SlideShare une entreprise Scribd logo

A New Security Model For Distributed System

Télécharger en tant que PPTX, PDF
Sanoj Kumar
Sanoj Kumar
IngénierieTechnologie
1  sur  16
A New Collaborative Trust Enhanced Security Model for Distributed System By: Sanoj (MU10CO13) Tileswar Nath(MU10CO12)
Introduction • A distributed system is susceptible to a variety of security threats. • A principal can impersonate other principal and authentication becomes an important requirement • Authentication is a process by which one principal verifies the identity of other principal. • In one way authentication only one principal verifies the identity of the other principal. • In mutual authentication both communicating principals verify each other’s identity.
Proposed Approach • The proposed approach enhances the performance of complete system by sharing the authentication workload among all other nodes. • Agent based system with various functionalities as monitoring the servers, balancing the load of service providers and service request in case of unavailability of servers.
Features of proposed approach Assumptions  client must have to share some resources such as processor, some basic services etc., in order to access the existing resources and services of the distributed system.  Client has to inform about duration of its availability in the distributed system to SuperHost.
Load Balancing  An agent system is used to balance the load of service providers.  Agent records the service registries and maximum load that a server can handle in terms of clients.  Agent allocates the list of below loaded servers to client. Whenever a client requests for a service, agent provides the references of servers according to their load status.  if all the servers are overloaded for the requested service, the agent system can play the role of server by itself.
Life time for client and server  The life time of client and server is controlled by SuperHost. However the client and server can also make an explicit leaving request to SuperHost.  In the former case, at the time of joining the system, SuperHost informs client about its life time. If client remains idle for a predefined period of time, the SuperHost can assume the client from the system implicitly assuming that client does not want to continue with this system.
Components of CTES model SuperHost  SuperHost is the trustworthy node which acts as central controller of systems.  This system is also responsible to investigate the client about its trustworthiness, to monitor the life time of clients and servers.  It provides various to users related to its operation such as record update, reference of Authentication Server (AS) to client and reference of agent to server respectively
Key Distribution Center (KDC)  KDC (Key Distribution Center) is a collective name for AS (Authentication Server) and TGS (Ticket Granting Server) .  Each client contacts AS to receive TGT (Ticket- Granting Ticket) and then TGS to receive a session key and a SGT (Service-Granting Ticket) before making a request for services.
Agent An agent system registers the services offered by servers, keeps load status of service providers, provides the list of servers on request of client, and serves the request of client in case of unavailability of service providers. Client  Any new node registered by the SuperHost is termed as client node. Each node is required to send a request to SuperHost at the time of joining the system  A unique client_id has been assigned to each client by SuperHost. A client can make requests for services and resources in the distributed system for which it has to authenticate through the KDC. Server  Server is a service provider which is authorized by the SuperHost to provide services in the distributed system.
CTES Model for Client Joining of a client 1. Client ---> SuperHost Client requests the SuperHost for registration by giving its identity and capability list. Capability list includes the list of resources and basic services owned by the node. SuperHost recognizes him as a client. 2. SuperHost --->Client SuperHost displays an agreement for the registration to the client which means that each client has to follow the rules and policies mentioned in the agreement. For this SuperHost demands the capability list of the client.
3. Client --->SuperHost Client provides capability list to SuperHost. The capability list contains a list of objects to which the process has right to access. In the proposed model, it consists of available resources and basic services that client holds. 4. SuperHost--->Client At the end of this process, SuperHost stores the reference and details of new client for the use by itself and other nodes of the system administration. SuperHost also provides a client_id to the client for its authentication. This client_id is the result of a crypto-based function (generally user defined).
Service request by a client Step 1: Authentication by KDC 1. Client ---> AS The Client requests AS with its Client_id for TGT (Ticket Granting Ticket). 2. AS --->Client The AS checks to existence of the client from SuperHost. If it is, the AS returns a session key (for the communication from client to TGS) in encrypted form using the password of the client and Ticket-Granting Ticket which includes the Client_id, client network address, ticket validity period and client/TGS session key in encrypted form using the secret key of the TGS.
3. Client ---> TGS After receiving the reply from the AS, client decrypts the session key with its password. Here client sends the TGT to TGS. 4. TGS ---> Client TGS decrypts the message with its own secret key and returns the reference of Agent system with a session key to access the service.
Step 2: Request for references of servers to agent 1. Client ---> Agent In the first step of this process, client makes a request to agent for some service with client_id and a valid session-id for authentication. 2. Agent ---> Client Agent searches the requested service in its database and if it finds, it checks the load status of the server. Agent provides the reference according to the load status of servers, that is, underloaded to client.
3. Client --->Server After receiving a list of servers for the requested service, client is free to make a new request to any of the server. Client sends client_id and service name in request message to destined server 4. Server --->Client As server receives a request from any of the clients, it updates its load and also sends a load update message to Agent. Server provides service to the client and charges for the service.
Conclusion • This paper makes an attempt to build a trustworthy system using Kerberos extended by trust and its requirement in the distributed system. • For this both authorization and authentication aspects are considered. The proposed approach provides a promising solution with trust policies as authorization semantics. • A Reactive agent system is proposed in order to balance the load of systems and to maintain the list of services and servers. • Distributing the authentication workload in an efficient manner enhances the overall performance of the system

Recommandé

IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...
IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...
IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...IRJET Journal
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos ProtocolNetwax Lab
 
RADIUS
RADIUSRADIUS
RADIUSamogh_ubale
 
Ch24
Ch24Ch24
Ch24Welly Dian Astika
 
Integrated services and RSVP - Protocol
Integrated services and RSVP - ProtocolIntegrated services and RSVP - Protocol
Integrated services and RSVP - ProtocolPradnya Saval
 
Vehicular ad hoc_networks
Vehicular ad hoc_networksVehicular ad hoc_networks
Vehicular ad hoc_networksAbdulrub Moshin
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Balancing performance, accuracy, and precision for secure cloud transactions
Balancing performance, accuracy, and precision for secure cloud transactionsBalancing performance, accuracy, and precision for secure cloud transactions
Balancing performance, accuracy, and precision for secure cloud transactionsPapitha Velumani
 

Recommandé

IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...
IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...
IRJET- An Improved Weighted Least Connection Scheduling Algorithm for Loa...IRJET Journal
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos ProtocolNetwax Lab
 
RADIUS
RADIUSRADIUS
RADIUSamogh_ubale
 
Ch24
Ch24Ch24
Ch24Welly Dian Astika
 
Integrated services and RSVP - Protocol
Integrated services and RSVP - ProtocolIntegrated services and RSVP - Protocol
Integrated services and RSVP - ProtocolPradnya Saval
 
Vehicular ad hoc_networks
Vehicular ad hoc_networksVehicular ad hoc_networks
Vehicular ad hoc_networksAbdulrub Moshin
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Balancing performance, accuracy, and precision for secure cloud transactions
Balancing performance, accuracy, and precision for secure cloud transactionsBalancing performance, accuracy, and precision for secure cloud transactions
Balancing performance, accuracy, and precision for secure cloud transactionsPapitha Velumani
 
Balancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactionsBalancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactionsPapitha Velumani
 
balancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactionsbalancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactionsLakshmi Prasad
 
The Architecture of CUBRID
The Architecture of CUBRIDThe Architecture of CUBRID
The Architecture of CUBRIDCUBRID
 
A New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia ApplicationsA New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia ApplicationsABDELAAL
 
balancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactionsbalancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactionsswathi78
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
U3.stack queue
U3.stack queueU3.stack queue
U3.stack queueSsankett Negi
 
Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)Fred Lin
 
Recursion
RecursionRecursion
RecursionSsankett Negi
 
Introduction to distributed system
Introduction to distributed systemIntroduction to distributed system
Introduction to distributed systemishapadhy
 
Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)Alberto Labarga
 
Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...Jimmy Lai
 
Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...tugrulh
 
Turing machine Introduction
Turing machine IntroductionTuring machine Introduction
Turing machine IntroductionAram Rafeq
 
Turing machine
Turing machine Turing machine
Turing machine Nutthanee mitnoy
 
Turing Machine
Turing MachineTuring Machine
Turing MachineAyAn KhAn
 
Turing machine
Turing machineTuring machine
Turing machineNeelamani Samal
 
Turing Machine
Turing MachineTuring Machine
Turing MachineAnshuman Biswal
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Turing machines
Turing machinesTuring machines
Turing machineslavishka_anuj
 
Load Balancing In Distributed Computing
Load Balancing In Distributed ComputingLoad Balancing In Distributed Computing
Load Balancing In Distributed ComputingRicha Singh
 
Introducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and PerformanceIntroducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and PerformanceAmin Saqi
 

Contenu connexe

Tendances

Balancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactionsBalancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactionsPapitha Velumani
 
balancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactionsbalancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactionsLakshmi Prasad
 
The Architecture of CUBRID
The Architecture of CUBRIDThe Architecture of CUBRID
The Architecture of CUBRIDCUBRID
 
A New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia ApplicationsA New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia ApplicationsABDELAAL
 
balancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactionsbalancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactionsswathi78
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 

Tendances (6)

Balancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactionsBalancing performance accuracy and precision for secure cloud transactions
Balancing performance accuracy and precision for secure cloud transactions
 
balancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactionsbalancing performance,accuracy and precision for secure cloud transactions
balancing performance,accuracy and precision for secure cloud transactions
 
The Architecture of CUBRID
The Architecture of CUBRIDThe Architecture of CUBRID
The Architecture of CUBRID
 
A New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia ApplicationsA New QoS Renegotiation Mechanism for Multimedia Applications
A New QoS Renegotiation Mechanism for Multimedia Applications
 
balancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactionsbalancing performance, accuracy, and precision for secure cloud transactions
balancing performance, accuracy, and precision for secure cloud transactions
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...
 

En vedette

Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)Fred Lin
 
Introduction to distributed system
Introduction to distributed systemIntroduction to distributed system
Introduction to distributed systemishapadhy
 
Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)Alberto Labarga
 
Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...Jimmy Lai
 
Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...tugrulh
 
Turing machine Introduction
Turing machine IntroductionTuring machine Introduction
Turing machine IntroductionAram Rafeq
 
Turing Machine
Turing MachineTuring Machine
Turing MachineAyAn KhAn
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Load Balancing In Distributed Computing
Load Balancing In Distributed ComputingLoad Balancing In Distributed Computing
Load Balancing In Distributed ComputingRicha Singh
 

En vedette (15)

U3.stack queue
U3.stack queueU3.stack queue
U3.stack queue
 
Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)Introduction of Distributed version control system (mainly Mercurial)
Introduction of Distributed version control system (mainly Mercurial)
 
Recursion
RecursionRecursion
Recursion
 
Introduction to distributed system
Introduction to distributed systemIntroduction to distributed system
Introduction to distributed system
 
Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)Introduction to Distributed Annotation System (DAS)
Introduction to Distributed Annotation System (DAS)
 
Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...Distributed system coordination by zookeeper and introduction to kazoo python...
Distributed system coordination by zookeeper and introduction to kazoo python...
 
Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...Google: Cluster computing and MapReduce: Introduction to Distributed System D...
Google: Cluster computing and MapReduce: Introduction to Distributed System D...
 
Turing machine Introduction
Turing machine IntroductionTuring machine Introduction
Turing machine Introduction
 
Turing machine
Turing machine Turing machine
Turing machine
 
Turing Machine
Turing MachineTuring Machine
Turing Machine
 
Turing machine
Turing machineTuring machine
Turing machine
 
Turing Machine
Turing MachineTuring Machine
Turing Machine
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
Turing machines
Turing machinesTuring machines
Turing machines
 
Load Balancing In Distributed Computing
Load Balancing In Distributed ComputingLoad Balancing In Distributed Computing
Load Balancing In Distributed Computing
 

Similaire à A New Security Model For Distributed System

Introducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and PerformanceIntroducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and PerformanceAmin Saqi
 
A Survey on SSO Authentication protocols: Security and Performance
A Survey on SSO Authentication protocols: Security and PerformanceA Survey on SSO Authentication protocols: Security and Performance
A Survey on SSO Authentication protocols: Security and PerformanceAmin Saqi
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case studyMayuri Patil
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19aminmesbahi
 
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Nilanjan Roy
 
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...Good Dog Labs, Inc.
 
Service operator aware trust scheme for resource
Service operator aware trust scheme for resourceService operator aware trust scheme for resource
Service operator aware trust scheme for resourcejayaramb
 
Survey on reliable sla based monitoring for billing scheme in cloud computing
Survey on reliable sla based monitoring for billing scheme in cloud computingSurvey on reliable sla based monitoring for billing scheme in cloud computing
Survey on reliable sla based monitoring for billing scheme in cloud computingeSAT Journals
 
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356IOSR Journals
 
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolCT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolHarini737456
 
Technet.microsoft.com
Technet.microsoft.comTechnet.microsoft.com
Technet.microsoft.comKurt Kort
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2Sanjoy Kumar Roy
 

Similaire à A New Security Model For Distributed System (20)

Introducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and PerformanceIntroducing CAS 3.0 Protocol: Security and Performance
Introducing CAS 3.0 Protocol: Security and Performance
 
Cloud Identity Management
Cloud Identity ManagementCloud Identity Management
Cloud Identity Management
 
A Survey on SSO Authentication protocols: Security and Performance
A Survey on SSO Authentication protocols: Security and PerformanceA Survey on SSO Authentication protocols: Security and Performance
A Survey on SSO Authentication protocols: Security and Performance
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case study
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
 
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...
 
Service operator aware trust scheme for resource
Service operator aware trust scheme for resourceService operator aware trust scheme for resource
Service operator aware trust scheme for resource
 
Survey on reliable sla based monitoring for billing scheme in cloud computing
Survey on reliable sla based monitoring for billing scheme in cloud computingSurvey on reliable sla based monitoring for billing scheme in cloud computing
Survey on reliable sla based monitoring for billing scheme in cloud computing
 
Client server computing
Client server computingClient server computing
Client server computing
 
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
Survey on Restful Web Services Using Open Authorization (Oauth)I01545356
 
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolCT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA Protocol
 
Presentation
PresentationPresentation
Presentation
 
Technet.microsoft.com
Technet.microsoft.comTechnet.microsoft.com
Technet.microsoft.com
 
Keystone Federation
Keystone Federation Keystone Federation
Keystone Federation
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
 
13 ijcse-01233
13 ijcse-0123313 ijcse-01233
13 ijcse-01233
 

Plus de Sanoj Kumar

Internet of things
Internet of thingsInternet of things
Internet of thingsSanoj Kumar
 
Big data and Internet
Big data and InternetBig data and Internet
Big data and InternetSanoj Kumar
 
A New Form of Dos attack in Cloud
A New Form of Dos attack in CloudA New Form of Dos attack in Cloud
A New Form of Dos attack in CloudSanoj Kumar
 
Inverted page tables basic
Inverted page tables basicInverted page tables basic
Inverted page tables basicSanoj Kumar
 
Hardware virtualization basic
Hardware virtualization basicHardware virtualization basic
Hardware virtualization basicSanoj Kumar
 
Dos attack basic
Dos attack basicDos attack basic
Dos attack basicSanoj Kumar
 
Steganography basic
Steganography basicSteganography basic
Steganography basicSanoj Kumar
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesSanoj Kumar
 

Plus de Sanoj Kumar (14)

Internet of things
Internet of thingsInternet of things
Internet of things
 
Jsp applet
Jsp appletJsp applet
Jsp applet
 
Corba
CorbaCorba
Corba
 
Dns
DnsDns
Dns
 
Big data and Internet
Big data and InternetBig data and Internet
Big data and Internet
 
Ajax
AjaxAjax
Ajax
 
A New Form of Dos attack in Cloud
A New Form of Dos attack in CloudA New Form of Dos attack in Cloud
A New Form of Dos attack in Cloud
 
Biometrics
BiometricsBiometrics
Biometrics
 
IPC SOCKET
IPC SOCKETIPC SOCKET
IPC SOCKET
 
Inverted page tables basic
Inverted page tables basicInverted page tables basic
Inverted page tables basic
 
Hardware virtualization basic
Hardware virtualization basicHardware virtualization basic
Hardware virtualization basic
 
Dos attack basic
Dos attack basicDos attack basic
Dos attack basic
 
Steganography basic
Steganography basicSteganography basic
Steganography basic
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 

Dernier

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

Dernier (20)

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 

A New Security Model For Distributed System

  • 1. A New Collaborative Trust Enhanced Security Model for Distributed System By: Sanoj (MU10CO13) Tileswar Nath(MU10CO12)
  • 2. Introduction • A distributed system is susceptible to a variety of security threats. • A principal can impersonate other principal and authentication becomes an important requirement • Authentication is a process by which one principal verifies the identity of other principal. • In one way authentication only one principal verifies the identity of the other principal. • In mutual authentication both communicating principals verify each other’s identity.
  • 3. Proposed Approach • The proposed approach enhances the performance of complete system by sharing the authentication workload among all other nodes. • Agent based system with various functionalities as monitoring the servers, balancing the load of service providers and service request in case of unavailability of servers.
  • 4. Features of proposed approach Assumptions  client must have to share some resources such as processor, some basic services etc., in order to access the existing resources and services of the distributed system.  Client has to inform about duration of its availability in the distributed system to SuperHost.
  • 5. Load Balancing  An agent system is used to balance the load of service providers.  Agent records the service registries and maximum load that a server can handle in terms of clients.  Agent allocates the list of below loaded servers to client. Whenever a client requests for a service, agent provides the references of servers according to their load status.  if all the servers are overloaded for the requested service, the agent system can play the role of server by itself.
  • 6. Life time for client and server  The life time of client and server is controlled by SuperHost. However the client and server can also make an explicit leaving request to SuperHost.  In the former case, at the time of joining the system, SuperHost informs client about its life time. If client remains idle for a predefined period of time, the SuperHost can assume the client from the system implicitly assuming that client does not want to continue with this system.
  • 7. Components of CTES model SuperHost  SuperHost is the trustworthy node which acts as central controller of systems.  This system is also responsible to investigate the client about its trustworthiness, to monitor the life time of clients and servers.  It provides various to users related to its operation such as record update, reference of Authentication Server (AS) to client and reference of agent to server respectively
  • 8. Key Distribution Center (KDC)  KDC (Key Distribution Center) is a collective name for AS (Authentication Server) and TGS (Ticket Granting Server) .  Each client contacts AS to receive TGT (Ticket- Granting Ticket) and then TGS to receive a session key and a SGT (Service-Granting Ticket) before making a request for services.
  • 9. Agent An agent system registers the services offered by servers, keeps load status of service providers, provides the list of servers on request of client, and serves the request of client in case of unavailability of service providers. Client  Any new node registered by the SuperHost is termed as client node. Each node is required to send a request to SuperHost at the time of joining the system  A unique client_id has been assigned to each client by SuperHost. A client can make requests for services and resources in the distributed system for which it has to authenticate through the KDC. Server  Server is a service provider which is authorized by the SuperHost to provide services in the distributed system.
  • 10. CTES Model for Client Joining of a client 1. Client ---> SuperHost Client requests the SuperHost for registration by giving its identity and capability list. Capability list includes the list of resources and basic services owned by the node. SuperHost recognizes him as a client. 2. SuperHost --->Client SuperHost displays an agreement for the registration to the client which means that each client has to follow the rules and policies mentioned in the agreement. For this SuperHost demands the capability list of the client.
  • 11. 3. Client --->SuperHost Client provides capability list to SuperHost. The capability list contains a list of objects to which the process has right to access. In the proposed model, it consists of available resources and basic services that client holds. 4. SuperHost--->Client At the end of this process, SuperHost stores the reference and details of new client for the use by itself and other nodes of the system administration. SuperHost also provides a client_id to the client for its authentication. This client_id is the result of a crypto-based function (generally user defined).
  • 12. Service request by a client Step 1: Authentication by KDC 1. Client ---> AS The Client requests AS with its Client_id for TGT (Ticket Granting Ticket). 2. AS --->Client The AS checks to existence of the client from SuperHost. If it is, the AS returns a session key (for the communication from client to TGS) in encrypted form using the password of the client and Ticket-Granting Ticket which includes the Client_id, client network address, ticket validity period and client/TGS session key in encrypted form using the secret key of the TGS.
  • 13. 3. Client ---> TGS After receiving the reply from the AS, client decrypts the session key with its password. Here client sends the TGT to TGS. 4. TGS ---> Client TGS decrypts the message with its own secret key and returns the reference of Agent system with a session key to access the service.
  • 14. Step 2: Request for references of servers to agent 1. Client ---> Agent In the first step of this process, client makes a request to agent for some service with client_id and a valid session-id for authentication. 2. Agent ---> Client Agent searches the requested service in its database and if it finds, it checks the load status of the server. Agent provides the reference according to the load status of servers, that is, underloaded to client.
  • 15. 3. Client --->Server After receiving a list of servers for the requested service, client is free to make a new request to any of the server. Client sends client_id and service name in request message to destined server 4. Server --->Client As server receives a request from any of the clients, it updates its load and also sends a load update message to Agent. Server provides service to the client and charges for the service.
  • 16. Conclusion • This paper makes an attempt to build a trustworthy system using Kerberos extended by trust and its requirement in the distributed system. • For this both authorization and authentication aspects are considered. The proposed approach provides a promising solution with trust policies as authorization semantics. • A Reactive agent system is proposed in order to balance the load of systems and to maintain the list of services and servers. • Distributing the authentication workload in an efficient manner enhances the overall performance of the system