COMP 9243 — Week 8 ( 08 s 1 )
نویسندگان
چکیده
An important aspect of dependability in distributed systems relates to security. There are two security related aspects of dependability: confidentiality and integrity. In a system that offers confidentiality, information will only be disclosed to (and services will only be provided to) authorised parties. A system that provides integrity will ensure that alterations (to data or services) can only be made in an authorised way. Furthermore, improper alterations will be detectable and recoverable. Confidentiality and integrity are generally provided through a combination of secure communication and authorisation. Secure communication is concerned with providing a secure communication channel between entities (such as users and processes) in a distributed system. A secure channel provides confidentiality in that data sent over such a channel will not be disclosed to unauthorised third parties. Likewise the integrity of data being sent over secure channels is protected because it cannot be tampered with by unauthorised third parties. Authorisation is concerned with allowing entities to only access those resources that they are entitled to access. This requires determining the identity of entities in the system and keeping track of which resources they are allowed to access, as well as monitoring which resources they attempt to access and preventing access to unauthorised resources. By definition authorisation is required for both confidentiality and integrity.
منابع مشابه
COMP 9243 — Week 6 ( 17 s 1 )
In previous lectures we’ve mentioned that one of the reasons that distributed systems are different (and more complicated) than nondistributed systems is due to partial failure of system components. We’ve mentioned that dependability is an important challenge in designing and building distributed systems and that the presence of failure often makes achieving transparency (e.g., for RPC) difficu...
متن کاملThe University of New South Wales School of Computer Science & Engineering COMP 9243 — Week 1 ( 08 s 1 )
This certainly is the ideal form of a distributed system, where the “implementation detail” of building a powerful system out of many simpler systems is entirely hidden from the user. Are there any such systems? Unfortunately, when we look at the reality of networked computers, we find that the multiplicity of system components usually shines through the abstractions provided by the operating s...
متن کاملCOMP 9243 — Week 10 ( 08 s 1 )
In a distributed file system (DFS), multiple clients share files provided by a shared file system. In the DFS paradigm communication between processes is done using these shared files. Although this is similar to the DSM and distributed object paradigms (in that communication is abstracted by shared resources) a major difference between these paradigms and the DFS paradigm is that the resources...
متن کاملNew South Wales School of Computer Science & Engineering COMP 9243 — Week 4 ( 08 s 1 )
Middleware consists of a layer of services added between those of a regular network OS and the actual applications. These services facilitate the implementation of distributed applications and attempt to hide the heterogeneity of the underlying system architectures (both hardware and software). Middleware is usually based on a particular paradigm, or model, for describing distribution and commu...
متن کاملCOMP 9243 — Week 1 ( 18 s 1 )
This certainly is the ideal form of a distributed system, where the “implementation detail” of building a powerful system out of many simpler systems is entirely hidden from the user. Are there any such systems? Unfortunately, when we look at the reality of networked computers, we find that the multiplicity of system components usually shines through the abstractions provided by the operating s...
متن کامل