In this tutorial you are going to learn about Security Protocols in Distributed System.
Before we discuss security protocols in Distributed System, first you should know what exactly is Distributed System and what are its Security Goals.
Distributed System
A Distributed System is a collection of autonomous computers linked by a computer network and equipped with distributed system software. Thus this makes the system more scalable and allows computers to coordinate their activities to share resources of system hardware, software and data.
For such systems, security is the biggest concern. The security goals of such a system follows CIA Triad that is Confidentiality, Integrity and Availability.
- Confidentiality: It is the most common aspect of information security. The data sent over the network should not be accessed by unauthorized users means only accessed by the receiver no one else. To prevent attacks by hackers, many encryption techniques are used to safeguard our data so that even if attackers gain access they will not be able to decrypt it. If the data is not kept private here that means confidentiality is lost in the system.
- Integrity: Messages sent by the sender should be in original form and when received by the receiver should be in the same form when sent. This means that changes need to be done by the authorized entities and through authorized mechanisms. Nobody else should modify our data. If the message sent is different and when received is different this means integrity is lost.
- Availability: Data must be available and accessible to authorized users. If it is not available to authorized entities this means Availability is lost in the system.
Security Protocols
Now, after we discussed Distributed System and Security Goals now let's discuss the main topic Security Protocols in Distributed System.
Encipherment
Encipherment is the process of transforming plain text into cipher text. Once the messages are encrypted it is impossible for unauthorized users to read those messages. Hence Confidentiality is maintained in the system which allows authorized users to access their sensitive and protective data.
Example: Alphabets with numbers represents like A is 01, B is 02, C is 03 and so on Given the plain text : I Like You, after this message is encrypted it will look like this: 0912091105251521, now this message will be unreadable to unauthorized users.
Digital Signature
Digital Signature is the process of authentication validation and maintaining integrity of the message. It is based on asymmetric cryptography i.e., it uses a pair of related keys, one public key and one private key. Hashed value of original message is encrypted with the sender's secret key then finally a digital certificate is generated. Hence, confirming the identity of someone for signing their document.
Access Control
Access Control is a process of performing authentication, authorization and identification of users through different login credentials such as passwords, username, PINs (Personal Identification Numbers) etc. This helps in identifying who can access private data as and when needed. This mechanism is used in large firms and businesses. For Example, when using WiFi an unauthorized user cannot access its internet network until and unless he/she knows the password of it.
Authentication Exchange
Authentication Exchange is a process of Authentication to ensure identity of user or entity through data exchange. For Example, Google authenticator which is a mobile application that provides two factor verification and authorization which helps in verifying user before granting permissions to various websites and services.
Routing Control
Routing Control is a process to improve internet performance by reducing bandwidth cost and overall internetwork operations. This mechanism monitors all the outgoing traffic through connections with ISPs (Internet Service Providers) and then helps in selecting the best optimal path for efficient delivery of
data.
This article on Security Protocols in Distributed System is contributed by Mansi Tiwari. If you like TheCode11 and would like to contribute, you can also write your article and mail to thecode11info@gmail.com