Security in Open Networks and Distributed Systems

Abstract With the ever increasing pervasiveness of computer networks, security of information stored in or transported through networks, as well as security of network components and resources themselves are becoming the focus of intense concern on the part of network users and operators. This paper discusses a selection of the most popular state-of-the-art mechanisms designed to protect information, objects and other resources found in networks and distributed systems. The various techniques discussed are introduced in a bottom-up order, starting with basic cryptographic tools, then explaining how these can be exploited to achieve various forms of authentication services, and finally sketching very briefly more recent, mostly experimental developments in the area of access controls for networks and network resources. The paper is addressed to readers with a background in networks and distributed systems but little or no understanding of security issues in general, system security in networking and distributed environments in particular.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Peter J. Denning,et al.  Data Security , 1979, CSUR.

[3]  Deborah Estrin,et al.  Visa protocols for controlling interorganizational datagram flow , 1989, IEEE J. Sel. Areas Commun..

[4]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[5]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[6]  K. S. Shankar,et al.  Special Feature The Total Computer Security Problem: an Oveview , 1977, Computer.

[7]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[8]  Carl E. Landwehr The Best Available Technologies for Computer Security , 1983, Computer.

[9]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[10]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[11]  R. R. Jueneman Electronic document authentication , 1987, IEEE Network.

[12]  Deborah Estrin Inter-organization networks: implications of access control: requirements for interconnection protocol , 1986, SIGCOMM '86.

[13]  Gerald J. Popek,et al.  Encryption and Secure Computer Networks , 1979, CSUR.

[14]  V. Voydock,et al.  Security in high-level network protocols , 1985, IEEE Communications Magazine.

[15]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[16]  Deborah Estrin Controls for Interorganization Networks , 1987, IEEE Transactions on Software Engineering.

[17]  Deborah Estrin Interconnection Protocols for Interorganization Networks , 1987, IEEE J. Sel. Areas Commun..

[18]  Stephen T. Kent,et al.  Security Mechanisms in a Transport Layer Protocol , 1984, Comput. Networks.

[19]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[20]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[21]  Stephen M. Matyas,et al.  A Cryptographic Key Management Scheme for Implementing the Data Encryption Standard , 1978, IBM Syst. J..

[22]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[23]  Paul A. Karger Authentication and Discretionary Access Control in Computer Networks , 1986, Comput. Networks.

[24]  Whitfield Diffie The first ten years of public-key cryptography , 1988 .

[25]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[26]  Stephen M. Matyas,et al.  Generation, Distribution, and Installation of Cryptographic Keys , 1978, IBM Syst. J..

[27]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[28]  Thomas A. Berson,et al.  A key distribution protocol using event markers , 1983, TOCS.

[29]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[30]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[31]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.