A REVIEW ON SECURITY IN DISTRIBUTED SYSTEM
This paper intends to discuss various issues related to security in distributed systems. These issues include the approaches that can be used for security in distributed system, the model that can be applied for enhancing the security aspect in distributed system and finally the trustworthiness of distributed system itself.
Distributed system, security
Security aspects in distributed system become crucial especially in the new millennium where the information is easy to access. To date, the techniques of distributed system are excessive, miscellaneous and it leads to the huge cost of implementation (Ming, Aiqun, & Hangping, 2009). Due to the far-reaching of distributed system, security aspect has grown tremendously into more complicated with enlarged use and networking of personal computers. Nowadays, each of the local networks and the connections between both large and small computers performs their parts and contribute their significance in the application.
One of the major issues with distributed system is application security. It is obviously compulsory in order to protect the integrity and privacy of the information and other resources as well that possessed by both parties, either individuals or organizations. It is extensive issues whether in physical or digital world. It emerges from the wish to share resources. Meanwhile, resources that are private can be preserved by isolating them from the external access (Coulouris, Dollimore, & Kindberg, 2005). The security level of information and resources that applied in distributed systems can be different. It is depends on the types of organizations itself. For example, security level for business absolutely different with the military requirement for security level.
By concerning to the above matters, new notions are needed to resolve the problems such as security and function of distributed systems. The security problem of distributed systems including protection, creditability and manageability is to be radically solved.
There are several numbers of issues regarding on security in distributed system. In 1998, an analysis on ethics as a foundation of information security in distributed system has been done by (Leiwo & Heikkuri, 1998). The number of problems of ethical layer also been identified. (Skakun & Kussul, 2006) has presented an agent approach for providing security in distributed system. The proposed approach uses neural networks in order to forecast both on-line and off-line monitoring for analyzing user's activity.
(Bryce, Banatre, & Le Metayer, 1995) came out with programming language-based approach to information security in distributed system. The language programming that is implemented was CSP. An actor-based approach for security and fault tolerance in distributed system has been presented by (Agha & Ziaei, 1998). The Actors model that has been proposed in their research provides a general and flexible model of simultaneous and distributed computation.
Other than approaches, a hybrid trust model has been proposed by (Lin & Varadharajan, 2007) in order to enhance the security in distributed system. The trust model that proposed by them can be divided into two types of model. The first one is hard trust model. This model is applied for managing trust relationships derivable from crypto-based mechanisms and the second one is soft trust model where it is used for managing trust relationships that derived from security related behavioral evidence through a new set of social control mechanisms.
Meanwhile, the study on secure key techniques of trustworthy distributed system has been successfully done by (Ming et al., 2009). They have presented a new scheme for constructing a trustworthy distributed system. A research on secure key techniques also has been done. Other than that, they also introduce the concept of trustworthy distributed system.
This paper is trying to make a concise review of several issues that related to security in distributed system. This paper organized as follows; the overview about distributed system is presented in section 2. The discussion about approaches and model that can be implemented in security for distributed system in section 3 to 7. Section 8 will discuss on secure key techniques of trustworthy distributed system. Finally conclusion is derived in section 9.
2.0 DISTRIBUTED SYSTEM
Distributed system can be defined as one in either hardware or software components that located at networked computers communicate and coordinate their actions only by passing messages (Coulouris et al., 2005). It consists of a collection of high performance systems interconnected via high performance networks. It becomes more and more important to mankind in daily life and feasible platforms for execution of large scale and complex problems (Jian & Taylor, 1998). For example, the famous usage of automatic teller machine (ATM), the application of internet/world wide web (WWW) where it is also a huge distributed system, database management system etc.
Distributed system has widely applied in order to solve different problems in computer science, i.e., network security and projects that require high computational power (Hilker & Luther, 2008). It also came out with an economical alternative to costly huge parallel computers. This leads to the importance of efficient security application in distributed system and also the level of their protection. The crucial aspect of distributed system is its shared data network. The shared data network is the heart of the organization and be likely to extend with the development of the organization and technology as well (Armoni, 2002) .
3.0 AGENT APPROACH FOR SECURITY IN DISTRIBUTED SYSTEM
The importance of distributed system to mankind is obviously required in daily activities, such as computer networks, grid systems that used for solving complex scientific problem etc. In order to provide security in distributed system, (Skakun & Kussul, 2006) came out with new approach by applying neural networks. In a purpose to analyze user's activity, the proposed approach predicts on-line and off-line monitoring. The unusual and irregularities that occurred in user behavior can be discovered by applying this approach.
For off-line monitoring, it is accomplished after the user terminated the task. This monitoring is based on the analysis of statistical information that achieved during the user's work.
In their studies, neural network is applied as classifier to differentiate between normal and abnormal user behavior. Meanwhile, to enable the reflection a both dynamical and statistical feature of user's activity, the on-line and off-line monitoring is applied. The development of mobile agents is implemented by Java and Aglets Software Development Kit (ASDK).
Basically, the approach that has been applied by (Skakun & Kussul, 2006) is an agent approach which they have the characteristic of being autonomous, where it able to act independently. As an agent, it enables to be viewed as observing its environment through sensors and acting upon that environment through effectors.
By referring to (Skakun & Kussul, 2006), the characteristic of agent can be simplified as following set:
<S, Prog, Eff, Arch, P, A, G, E> where each elements can be defined as;
i) S = sensors through which it perceives information from environment.
ii) Prog (program) = Prog:P->A defines agent's response to its percepts
iii) Eff = effectors through which agent can act on environment
iv) Arch = The architecture of the agent
v) P = Determine kind of information that an agent can recognize from its sensors
vi) A = Determine kind of actions that agent can make by using its effectors
vii) G = agent's goal
viii) E = the environment where agent functions.
The proposed method takes advantages of both intelligent approaches in order to monitor the user's activity and multi-agent approach. Merits that obtained by applying neural network is it provides adaptive and robust approach for the analysis and generalization of data acquire from user activity.
4.0 ETHIC BASED APPROACH FOR SECURITY IN DISTRIBUTED SYSTEM
The security of distributed systems relies on both technical and administrative fundamentals. For technical fundamental, it is generally based on the measurement of cryptographic and the model of access control while administrative fundamental is based on several non-technical layers that appended on top of technical communication protocols.
Regarding to (Leiwo & Heikkuri, 1998), one of the vital aspects for complete security in any information security is ethics. They emphasize more on ethics based approach. The analysis regarding to the ethics as substructure of information security in distributed system has been done successfully by them. The analysis began with the introduction for the essential of security itself. This is performed by analyzing the basis of threats in open public networks. They also studied about the characteristics of hackers and the relationship between computer crime and the hacking itself. They also came out in details with problem on establishing information security on ethical operations in public networks.
(Leiwo & Heikkuri, 1998) also discussed about problems with ethical foundation where they touched on hackers. Regarding to them, hackers tend to maintain their freedom and individuality in the controlled world. Indirectly, this may leads into serious difficulties in bridging the gap between hackers and information security personnel.
5.0 HYBRID TRUST MODEL FOR SECURITY IN DISTRIBUTED SYSTEM
According to studies that have been done by (Lin & Varadharajan, 2007), trust is the most important concept for security. The proposed trust model can be broken into two types which they are soft and hard. Hard trust is implied in most of the conventional security systems for distributed systems. On the other hands, soft trust models catch the trust relationship that is based on observable evidence about the system entity's behavior, either through direct experiences or indirect experiences or a combination of both.
The formal hybrid trust model has been developed by (Lin & Varadharajan, 2007) that specifying the hybrid relationships and associated operations. The reason from using this model is to repay for the disadvantages associated with the individual hard trust and soft trust models.
In order to categorize the merits and demerits of the individual both hard and soft trust models, taxonomy of trust model property was developed. The goal for this purpose was to propose an improved hybrid model. The improved hybrid model than used to improve soft trust where in their experiment, it has been done through an example.
In their study, a mobile agents system is used as an example for distributed system. According to them, mobile agent system consists of three major trust classes, which they are Authentication Trust where in this trust, it involves several keys such as public/private key pairs, secret keys or session keys, Execution Trust that required for improved agent security and finally, Code Trust that is needed for improved host security.
6.0 PROGRAMMING LANGUAGE-BASED APPROACH TO INFORMATION SECURITY IN DISTRIBUTED SYSTEM
The huge increment of number of important information that are stored in computer systems leads to the expand of attack on a system where a user able to obtain the information from the system illegally (Bryce et al., 1995). In order to discover and prevent illegal information transfer within computer system, the mechanism of information flow control is needed.Â From their study, they have presented an approach to information flow control in a system of communicating processes which is a programming-based approach. The language programming that is implemented was CSP.
A CSP program consist of a fasten number of processes. Each of them is recognized by a character string 'label'. Processes communicate by two-way assignation.Â
Regarding to them, generally, computer systems certify the information confidentiality by using access control mechanisms.
7.0 AN ACTOR-BASED APPROACH FOR SECURITY AND FAULT TOLERANCE IN DISTRIBUTED SYSTEM
From the study that has been done by (Agha & Ziaei, 1998), certain systems are subject to thorough non-functional requirements such as coordination, timing, fault-tolerance and security as well. In their research, they discussed how security and dependability protocols may be specified and analyzed by using Actors model. The Actors model that has been presented in their study, provide a general and flexible model of simultaneous and distributed computation. The interaction of Actors may be applied in order to model standard distributed coordination mechanisms, i.e., remote procedure call (RPC), transactions and any other forms of synchronization.
According to (Agha & Ziaei, 1998), an actor may perform three type of basic actions that able to give an effect to the computation during message processing, which they are:
i)Send messages asynchronously to other actors;
ii)Create actors with specified behaviors
iii) Become ready to receive the next message
Actors are formal model for simultaneous objects.
It is an object that holds a private local state, a set of methods, a unique name and also a thread of control.
(Agha & Ziaei, 1998) also study on meta-level architectures that habe been invented to handle the complexity in huge systems. It has been used to support several number of application fields. From thei study, they define for occurrence new abstractions, namely components, connectors and actor groups. In this model, an actor group represents an encapsulation boundary that able to protect internal actors from external interactions.
8.0 SECURE KEY TECHNIQUES OF TRUSWORTHY DISTRIBUTED SYSTEM
Nowadays, there are different cognitions to the trustworthy distributed systems. They are based on several number of factors which are conformity of exiting security technology, trustworthiness of distributed system itself and also the service that it supported (Ming et al., 2009). From the study that has been done, (Ming et al., 2009), they came out with a new scheme for constructing a trustworthy distributed system. The research on secure key techniques also has been presented.
According to (Ming et al, 2009), in order to achieve a trustworthy distributed system, there are four basic aspects that should be the basic properties of trustworthy distributed system. They are security, controllability, manageability and survivability. The trustworthiness of distributed system has a set of attributes that security and survivability must ensured in user's view while the manageability of distributed system must supported in designer's view.
In trustworthy distributed system, security, survivability and controllability are closely related. They are formed an organic whole around trustworthiness maintenance and behavior control. These are divided into three parties, input, process and output.
Nevertheless, as discussed in (Ming et al, 2009), there are four main problems in order to achieve trustworthiness of distributed system. They are trustworthiness of remote user, trustworthiness of remote platform, trustworthiness of remote platform and finally, trustworthiness of remote action.
Regarding to the research of key technology of security that has been presented in (Ming et al, 2009), it consists of four steps. First, a trustworthy model of distributed system and user behavior is present based on exiting security technology through analyzing requirement of trustworthy distributed system. This is also as a main step for this research. Second, a core chip of security is designed and completed. The whole study is based on this step. Third, an archetype is built to intensify security of trustworthy distributed system. Finally, an estimation theory of trustiness is present to verify the archetype. The archetype is verified using trustworthiness estimation to perfect mechanism of trustworthiness of distributed system.
Distributed system security is fundamentally more complex than stand-alone system security. In order to enhance the security in distributed system, there is several numbers of approaches, techniques and model that can be implemented. Enhanced security of distributed system is helpful for increasing authentication of security laws and deterrence to hacker.
Agha, G. A., & Ziaei, R. (1998). Security and fault-tolerance in distributed systems: an actor-based approach. Paper presented at the Computer Security, Dependability and Assurance: From Needs to Solutions, 1998. Proceedings.
Armoni, A. (2002). Data Security Management in Distributed Computer Systems. Informing Science, Volume 5, 19-27.
Bryce, C., Banatre, J., & Le Metayer, D. (1995). An approach to information security in distributed systems. Paper presented at the Distributed Computing Systems, 1995., Proceedings of the Fifth IEEE Computer Society Workshop on Future Trends of.
Coulouris, G., Dollimore, J., & Kindberg, T. (2005). Distributed System Concepts and Design (4th Edition ed.): Addison Wesley.
Hilker, M., & Luther, K. (2008). Artificial Cell Communication in Distributed Systems. Paper presented at the Advanced Information Networking and Applications, 2008. AINA 2008. 22nd International Conference on.
Jian, C., & Taylor, V. (1998). Mesh partitioning for distributed systems. Paper presented at the High Performance Distributed Computing, 1998. Proceedings. The Seventh International Symposium on.
Leiwo, J., & Heikkuri, S. (1998). An analysis of ethics as foundation of information security in distributed systems. Paper presented at the System Sciences, 1998., Proceedings of the Thirty-First Hawaii International Conference on.
Lin, C., & Varadharajan, V. (2007). A Hybrid Trust Model for Enhancing Security in Distributed Systems. Paper presented at the Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on.
Ming, H., Aiqun, H., & Hangping, Q. (2009). Research on Secure Key Techniques of Trustworthy Distributed System. Paper presented at the Computer Engineering and Technology, 2009. ICCET '08. International Conference on.
Skakun, S., & Kussul, N. (2006). An Agent Approach for Providing Security in Distributed Systems. Paper presented at the Modern Problems of Radio Engineering, Telecommunications, and Computer Science, 2006. TCSET 2006. International Conference.