Distributed Systems Security - Issues, Processes And Solutions

How to solve security issues and problems arising in distributed systems.





Security is one of the leading concerns in developing dependable distributed systems of today, since the integration of different components in a distributed manner creates new security problems and issues. Service oriented architectures, the Web, grid computing and virtualization – form the backbone of today’s distributed systems. A lens to security issues in distributed systems is best provided via deeper exploration of security concerns and solutions in these technologies. 





Distributed Systems Security provides a holistic insight into current security issues, processes, and solutions, and maps out future directions in the context of today’s distributed systems. This insight is elucidated by modeling of modern day distributed systems using a four-tier logical model –host layer, infrastructure layer, application layer, and service layer (bottom to top). The authors provide an in-depth coverage of security threats and issues across these tiers. Additionally the authors describe the approaches required for efficient security engineering, alongside exploring how existing solutions can be leveraged or enhanced to proactively meet the dynamic needs of security for the next-generation distributed systems. The practical issues thereof are reinforced via practical case studies.





Distributed Systems Security:



* Presents an overview of distributed systems security issues, including threats, trends, standards and solutions.

* Discusses threats and vulnerabilities in different layers namely the host, infrastructure, application, and service layer to provide a holistic and practical, contemporary view of enterprise architectures.

* Provides practical insights into developing current-day distributed systems security using realistic case studies.



This book will be of invaluable interest to software engineers, developers, network professionals and technical/enterprise architects working in the field of distributed systems security. Managers and CIOs, researchers and advanced students will also find this book insightful.

Anirban Chakrabarti holds a PhD degree from the Department of Electrical and Computer Engineering, Iowa State University in Dec. 2003. Currently he works as a Senior Research Associate in the Grid Computing Focus Group in Software Engineering Technology Labs (SETLABS) of Infosys Technologies, India. In Infosys he is working on the virtualization techniques in the Grid Computing area. In Grid computing his main interests lie in security, manageability, workflow management, and application engineering issues. He is also interested in research in the areas of Internet infrastructure encompassing security, routing and multicasting.

Dr. Srinivas Padmanabhuni is a Principal Researcher at Software Engineering and Technology Labs (SETLabs) in Infosys Technologies Limited, Bangalore, India. He heads the Web Services and SOA centre of excellence in SETLabs at Infosys. Dr. Srinivas specializes in Enterprise Security, Web services, Service Oriented Architecture and Grid technologies alongside pursuing interests in semantic web, autonomic computing, recovery oriented computing, intelligent agents, and enterprise architecture. He is on editorial board of international journals, and has served on program committees for several international conferences and workshops including ICWS (International Conference of Web Services), PricAI (Pacific Rim International Conference on AI), NWeSP (International Conferenceon Next Generation Web Services Practices).

Chapter 1: Introduction


1.1 Background


1.2 Distributed Systems.


1.3 Distributed Systems Security.


1.4 About the Book.


 


Chapter 2: Security Engineering.


2.1 Introduction.


2.2 Secure Development Life Cycle Processes – An Overview.


2.3 A Typical Security Engineering Process.


2.4 Important Security Engineering Guidelines and Resources.


2.5 Conclusion.


 


Chapter 3. Common Security Issues and Technologies.


3.1 Security Issues.


3.2 Common Security Techniques.


3.3 Summary.


 


Chapter 4 – Host level Threats and Vulnerabilities.


4.1 Background.


4.2 Malware.


4.3 Eavesdropping.


4.4 Job faults.


4.5 Resource starvation.


4.6 Overflow.


4.7 Privilege escalation.


4.8 Injection attacks.


4.9 Conclusion.


 


Chapter 5 – Infrastructure Level Threats & Vulnerabilities.


5.1 Introduction.


5.2 Network Level Threats and Vulnerabilities.


5.3 Grid Computing Threats and Vulnerabilities.


5.4 Storage Threats and Vulnerabilities.


 


Chapter 6: Application Level Vulnerabilities and Attacks.


6.1 Introduction.


6.2 Application Layer Vulnerabilities.


6.3 Conclusion.


 


Chapter 7 – Service Level Issues, Threats and Vulnerabilities.


7.1 Introduction.


7.2 SOA and Role of Standards.


7.3 Service Level Security Requirements.


7.4 Service Level Threats and Vulnerabilities.


7.5 Service Level Attacks.


7.6 Services Threat Profile.


7.7 Conclusions.


 


Chapter 8: Host level Solutions.


8.1 Background.


8.2 Sandboxing.


8.3 Virtualization.


8.4 Resource Management


8.5 Proof carrying code.


8.6 Memory firewall


8.7 Anti malware.


8.8 Conclusions.


 


Chapter 9 – Infrastructure Level Solutions


9.1 Introduction.


9.2 Network Level Solutions.


9.3 Grid Level Solutions.


9.4 Storage Level Solutions.


 


Chapter 10: Application Level Solutions.


10.1 Introduction.


10.2 Application Level Security Solutions.


10.3 Conclusion.


 


Chapter 11 – Service Level Solutions.


11.1 Introduction.


11.2 Services Security Policy.


11.3 SOA Security standards stack.


11.4 Standards in Depth.


11.5 Deployment Architectures for SOA Security.


11.6 Managing Service Level Threats.


11.7 Service Threat Solution Mapping.


11.8 XML Firewall Configuration-Threat Mapping.


11.9 Conclusions.


 


Chapter 12 - Case Study – Compliance in Financial Services.


12.1 Introduction.


12.2 SOX compliance.


12.3 SOX Security Solutions.


12.4 Multi-level policy driven solution architecture.


12.5 Conclusions.


 


Chapter 13 – Case Study of Grid.


13.1 Background.


13.2 Financial Application.


13.3 Security Requirements Analysis.


13.4 Final Security Architecture.


 


Chapter 14: Future directions and Conclusions.


14.1 Future directions.


14.2 Conclusions.