Security in Distributed System
In a distributed system, one must consider many possible security risks. To mitigate these risks there are a number of strategies that can be employed:
- Encryption algorithms that protect data in transit and at rest.
- Firewalls that limit access to specific ports/cables.
- Intrusion detection systems that identify anomalous behavior among network services.
- Intrusion prevention systems (IPS) respond to attempted intrusions by initiating defensive actions like blocking suspicious IP addresses or taking down compromised servers.
These measures may be insufficient, to identify attacks at the network level without help from other sources. We can not only prevent malicious actors from gaining access to our machines from other machines in the same firewall but can also monitor our own actions.
Reckless data sharing can significantly increase exposure to both the threats themselves and the costs entailed in defending against them.
Goals of Distributed System Security:
Security in a distributed system poses unique challenges that need to be considered when designing and implementing systems. A compromised computer or network may not be the only location where data is at risk; other systems or segments may also become infected with malicious code. Because these types of threats can occur anywhere, even across distances in networks with few connections between them, new research has been produced to help determine how well distributed security architectures are actually performing.
In the past, security was typically handled on an end-to-end basis. All the work involved in ensuring safety occurred “within” a single system and was controlled by one or two administrators. The rise of distributed systems has created a new ecosystem that brings with it unique challenges to security.
Distributed systems are made up of multiple nodes working together to achieve a common goal, these nodes are usually called peers.
Security Requirements and Attacks Related to Distributed Systems:
A distributed system is composed of many independent units, each designed to run its own tasks without communicating with the rest of them except through messaging service. This means that a single point of failure can render a system completely incapable without any warning since there is no single point that can perform all necessary operations.
Attacks related to distributed systems are an area of active research. There were two main schools of thought, those who believed that network worms could be stopped by employing firewalls and those who did not.
A firewall might do nothing about worms and their ability to spread across various types of networks, especially wireless networks and the Internet. This was because although firewalls were able to stop intruders from gaining access through the firewall, they were unable to stop a worm from self-replicating.
To summarize, there are numerous attacks that can be used against a network worm that has to do with breaking functionality and altering data, or simply deleting it.
For more details on the Distributed systems please refer to What is Distributed System?