SECURITY ISSUES IN CLIENTSERVER COMPUTING ENVIRONMENT Feng Chen

Reliability and security is a concern for any computer system. These issues require special

Basic Components of Security Management ü Confidentiality ü Integrity ü Availability

Possible Threats & Types of Attacks MImpersonation MSniffing MSoftware-Threats--Trojan Horse MData-Driven Attacks MDenial of

Security Solutions Physical Security • locks and keys • security guards Software security •

Authentication & Be performed to ensure a user or program has specific access to

Encryption Shared Key Encryption: One key both encrypts and decrypts Public/Private Key Encryption Signature:

Kerberos & Kerberos is an authentication and session encryption system. +How it Works? òA

• General Security Issues 1 The security is only as strong as its

As computing becomes more ubiquitous and more pervasive, client/server computing will become the dominant

Slides: 11

Download presentation

SECURITY ISSUES IN CLIENT/SERVER COMPUTING ENVIRONMENT Feng. Chen Aug. 31, 2000

Reliability and security is a concern for any computer system. These issues require special attention when considering a change from mainframe to client/server technologies. Since mainframes are very secure because they are generally placed in 'glass rooms' with hardened infrastructure and controlled access, while client/server systems are distributed and therefore more difficult to secure.

Basic Components of Security Management ü Confidentiality ü Integrity ü Availability

Possible Threats & Types of Attacks MImpersonation MSniffing MSoftware-Threats--Trojan Horse MData-Driven Attacks MDenial of Service

Security Solutions Physical Security • locks and keys • security guards Software security • Authentication • Encryption • Kerberos • Others

Authentication & Be performed to ensure a user or program has specific access to resource or data BASIC Network Authentication 8 Password 8 Username & Password 8 Retinal Image 8 Security Token 8 Finger Print 8 Algorithm in “Smart” Card 8 Physical Location (IP Address)

Encryption Shared Key Encryption: One key both encrypts and decrypts Public/Private Key Encryption Signature: One key encrypts, another different but related key for decrypts combination of these two methods allows for A mutual authentication.

Kerberos & Kerberos is an authentication and session encryption system. +How it Works? òA separate ticket granting server gives a ticket to a user or application. òThis ticket can then be used for any number of resources on the network. òIf a client wants to talk to a server, both the client and the server will talk to the authentication server to establish that the client is authorized.

• General Security Issues 1 The security is only as strong as its weakest link 1 A flawed security is worse than no security at all 1 It is always better to use several security systems together than only one 1 Security by obscurity doesn’t work

Client/Server THE FUTURE

As computing becomes more ubiquitous and more pervasive, client/server computing will become the dominant implementation strategy. Convergence of standards will result in better applications integration and interoperability. Authentication and security issues will be resolved sooner rather than later: the enormous interest in exploiting the commercial potential of the Internet will propel this process.