15.Distributed Systems Security


Link to the SOTA Chapter

Ongoing Research

Future Directions

CaberNet Related Activities

The goal of the 2WEAR project is to explore this vision by developing a distributed personal computing system that will be inherently extensible and adapt itself to its changing configuration. The system will be able to detect and seamlessly connect to various devices, also exploiting the available surrounding computing infrastructure. It will also dynamically adapt its functional and interactive elements, based on the availability of components and the context of use, without having to reset or shutdown running applications.

The ARION system is aiming to provide a new generation of Digital Library e-services of search and retrieval of objects in scientific collections, such as, data sets, simulation models and tools necessary for statistical and/or visualization processing. These collections may represent application software of scientific areas, they reside in geographically disperse organizations and constitute the system content. The user, as part of the retrieval mechanism, may dynamically invoke on-line computations of scientific data sets when the latter are not found into the system. Thus, ARION provides the basic infrastructure for accessing and producing scientific information in an open, distributed and federated system. More advanced e-services, which depend on the scientific content of the system, can be built upon this infrastructure, such as decision making and/or policy support using various information brokering techniques.

Survivable systems are known to be resistant to different kinds of problems. Among these are failures due to software or hardware faults, but also attacks caused by computer criminals. The design and implementation of survivable systems therefore requires a variety of different steps to support system analysis and synthesis. In this project, we elaborate a new approach to design survivable systems (in particular computer and communication networks) based on a repeatedly applied analysis of the system to identify various kinds of threats, errors and performance bottlenecks. Our evaluation of a survivable system combines fault-, performance- and security management. In [Benecke 2002] the approach is applied, by way of example, to packet screens as important building blocks of firewalls. Another emphasis of the project is put on the efficient solution of analytical reliability models and their application to communication networks [Heidtmann 2002].

The DIT project is part of the DARPA OASIS program (Organically Assured & Survivable Information Systems). The aim of the project is to develop Internet servers (in particular, Web servers) able to tolerate intrusions (complementarily to accidental faults). The DIT architecture is based on diverse platforms (OS + application software) providing identical contents, under the control of diversified proxies. Error detection mechanisms (content comparison, integrity checks, mutual monitoring by proxies) is completed by EMERALD intrusion detection tools. The redundancy level is automatically adapted according to the current alert level, with graceful performance degradation.

It is a project of the French national RNRT research network. The project aims to analyze security requirements for information systems in healthcare and social sectors, and to develop security policies adapted to these requirements, supported by models able to verify certain properties.

RAPID aims to develop a strategic roadmap for applied research in the area of privacy and identity management. In order to preserve its overall relevance, RAPID has set itself the ambitious goal to complete its work plan in 12 months. To support this aim, RAPID will put in place a dedicated project management and scientific co-ordination structure by combining human resources and skills and state of the art quality assurance techniques.

The emergence of global computing systems introduces new security challenges that are not adequately addressed by existing security models and mechanisms. The scale of such systems means that interaction will soon be between billions of devices and new security models will be required. Mobile devices which become disconnected from their home network will have to make fully autonomous security decisions and may need to obtain services in unfamiliar and hostile environments.

The SECURE project will develop a new trust-based security model for global computing systems in the form of a formal model in which trust relationships may be established on the basis of interaction between entities, together with a security mechanism expressed in terms of the trust model.

The UniTEC project is dealing with questions like how trust can be modelled in a digital system and how trust can be passed on from one entity to another. Trust essentially consists of two different parts: the first one being explicit knowledge which depends largely on personal experiences or the experiences others have made about a certain person, company etc. The second part is a rather tacit knowledge, a feeling which is hard to put into words but which has nevertheless a strong influence on the "total trust". UniTEC tries to model trust in the form of recommendations that users of the system are giving out about companies, products of all kinds or other users. Concepts are developed about how to represent, store and forward those recommendations, how requests can be formulated for such a system and mechanisms have to be developed to guarantuee the privacy of the involved users.


[Benecke 2002] C. Benecke. “Überlebensfähige Sicherheitskomponenten für Hochgeschwindigkeits-netze -- Entwurf und Realisierung am Beispiel einer Packet Screen“. Dissertation, Fachbereich Informatik, Univ. Hamburg. Berichte aus dem Forschungsschwerpunkt Telekommunikation und Rechnernetze, Band 3. B.E. Wolfinger (ed.). Shaker-Verlag. Aachen, Germany. 2002.

[Heidtmann 2002] K. Heidtmann .“Statistical Comparison of Two Sum-of-Disjoint-Product Algorithms for Reliability and Safety Evaluation“. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP 2002). Catania, Italy. LNCS. Springer. Berlin, Germany. September 2002.

Maintained by Rogério de Lemos (r.delemos@ukc.ac.uk)
Last updated 4 November, 2002