International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 1

ISSN 2229-5518

A Review on Security Issues in Distributed

Systems
Vijay Prakash, Manuj Darbari

Abstract— Development of secured and trusted distributed systems is a critical research issues. This paper is a contribution towards th e
summerization of work carried out in this field as well as identifies new research lines. Several approaches about security aspects in
distributed systems have been discussed, like authentication based approaches, development of trust based models, access control based
approaches, etc. A summarization of these issues is given in conclusion section. Apart from this, many research lines about secure
distributed systems are discussed.

Index Terms—Distributed System Security, authentication, cryptography, quorum, mobile agent, trust based models, access control.

——————————  ——————————

1 INTRODUCTION

T he security techniques in distributed systems [1, 2, 44] are

the important issues. Several elements of distributed sys-
tem security are identified, like authentication, authoriza-
etc.

2.1 Authentication Based Secuirty

tion, encryption and system protection. In initial days , the A path authentication technique has been proposed in [1]. An on
security management environment was based on single au- demand path discovery algorithm has been proposed to enable
thority systems but now the focus is on the development of domains to securely discover paths in the collaboration environ-
per activity, authorities and groups with shared responsibili- ment.
ties. A transport scheme for tracking the availability of entities in dis-
The general security attacks on the distributed systems are tributed systems has been proposed in [2].
eavesdropping (gaining secret information), masquerading Heterogeneous distributed systems are highly applicable in vari-
(making assumptions on the identity of users), and message ous applications, like electronic transaction processing systems,
tempering (changing the content of the message), replaying stock quote update systems which are requiring a highly efficient
the message and denial of services. integration of authentication, integrity and confidentiality. A sys-
The trustworthiness of distributed systems is important in a tematic security driven scheduling architecture has been designed
number of environments. For expressive economy the term in [3]. This technique has been proposed for DAG (Direct
security is used to represent both its traditional meaning as Acyclic Graph).The approach dynamically measures the trust of
well as those notions carried by the term privacy. each node.
Before discussing the factors affecting security in distributed The authentication of remote client is an important research area
systems, an overview of distributed system architecture is pre- in the distributed systems. A three factor based authentication
sented and used as a framework for subsequent analysis. approach for this purpose in [4]. In this, a two factor authentica-
This paper has been divided into 3 secions. Section 2 explains tion has been extended to three factor authentication; it ensures
various security aspects of distributed systems. Section 3 con- the client privacy efficiently in distributed systems. The three
cludes the new research lines in developing secure distributed factors used to develop this approach are, password, smart card
systems. Section 4 is conclusion and future scope. and biometrics.
In [5], various aspects of the security in distributed systems has
been given including, user authentication using passwords and
2 SECURITY APPROACHES IN DISTRIBUTED SYSTEMS digital certificates and confidentiality in data transmission.
The role of authentication servers in distributed computing sys-
Various kinds of security approaches are used to make a se- tems has been discussed in [6].The main design issue are the
cure distributed system. These are authentication based, trust cryptographic algorithms, synchronization and amount of trust.
based, access control based, cryptography techniques based A secured password based authentication with a trusted third
party is developed in [7]. The approach is based on well-known
———————————————— authentication protocol, called KerberOS.
Vijay Prakash is currently pursuingPh.D. from BBD University in Department
of Computer Science & Engineering. He. is M. Tech. and M. Phil. E- 2.2 Trust Based Security Approaches
mail:vijaylko@gmail.com A trust based model has been developed in [16] for various appli-
Manuj Darbari is working as a Professor in the Department of Computer
Science & Engineering in BBD Univerity, Lucknow, India. He is Ph. D. in cations, like P2P system.
Computer Science. He has published many papers at national and international Trust models are playing important role in the development of
level. E-mail: manujuma@gmail.com security systems in distributed applications. An extended D-S
IJSER © 2012
http://www.ijser.org
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 2
ISSN 2229-5518

theory based trust model (ExDSTM) is developed in [17]. Other The actual integration of security policies in distributed systems
D-S theory models are proposed in [18, 19, 20]. has been discussed in [25]. These security policies are manually
A dynamic and context sensitive trust based security mechanism configured and automatically enforced to the distributed system.
has been developed in [21].
A risk management has been integrated into security by using a 2.6 Pattern Based Security
trust model in [8].This model shows that the risk management
can be applied to maximize the utilization of the distributed sys- Various types of security patterns for distributed system security
tem. This model has the utility to evaluate the trust, also. are received in [26] .Various types of pattern based security
methodologies are well discussed and their maturity and appro-
2.3 Access Control Based Security priateness are evaluated.

A path authentication technique has been proposed in [1]. An on 2.7 Quorum Based Security Systems
demand path discovery algorithm has been proposed to enable
domains to securely discover paths in the collaboration environ- Quorum systems are highly applicable for solving the problem of
ment. data consistency in distributed fault-tolerant systems in [27], an
A transport scheme for tracking the availability of entities in dis- Intrusion – Tolerance Quorum System [ITOS] of hybrid time
tributed systems has been proposed in [2]. model based on Trust Timely Computing Base (TTCB) has been
Heterogeneous distributed systems are highly applicable in vari- proposed.
ous applications, like electronic transaction processing systems, A role based access control model has been developed in [28].
stock quote update systems which are requiring a highly efficient The Role Ordering (RO) schedulers are introduced along with
integration of authentication, integrity and confidentiality. A sys- concurrency control based on significance of roles assigned to the
tematic security driven scheduling architecture has been designed transactions.
in [3]. This technique has been proposed for DAG (Direct
2.8 Other Security Based Approaches
Acyclic Graph).The approach dynamically measures the trust of
each node. A mobile agent based security model has been proposed in
The authentication of remote client is an important research area [29].This model explains and analyze the strength of security and
in the distributed systems. A three factor based authentication various threats.
approach for this purpose in [4]. In this, a two factor authentica- The ability of the system to detect the illegal behaviours and fight
tion has been extended to three factor authentication; it ensures back in intrusion with counter measures is called self protection.
the client privacy efficiently in distributed systems. The three A methodology for assessing, implementing and evaluating the
factors used to develop this approach are, password, smart card self-protected system has been proposed in [30].
and biometrics. The efficient collaboration in between security and privacy for
In [5], various aspects of the security in distributed systems has distributed system security has been discussed in [31].
been given including, user authentication using passwords and The design of distributed security systems can be optimized. Ge-
digital certificates and confidentiality in data transmission. netic algorithm has been utilized for this purpose in [32].
The role of authentication servers in distributed computing sys- A security heterogeneity approach for scheduling model in the
tems has been discussed in [6].The main design issue are the distributed system has been developed in [33]. A novel heuristics
cryptographic algorithms, synchronization and amount of trust. scheduling algorithm has been proposed, which strives to maxi-
A secured password based authentication with a trusted third mize probability that all tasks are executed without any risk asso-
party is developed in [7]. The approach is based on well-known ciated with attack.
authentication protocol, called KerberOS. In [34] XtremWeb architecture has been discussed which consists
2.4 Cryptography Based Approaches of computing functioning in a large scale distributed systems.
A framework of security in a distributed system mainly consider- The architecture of the system and parallel programming para-
ing a device level system control has been proposed in [22]. Pub- digms are discussed very well.
lic key cryptography, software agents and XML binding tech- A proposal for secure transaction in mobile system based on
nologies are considered for this approach. delegate object model in [35].It focuses on the challenging issue
The development of secure distributed systems uses various ap- of distributed nature in modern computer systems.
The RAIN technology is discussed in [36], which is a research
proaches, like Public Key Infrastructure (PKI) and Role Based
collaboration between Caltech and NASA-JPL on distributed
Access Control (RBAC). In [23], RBAC approach has been used
to develop authentication based on Public Key Certificates computing and data storage systems for future borne missions.
(PKC). Several proof of concept applications are developed: like, highly
available web server, video server, distributed check pointing
2.5 Policy Based Approaches system.
A policy based distributed system security mechanism has been Legal Information Flow (LIF) scheduler is proposed in [37] to
developed in [24]. This framework provides modular security synchronize transactions so as to prevent illegal information
policies and independent of underlying system .This framework flows.
is based on domain-specific language for specification, verifica-
tion and implementation of distributed system security policies.
IJSER © 2012
http://www.ijser.org
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 3
ISSN 2229-5518

An approach for secure service discovery by employing and in- TABLE – I

cremental progressive exposure approach has been developed in Summerization of various security aspects in distributed
[38]. systems
Building secure P2P file sharing system is an important research
area. A powerful adversary model has been proposed in [39] for S. Category Focus Reference
implementing a threat adaptive secure file sharing system. No.
An open authentication model based on CORBA security service
1 Authenticat Path authentication [1]
specification has been proposed in [40].
The security of information transmission over networks in dis- ion Based technique
tributed system is considered in [41]. Approaches Security driven [3]
The secure functions in considering two models of non- scheduling architecture
repudiation protocols are discussed in [42], which are specified Remote Client [4]
using the Markovian Process Algebra PEPA. authentication
A model has been designed in [43], which provides support for Passwords, digital [5,7]
distributed advanced workflow transactions. Such kinds of work
certificates and
are called transactions. Such kinds of work are called transac-
tional work flow. confidentiality
For the purpose of modelling security protocols in distributed Cryptography in [6, 22, 23]
systems UML2 have been utilized in [45]. authentication servers
2 Trust based Risk management [8]
3 SECURITY ISSUES AND CHALLENGES security P2P System [16]
The secured implementation of distributed systems has been Extended D-S theory [17, 18, 19,
generated lot of critical issues. Some of these are as follows: based model 20]
1. Identification of methodology which asseses the secu- Context sensitive trust [21]
rity level in any system model
2. Monitoring of the system security 3 Policy Modular security policies [24, 25]
3. Development of security metrices based
4. Integration of techniques, like Cryptography etc. for
security
secure distributed data communication
5. Application of middle ware in distributed system se- 4 Pattern Security pattern for [26]
curity based distributed systems
6. Application of web services in security purpoases security
5 Quorum Distributed fault [27]
3 CONCLUSIONS AND FUTURE SCOPE based tolerance system
security
Authentication, access control, cryptographic techniques, quo-
rum based system, trust based models etc. are many develop- 6 Other Mobile agent based [29]
ments towards the generation of secure and trusted distri- techniques system
buted systems. Such type of issues are well briefed in TABLE – Genetic Algorithm based [32]
I. X-Tron Web Architecture [34]
In future the authors are keen to devlop the new and competi- RAIN Technology [36]
tive approaches for the development of secured distribured
LIF Schedular [37]
systems.
REFERENCES
[1] M. Shehab, A. Ghafoor, E. Bertino, Secure collaboration in a media-
tor free distributed environment, IEEE Transactions on Parallel and
Distributed Systems, vol. 19, no.10, pp.1338-1351, 2010.
[2] S. Pallickara, J. Ekanayake, G. Fox, A scalable approach for the secure
and authorized tracking of the availability of entities in distributed
systems, IEEE International Parallel and distributed Processing sym-
posium , pp. 1-10, 2007
[3] T. Xiaoyong, K. Li, Z. Zong, B. Veeravalli, A novel security-driven
scheduling algorithms for precedence-constrained tasks in heteroge-
neous distributed systems, IEEE Transactions on Computers, vol 60,
no.7, 2011, pp.1017-1029.
[4] X. Huang, Y. Xiang, A. Chonka, J. Zhou, R.H Deng, A generic
framework for three factor authentication: Preserving security and

IJSER © 2012
http://www.ijser.org
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 4
ISSN 2229-5518

privacy in distributed systems, IEEE Transactions on Parallel and Software Integration and Reliability Improvements, pp. 150-158,
Distributed Systems, vol. 222, no.8 2011, pp.1390-1397. 2009.
[5] K. Vieira, A. Schulter, C. B. Westphall, C. M. Westphall, IT profes- [25] H. Hamdi, A. Bocehula, M. Mosbah, International Conference on
sional ,vol. 12 no. 4, 2010, 38-43. Emerging security Information , systems and technologies 2007,
[6] D. Gollmann, T. Beth, F. Damm, Authentication services in distrib- pp.187-192.
uted systems, Computers and Security , vol. 12, no. 8, Dec.1993, [26] A. V. Uzunov, E. B. Fernandez, K. Falkner, Securing Distributed
pp.753-764. systems using patterns: a survey, Computers and Security ,in press,
[7] W. J. Seung, J. Souhan, Secure Password authentication for distrib- http://dx.doi,org/10.1016/j.cose.2012.04.005.
uted computing, International Conference on Computational Intelli- [27] H. Zhou, X. Meng, L. Zhang, X. Oiao, Quorum systems for intrusion
gence and Security, 2006, vol.2, pp.1345-1350. tolerance based on trusted timely computing base, Journal of Sys-
[8] C. Lin, V. Varadharajan, Trust based risk management for distributed tems, Engineering and Electronics, vol 21, no.1 pp.168-174,2010.
system security-a new approach, First International Conference on [28] E. Tomoya, T. Makoto, Con-currency control based on significance
Availability, Reliability and Security, 2006, ARES 2006. on roles; 11th International Conference on Parallel and Distributed
[9] Y. Bai, On distributed system security, International Conference on Systems, vol. 1, pp.196-202.
Security Technology, 2008, 54-57. [29] L. Qi, L. Yu, Mobile agent based security model for distributed sys-
[10] H. Koshutanski, A survey on distributed access control systems for tem, 2001 IEEE International Conference on Systems, Man and Cy-
web business process, International Journal of Network Security, vol bernetics, vol. 3, pp. 1754-1759, 2001.
9, no.1, pp.61-69, July 2009. [30] N. De Palma, D. Hagimont, F.Boyer, L. Broto, Self protection in a
[11] D. Chadwick, A. Oterko, E. Ball, Role base access control with X.509 clustered distributed systems, IEEE Transactions on Parallel and Dis-
attribute certificates, IEEE Internet Computing, 7(2), pp. 62-69, tributed Systems, vol. 23, no. 2, 2012, pp. 330-336.
Mar/Apr. 2003. [31] S. S. Hau, P. A. Bonatti, F. Dengguo, B. Thuraisingham, Security and
[12] R. Oppliger, A. Grenlich, P. Trachsel, A distributed certificate man- privacy in collaborative distributed systems, 29 th Annual Interna-
agement system(DCMS) supporting group based access control, in tional Computer Software and Applications Conference, 2005 ,vol. 1.
Proc. 15th IEEE annual computer security application conference [32] P. Bykoyy, Y. Pigovsky, V. Kochan, A. Sachenko, G. Morkowsy, S.
(ACSAC’99) ,241-248,1999. Aksoy, Genetic algorithm implementation for distributed security
[13] K.Seamons, W. Winsbotough, Automated trust Negotiation Techni- systems optimization,2008 IEEE International Conference on Compu-
cal Report, Us Patent and Trade Mark office,2002,IBM Corporation, tational Intelligence for Measurement Systems and Applications,
Patent application field Max7,200. pp.120-124, 2008.
[14] W. Yao, Fidelis: A policy driven trust management framework in [33] T. Xie, X. Qin, Performance evaluation of a new scheduling algorithm
iTrust, LNCS 2692, pp. 301-314, Springer-Verlag, 2003. for distributed systems with security heterogeneity, Journal of Paral-
[15] Blaze M, Feigonbaum. J., Ioannidis J., Keromyties, A.D., The role of lel and Distributed Computing, vol. 67, no.10, Oct. 2007, pp.1067-
trust management in distributed system security in secure internet 1081.
programming: Security issues for mobile and distributed objects, [34] F. Cappello, S. Ojilali, G.Fedak, T. Herault, F. Magniette, U. Nen, O.
Vitek and Nensen, Editors, 1999, Springer-Verlag, Lodygensky, Computing on large-scale distributed systems: Xtream
http://www.Dgpter.com/papers/networksec.pdf. web architecture, programming models, security, tests and conver-
[16] H. Li, M. Singhal, Trust Management in distributed systems, Com- gence with grid, p2p computing and interaction with grid,
puter, vol. 40, no. 2 2007, pp. 45-53. 21(3),2005,417-437
[17] L. Jiang, J. Xu, K. Zhang, A new evidential trust model for open dis- [35] N. Shenbagavadivu,S. Usha Savithri ,Enhanced Information security
tributed systems, Expert systems with applications,39(3),2012,3772- in distributed mobile system based on delegate object model, Pro-
3782. cedeia Engineering, vol. 30, 2012, pp. 774-781.
[18] L. D. Huang, G. Xue, X. L. He, H. L. Zhuang, A trust model based on [36] V. Bohossian, C. C. Fan, P. S. Lemahieu, N. D. Riedel, L. Xu, J. Bnick,
evidence theory for P2P systems, Applied Mechanics and Materials, Computing in the RAIN : a reliable array of independent nodes, IEEE
20 (23), 2010, pp. 99-104. Transactions on Parallel and Distributed Systems, vol. 12, no.2, pp.
[19] J. Wang, H. J. Sun, A new evidential trust model for open communi- 99-114, 2001.
ties, Computer Standards and Open Interfaces, 31(5), pp.994-1001, [37] T. Enokido, M. Takizawa, A Legal Information Flow (LIF) scheduler
2009. for distributed systems, International Conference on Parallel and Dis-
[20] B. Yu, M. P. Singh, An evidential model of distributed reputation tributed Systems, 2007, vol. 2, pp. 1-8, 2007.
management, First International Joint Conference on Automous [38] J. Y. Vhoi, Z. Y. Li, H. Y. Yaun, O. Song, Privacy protection in service
Agents and Multiagent Systems, AAMAS, 2002 discovery for large scale distributed computing systems, IEEE Inter-
[21] Y. Ding, F. Liu, B. Tang, Context sensitive trust computing in distrib- national Symposium on Parallel and Distributed Processing Work-
uted environments, Knowledge Based Systems, vol. 28, pp.105-114, shops and Ph. D. Forum (IPDPSW), 2011, pp.1025-1032.
2012. [39] R. T. Di Piero, L. V. Mancini, A. Mei, Towards threat adaptive dy-
[22] Y. Xu, L. Korba, L. Wang, Q. Hao, W. Shen, S. Lang, A security namic fragment replication in large scale distributed systems, IEEE
framework for collaborative distributed system control at the device International Symposium on Parallel and distributed processing
level, IEEE International Conference on Industrial Informatics, 2003, ,2007, pp. 1-2.
pp.192-198. [40] K.-A. Chang, B.-R. Lee, T.-Y. Kim, Open authentication model sup-
[23] W. Chang-Ji, W. Jian-Ping, D. Hai-Xin, Using attribute certificate to porting electronic commerce in distributed computing electronic
design role- based access control, 4 th International Conference on commerce research, 2002, vol. 2, no.1-2, pp. 135-149.
Parallel and Distributed Computing, Applications and Technologies, [41] A.V. Bovoselov, V. E. Ansiperov, A. A. Nikitov, Information protec-
2003, pp.216-218, 2003. tion in distributed systems with the help of different layer protocols,
[24] H. Hamdi, M. Mosbah, A DSL framework for policy based security Journal of Communications Technology and Electronics, vol. 52, no.
of distributed systems, 3 rd IEEE International Conference on Secure 10, pp. 1133-1136, 2007.
IJSER © 2012
http://www.ijser.org
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 5
ISSN 2229-5518

[42] Y. Zhao, N. Thomas, Computing methods for efficient analysis of

PEPA models of non-repudiation protocols, 15th International Con-
ference on Parallel and Distributed Systems (ICPADS), 2009, pp. 821-
827.
[43] V. I. Wietrzyk, M. Tajuzawa, M. A. Orgun, V. Varadharajann, A se-
cure transaction environment for work flows in distributed systems,
8th International Conference on Parallel and Distributed Systems,
2001, 198-205.
[44] R. Anderson, Security engineering: a guide to building dependable
distributed systems, Wiley, 2010.
[45] X. Zhou, A modelling approach using UML2 for security protocols in
distributed systems, LNCS 2012, vol. 141, pp. 57-64.

IJSER © 2012
http://www.ijser.org