Distributed Security Techniques
This chapter covers the core elements of security in a distributed system. It illustrates the various ways that a third party can gain access to data and gives an overview of the design issues involved in building a distributed security system. Cryptography is introduced, then cryptographic techniques for symmetric and asymmetric encryption/decryption are given, along with a description of one-way hash functions. To demonstrate the use of these underlying techniques we provide an example of how a combination of public/private keys and hash functions can be used to digitally sign a document, e.g., email. Both asymmetric and symmetric secure channels are discussed and scenarios are provided for their use. Finally, the notion of sandboxing is introduced and illustrated through the description of the Java security-manager implementation.
The role and timeliness of this chapter therefore is to provide a security gateway for the middleware and applications that we will discuss in the following chapters, which often use a combination of security techniques. For example, Freenet (Chapter 12) uses many of these techniques extensively for creating keys for the Freenet network, which are used not only for privacy issues, but to actually map from the data content to network location. Further, both Jxta (Chapter 15) and Grid computing (Chapter 9) provide security infrastructures and address authentication issues; and BitTorrent (Chapter 13) makes use of hash functions in order to ensure the integrity of data as it is passed around the network.
KeywordsHash Function Security Policy Security Mechanism Secure Channel Original Message
Unable to display preview. Download preview PDF.