A Survey of Security Threats in Distributed Operating System

Sumra Khan *, Syed Muhammad Waqas **, Arbaz Ahmed***
*-*** Department of Computer Science, Bahria University, Karachi, Pakistan.
Periodicity:September - November'2020
DOI : https://doi.org/10.26634/jcom.8.3.18262

Abstract

Recently, security in software is becoming complex, especially in distributed computing. A secured and trusted environment is critically important for distributed computing. Different services and resources in the distributed system have to be secure at different levels; therefore, in this paper, we have analyzed in detail the flaws of the distributed systems, common security threats, common scenarios at which the system faces risk, and the best possible solutions to secure the distributed system. Globus security mechanism is discussed in detail as how the authentication can be done and how message confidentiality and integrity can be achieved. Every idea that radiates all sorts of solutions to this matter is verified and analyzed. This paper provides necessary knowledge to help one understand the meaning of a secure system, the security policies, and the security mechanism.

Keywords

Distributed Operating Systems, Security, Secure Channels, Threat, DDoS, Fabrication.

How to Cite this Article?

Khan, S., Waqas, S. M., and Ahmed, A. (2020). A Survey of Security Threats in Distributed Operating System. i-manager's Journal on Computer Science, 8(3), 44-60. https://doi.org/10.26634/jcom.8.3.18262

References

[1]. Arogundade, O. T., Abioye, T. E., & Sanjay, M. (2020). An ontological approach to threats pattern collection and classification: A preliminary study to security management. International Journal of Electronic Security and Digital Forensics, 12(3), 323-335. https://doi.org/10.1504/IJESDF.2 020.108320
[2]. Bai, Y. (2008, December). On distributed system security. In 2008, International Conference on Security Technology (pp. 54-57). IEEE. https://doi.org/10.1109/Sec Tech.2008.22
[3]. Bohossian, V., Fan, C. C., LeMahieu, P. S., Riedel, M. D., Xu, L., & Bruck, J. (2001). Computing in the RAIN: A reliable array of independent nodes. IEEE Transactions on Parallel and Distributed Systems, 12(2), 99-114. https://doi.org/10.1 109/71.910866
[4]. Buckley, I. A., & Fernandez, E. B., (2019, July). Reliability Patterns: A Survey. In Industry, Innovation, and Infrastructure for Sustainable Cities and Communities: Proceedings of the 17th LACCEI International Multi-Conference for Engineering, Education and Technology. https://doi.org/ 10.18687/LACCEI2019.1.1.53
[5]. Bykovyy, P., Pigovsky, Y., Kochan, V., Sachenko, A., Markowsky, G., & Aksoy, S. (2008, July). Genetic algorithm implementation for distributed security systems optimization. In 2008, IEEE International Conference on Computational Intelligence for Measurement Systems and Applications (pp. 120-124). IEEE. https://doi.org/10.1109/CIMSA.2008. 4595845
[6]. Cappello, F., Djilali, S., Fedak, G., Herault, T., Magniette, F., Néri, V., & Lodygensky, O. (2005). Computing on large-scale distributed systems: XtremWeb architecture, programming models, security, tests and convergence with grid. Future Generation Computer Systems, 21(3), 417-437. https://doi.org/10.1016/j.future.20 04.04.011
[7]. Chang-Ji, W., Jian-Ping, W., & Hai-Xin, D. (2003, August). Using attribute certificate to design role-based access control. In Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies (pp. 216-218). IEEE. https:// doi.org/10.1109/PDCAT.2003.1236291
[8]. Chatterjee, P., Kumar, E. R., Mamatha, C., & Kumar, M. G. (2017). Security implementation in distributed systems- ATM. International Journal of Mechanical Engineering and Technology (IJMET), 8(12), 680-683.
[9]. De Palma, N., Hagimont, D., Boyer, F., & Broto, L. (2012). Self-protection in a clustered distributed system. IEEE Transactions on Parallel and Distributed Systems, 23(2), 330-336. https://doi.org/10.1109/TPDS.2011.161
[10]. Demir, O., & Khan, B. (2010, January). Quantifying distributed system stability through simulation: A case study of an agent-based system for flow reconstruction of ddos attacks. In 2010, International Conference on Intelligent Systems, Modelling and Simulation (pp. 312-317). IEEE.
[11]. Ding, Y., Liu, F., & Tang, B. (2012). Context-sensitive trust computing in distributed environments. Knowledge-Based Systems, 28, 105-114. https://doi.org/10.1016/j.knosys.201 1.12.006
[12]. Domingo-Ferrer, J., & Mateo-Sanz, J. M. (2002). Practical data-oriented microaggregation for statistical disclosure control. IEEE Transactions on Knowledge and Data Engineering, 14(1), 189-201. https:/doi.org/10.1109/ 69.979982
[13]. Enokido, T., & Takizawa, M. (2007, December). A Legal Information flow (LIF) scheduler for distributed systems. In 2007, International Conference on Parallel and Distributed Systems (pp. 1-8). IEEE. https://doi.org/10.1109/ ICPADS.2007.4447830
[14]. Firdhous, M. (2012). Implementation of security in distributed systems - A comparative study. International Journal of Computer Information Systems (IJCIS), 2(2), 1-6.
[15]. Ghafari, Z., Arian, T., & Analoui, M. (2015). SFAMSS: A secure framework for ATM machines via secret sharing. arXiv preprint arXiv:1505.03078.
[16]. Hamdi, H., & Mosbah, M. (2009, July). A DSL framework for policy-based security of distributed systems. In 2009, Third IEEE International Conference on Secure Software Integration and Reliability Improvement (pp. 150- 158). IEEE. https://doi.org/10.1109/SSIRI.2009.43
[17]. Harinath, D., Satyanarayana, P., & Murthy, M. R. (2017). A review on security issues and attacks in distributed systems. Journal of Advances in Information Technology, 8(1).
[18]. He, M., Hu, A., & Qiu, H. (2009, January). Research on secure key techniques of trustworthy distributed system. In 2009, International Conference on Computer Engineering and Technology (Vol. 1, pp. 172-176). IEEE. https://doi.org/ 10.1109/ICCET.2009.100
[19]. Huang, L. D., Xue, G., He, X. L., & Zhuang, H. L. (2010). A trust model based on evidence theory for P2P systems. In Applied Mechanics and Materials (Vol. 20-23, pp. 99-104). Trans Tech Publications Ltd. https://doi.org/10.4028/www. scientific.net/AMM.20-23.99
[20]. Huang, X., Xiang, Y., Chonka, A., Zhou, J., & Deng, R. H. (2010). A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 22(8), 1390-1397. https://doi.org/10.1 109/TPDS.2010.206
[21]. Jiang, L., Xu, J., Zhang, K., & Zhang, H. (2012). A new evidential trust model for open distributed systems. Expert Systems with Applications, 39(3), 3772-3782. https://doi. org/10.1016/j.eswa.2011.09.077
[22]. Khan, S., Gani, A., Wahab, A. W. A., & Singh, P. K. (2018). Feature selection of denial-of-service attacks using entropy and granular computing. Arabian Journal for Science and Engineering, 43(2), 499-508. https://doi.org/ 10.1007/s13369-017-2634-8
[23]. Koshutanski, H. (2009). A survey on distributed access control systems for web business processes. International Journal of Network Security, 9(1), 361-369.
[24]. Le, D. N., Van, V. N., & Giang, T. T. T. (2016). A new private security policy approach for DDoS attack defense in NGNs. In Information Systems Design and Intelligent Applications (pp. 1-10). New Delhi, Springer. https://doi.org/ 10.1007/978-81-322-2757-1_1
[25]. Lin, C., & Varadharajan, V. (2006, April). Trust based risk management for distributed system security - A new approach. In First International Conference on Availability, Reliability and Security (ARES'06) (pp. 8-pp). IEEE. https://doi. org/10.1109/ARES.2006.139
[26]. Neuman, B. C. (1993, May). Proxy-based authorization and accounting for distributed systems. In Proceedings of the 13th International Conference on Distributed Computing Systems (pp. 283-291). IEEE. https:/doi.org/10. 1109/ICDCS.1993.287698
[27]. Nuredini, K. (2013, July). Security issues in distributed systems - A survey. In 1st International Symposium on Computing in Informatics and Mathematics.
[28]. Pallickara, S., Ekanayake, J., & Fox, G. (2007, March). A scalable approach for the secure and authorized tracking of the availability of entities in distributed systems. In 2007, IEEE International Parallel and Distributed Processing Symposium (pp. 1-10). IEEE. https://doi.org/10.1 109/IPDPS.2007.370293
[29]. Peng, T., Leckie, C., & Ramamohanarao, K. (2002). Detecting distributed denial of service attacks using source IP address monitoring. In Proceedings of the Third International IFIP-TC6 Networking Conference (Networking 2004).
[30]. Prakash, V., & Darbari, M. (2012). A review on security issues in distributed systems. International Journal of Scientific & Engineering Research, 3(9).
[31]. Priyadarshini, S. B. B., Bagjadab, A. B., & Mishra, B. K. (2019). Security in distributed operating system: A comprehensive study. In Le, D. N., Kumar, R., Mishra, B. K., Chatterjee, J. M., & Khari, M. (Eds.), Cyber Security in Parallel and Distributed Computing: Concepts, Techniques, Applications and Case Studies (pp. 221-230). https://doi. org/10.1002/9781119488330.ch14
[32]. Qi, W., Song, J., & Bao, Y. B. (2010, April). Near-uniform range partition approach for increased partitioning in large database. In 2010, 2nd IEEE International Conference on Information Management and Engineering (pp. 101-106). IEEE.
[33]. Ramana, K. S., Chari, A. A., & Kasiviswanth, N. (2010). A survey on trust management for mobile ad hoc networks. International Journal of Network Security & Its Applications, 2(2), 75-85.
[34]. Rhee, K., Kwak, J., Kim, S., & Won, D. (2005, April). Challenge-response based RFID authentication protocol for distributed database environment. In International Conference on Security in Pervasive Computing (pp. 70- 84). Heidelberg, Berlin: Springer. https://doi.org/10.1007/ 978-3-540-32004-3_9
[35]. Samarati, P. (2001). Protecting respondents identities in microdata release. IEEE Transactions on Knowledge and Data Engineering, 13(6), 1010-1027.
[36]. Sawant, M., Kinage, K., Pilankar, P., & Chaudhari, N. (2013). Database partitioning: A review paper. International Journal of Innovative Technology and Exploring Engineering (IJITEE). 3(5), 82-85.
[37]. Shehab, M., Ghafoor, A., & Bertino, E. (2008). Secure collaboration in a mediator-free distributed environment. IEEE Transactions on Parallel and Distributed Systems, 19(10), 1338-1351. https://doi.org/10.1109/TPDS.2008.26
[38]. Shenbagavadivu, N., & Savithri, S. U. (2012). Enhanced information security in distributed mobile system based on delegate object model. Procedia Engineering, 30, 774-781. https://doi.org/10.1016/j.proeng.2012.01.927
[39]. Shetty, S., Kamhoua, C. A., & Njilla, L. L. (Eds.). (2019). Blockchain for distributed systems security. John Wiley & Sons.
[40]. Sinha, P. K. (1998). Distributed operating systems: Concepts and design. PHI Learning Pvt. Ltd.
[41]. Sirbu, M. A., & Chuang, J. I. (1997, February). Distributed authentication in Kerberos using public key cryptography. In Proceedings of SNDSS'97: Internet Society 1997 Symposium on Network and Distributed System Security (pp. 134-141). IEEE. https://doi.org/10.1109/NDSS. 1997.579231
[42]. Sloman, M. (1994). Policy driven management for distributed systems. Journal of Network and Systems Management, 2(4), 333-360. https://doi.org/10.1007/Bf0 2283186
[43]. Sloman, M., Magee, J., Twidle, K., & Kramer, J. (1993, September). An architecture for managing distributed systems. In 1993, 4th Workshop on Future Trends of Distributed Computing Systems (pp. 40-46). IEEE. https:// doi.org/10.1109/FTDCS.1993.344178
[44]. Specht, S., & Lee, R. (2003). Taxonomies of distributed denial of service networks, attacks, tools and countermeasures. [Technical Report], Princeton University, Princeton, NJ, USA.
[45]. Stading, T. (2003, May). Secure communication in a distributed system using identity based encryption. In 2003, 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid 2003), (pp. 414-420). IEEE. https://doi.org/10.1109/CCGRID.2003.1199395
[46]. Stallings, W. (2006). Cryptography and network security, (4th ed). Pearson Education India.
[47]. Tanenbaum, A. S., & Steen, M. van. (2007). Distributed systems: Principles and paradigms (2nd ed.). Pearson Prentice Hall.
[48]. Thakur, B. S., & Chaudhary, S. (2013). Content sniffing attack detection in client and server side: A survey. International Journal of Advanced Computer Research, 3(2), 7-10.
[49]. Tillwick, H., & Olivier, M. S. (2004, July). A layered security architecture: Design issues. In Proceedings of the Fourth Annual Information Security South Africa Conference (ISSA2004).
[50]. Toshniwal, D. (2013, February). Clustering techniques for streaming data - A survey. In 2013, 3rd IEEE International Advance Computing Conference (IACC) (pp. 951-956). IEEE. https://doi.org/10.1109/IAdCC.2013.6514355
[51]. Uzunov, A. V., Fernandez, E. B., & Falkner, K. (2012). Securing distributed systems using patterns: A survey. Computers & Security, 31(5), 681-703. https://doi.org/10.1 016/j.cose.2012.04.005
[52]. Vijayarani, S., & Jothi, M. P. (2014). Partitioning clustering algorithms for data stream outlier detection. International Journal of Innovative Research in Computer and Communication Engineering, 2(4), 3975-3981.
[53]. Vitti, P. A. F., dos Santos, D. R., Westphall, C. B., Westphall, C. M., & Vieira, K. M. M. (2014). Current issues in cloud computing security and management. SECURWARE.
[54]. Wang, J., & Sun, H. J. (2009). A new evidential trust model for open communities. Computer Standards & Interfaces, 31(5), 994-1001. https://doi.org/10.1016/j.csi. 2008.09.025
[55]. Xiaoyong, T., Li, K., Zeng, Z., & Veeravalli, B. (2010). A novel security-driven scheduling algorithm for precedenceconstrained tasks in heterogeneous distributed systems. IEEE Transactions on Computers, 60(7), 1017-1029. https://doi. org/10.1109/TC.2010.117
[56]. Xie, T., & Qin, X. (2007). Performance evaluation of a new scheduling algorithm for distributed systems with security heterogeneity. Journal of Parallel and Distributed Computing, 67(10), 1067-1081. https://doi.org/10.1016/j.j pdc.2007.06.004
[57]. Xu, Y., Korba, L., Wang, L., Hao, Q., Shen, W., & Lang, S. (2003, August). A security framework for collaborative distributed system control at the device-level. In IEEE International Conference on Industrial Informatics (pp. 192-198). IEEE. https://doi.org/10.1109/INDIN.2003.13002 69
[58]. Yao, W. T. M. (2003, May). Fidelis: A policy-driven trust management framework. In International Conference on Trust Management (pp. 301-317). Heidelberg, Berlin: Springer. https://doi.org/10.1007/3-540-44875-6_22
[59]. Yau, S. S., Bonatti, P. A., Feng, D., & Thuraisingham, B. (2005, July). Security and privacy in collaborative distributed systems. In 29th Annual International Computer Software and Applications Conference (COMPSAC'05) (Vol. 1, pp. 267-Vol). IEEE. https://doi.org/10.1109/COMPS AC.2005.137
[60]. Yu, B., & Singh, M. P. (2002, July). An evidential model of distributed reputation management. In Proceedings of the First International Joint Conference on Autonomous Agents and Multiagent Systems: Part 1 (pp. 294-301).
[61]. Zhou, H., Meng, X., Zhang, L., & Qiao, X. (2010). Quorum systems for intrusion-tolerance based on trusted timely computing base. Journal of Systems Engineering and Electronics, 21(1), 168-174. https://doi.org/10.3969/j. issn.1004-4132.2010.01.027
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.