in 2000 A large number of viruses 10501 Security objectives 0 Con dentialityno leakage of sensitive or private information 0 Integrity no unauthorized modi cation or destruction of information 0 No denial of service annoying costly 0 No impostors or repudiationlegally signi cant 10501 Countermeasures 0 Access control authorization provide con dentiality and integrity 0 Authentication proper identi cation 0 Auditing basis for prosecution or improvements to the system 0 Cryptography con dentiality integrity authentication digital signatures 10501 Security mechanisms Implement one or more countermeasure 0 A miX of hardware and software The hardware provides support and is relatively fixed Software is the key to security 0 Software systems must be built using sound principles and methodologies 10501 Insecure software 0 Design practices used today do not yield software that is resistant to attack Richard Pethia director of Carnegie Mellon University s CERT Coordination Center 0 Most security now is based on patches or addons 10501 9 Secure software and systems 0 We not only have to satisfy functional specs but nonfunctional specs 0 Security is a nonfunctional aspect 0 We cannot show absence of security aws 0 We must use good development methods and hope for the best 0 Addon security is not very secure 10501 10 Traditional approach 0 Kernel includes all securityrelated functions 0 Veri cation possible only for relatively simple systems 0 Requires special languages and special operating systems 0 Not practical for general systerns 10501 11 Secure systems development 0 Apply security in software lifecycle 0 Use of obj ect oriented approach 0 Patterns as components of design 0 Rights come from Use Cases 0 Multilayer architecture 0 Mapping between levels 10501 12 Use of objectoriented modeling 0 Strong conceptual modeling capability applicable to hardware software applications authorization rules 0 Abstraction from irrelevant details 0 Intuitive graphic semiformal approach 0 Can be enhanced With formal speci cations 0 Wellde ned lifecycle stages 10501 13 Secure lifecycle Security verification and testing requirements Analysis Design Implementation FunctionalgtUse Cases Authorization rules Rule enforcement Language NonfunctionalSecurity in conceptual model through architecture enforcement gt Extended UCs Security test cases 10501 14 Use of patterns 0 A pattern is a recurring combination of meaningful units that occurs in some context 0 Patterns embody experience and good design practices 0 Prevent errors save time 0 Provide a common language for designers 10501 15 Security patterns Analysis and design patterns are well established There are many principles of good design that have been developed to build secure systems We have combined these two ideas showing that it is possible to develop a collection of patterns that can be used to build secure systems Now building a catalog of security patterns Security patterns page wwwsecuritypatternsde 10501 16 Use cases to nd rights 0 Application of RoleBased Access Control San96 0 Use cases describe all possible uses of the system Fer97 0 All use cases de ne all possible and legal accesses 0 Each actor role can be given its needed rights 10501 17 U C i lt 3 Their own patients Their own Inspect a record Their o 39enw Patient Doctor Their own c torner 0 Modify a record Their own patients only some elds Their own patients only some elds O Nurse Check record use 0 Create a record Insurance clerk Auditor Hospital clerk Create patient history 10501 18 Patient read their own Docto r read modify their own Nurse rea modify PatientRecord their own patient onl e elds Insurance Clerk rea their own Hospital customer Cle rk 5 PatientHistory RecordUse crea e read their own 10501 19 Auditor Extended use cases 0 Title shop order cutting 0 Actors materials employee 0 Preconditions shop order is in rm status security materials employee can cut shop orders 0 Description employee cuts a shop order for security exception emp not authorized 10501 20 Use of patterns at all levels 0 Patterns for models de ne the highest level 0 At each lower level we re ne the model patterns to consider the speci c aspects of each level 0 Patterns for le systems web documents cryptography distributed objects J2EE components 10501 21 Patterns for security models 0 Access matrix Authorization RoleBased Access Control RBAC Multilevel models 0 See httpjerrycsuiuceduplopplop200l 10501 22 Access matrix authorization rules 0 Basic rule s a o Where s is a subject active entity a is an access type and o is an object 0 Extended rule s a o p Where p is a predicate access condition or guard 10501 23 10501 Subject id Authorizationrule ProtectionObj ect Right accesstype predicate copy ag checkRights id 24 RoleBased Access Control 0 Users are assigned roles according to their functions and given the needed rights access types for speci c objects 0 When users are assigned by administrators this is a mandatory model 0 Can implement least privilege and separation of duty policies 10501 25 Basic RBAC pattern User MemberOf Role Authorizationirule ProtectionObject id id id name name name 10501 Right accessitype predicate c opyi ag checkRights 26 Extended RBAC 0 Concept of session 0 Separation of administrative roles 0 Composite roles 0 Groups of users 10501 27 10501 Extended RBAC pattern MemberOf O MemberOf AuthorizationRule ProtectionObject Activated A From AdminRole AdminRight WorksOn Session 28 Multilevel model In this model users and data are assigned classi cations or clearances Classi cations include levels top secret secret and compartments engDept marketingDept For con dentiality access of users to data is based on rules de ned by the BellLaPadula model while for integrity the rules are de ned by Biba s model Sum97 10501 29 Features 0 A mandatory model users are assigned to classi cations by administrators 0 Need trusted processes to perform administrative functions 0 Typically use data labels to enforce security 10501 30 Multilevel Security pattern Performs I Assignment 3 canAccess 39 lData Classification TrustedProcess 39 f it dominates it I User Category User Level Data Category Data Level 10501 31 Authorized analysis patterns 0 A Semantic Analysis Pattern SAP describes a semantic unit FerOO 0 We can combine a SAP with the Authorization pattern to get an authorized semantic unit 0 Can be used to build secure applications 0 Example inventory system web documents 10501 32 10501 addItem ltltrolegtgt ltltrolegtgt transferStock checkDiscrepancy adj Discrepancy gtIlt 1 33 Web Documents Document gt To gt anchor gtXlt Hyperlink Memo Form General ltgt 10501 Content 34 00 models of web documents I l Secretary dept modify formdept secdept Media name Form 5 UPresident add delete name dept create clear I I I submit Gradistudent Voice Image Text volumnirange color type VOICeitype resolution font submit ca tion fontSize tVDe asst app p num line numi gures 7 I I spacmg I addflgure Button LabelField TextFleld addicolor addifom ragga lf39length tflength change caption deleteJdOm click change clear 10501 ltgt 35 Principles 0 Security must be approached at the highest level 0 Lower architectural levels enforce high level constraints 0 All levels must be coordinated 10501 36 Security enforcement 0 Security constraints de ned by security models must be enforced by the lower architectural levels 0 By de ning the structure of lower levels using patterns we can map the constraints to all the levels 0 We ll show some lowerlevel patterns 10501 37 classes Metal ayer Application layer System layer OSDBMS Nodel quot Nodez Distribution layer CPUl CPU2 CPU3 I 39 Hardware I I Con guration Protocol 1050 1 38 Web Services Architectural Layers Web Services UDDI Layer Registry ebXML 4 HEADER PAYLOAD i SOAP Ill XML I l I I I I HTTP 39 10501 Forces of le pattern There may be different categories of subjects eg users roles and groups Subjects may be authorized to access les directories and workstations A subject has a home directory for each authorized workstation but the same home directory can be shared among several workstation or among several subjects Users may be grouped for access Some systems may use roles instead or in addition to users as subjects There are many different implementations 4O A le authorization attern WI AuthorgizedOn Workstation id id Authorization Access ermission p AuthorizedF or priority accessmode pr1v1leges startsession Include File Component Hasihom eidirectory File nam e size createfileO Dll ectory saveO 10501 41 Use of patterns 0 This is a composite pattern 0 Uses two instances of the Authorization Rule pattern 0 Uses the composite pattern GOF 0 A higherlevel authorization rule that uses objects included in speci c les can be mapped to this level for enforcement 10501 42 A secure framework 10501 43 Some existing patterns 0 Patterns for RBAC implementation KodOl Cryptographic patterns BraOOLehOl 0 Java security patterns J aWOO 0 Several architectural patterns Yod97 Authentication Bro99 0 See wwwcsefauedued for references 10501 44 Conclusions 0 An approach to develop secure software 0 Start from use cases to de ne rights 0 De ne patterns for security models 0 De ne authorized analysis patterns 0 Enforce rights with patterns at lower levels 0 A systematic approach useful to build and evaluate systerns 10501 45 Future work 0 De ne patterns for web services layers 0 De ne more patterns for operating systems databases rewalls 0 De ne precise mappings between levels 0 Build a systematic catalog of security patterns 0 Re ne the development method 10501 46 Security at each layer Web Services Registry ebXML I XML 10501 E Hm 47 Architectural structure U Hn agt ml if V C 2gtagtt1 10501 TT m 48


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Jennifer McGill UCSF Med School

"Selling my MCAT study guides and notes has been a great source of side revenue while I'm in school. Some months I'm making over $500! Plus, it makes me happy knowing that I'm helping future med students with their MCAT."

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.