Datasheet

32 Part I  Overview of Commerce

for the credentials sent by the user. There are two types of overheads

associated with such systems. There is an overhead of generating the

CRLs to send to the access controller. However, the more signiﬁcant

overhead is that each time the access controller performs an access

check it needs to see whether there is a CRL associated with each user

credential. This may lead to a loss of scalability, especially if there are

a huge number of users.

Passive Revocation Mechanism:



This type of revocation mechanism is

accomplished through expiration times provided in most certiﬁcates.

During the generation of certiﬁcates, an expiration time is provided

after which the certiﬁcate is deemed invalid. In terms of scalability,

the passive revocation mechanisms are better than their active coun-

terparts. However, the scalability comes at a cost. Let’s assume that

the certiﬁcate is issued at time T and expires at time T + t. Now let’s

assume that the user is compromised just after T. Then for a period of

t, the adversary is capable of compromising the system further. If t is

small, then the system is more secure. However, smaller t also indi-

cates that more authorizations are required, reducing the scalability of

the system. Therefore, there is a trade-off between the scalability and

security, which is tuned by the choice of the time t.

Threats

One school of thought deﬁnes security purely based on the types and categories

of threats it should protect against. One of the most important security threats

existing in any infrastructure is the malicious service disruption created by adver-

saries. Many examples exist in the Internet space where servers and networks

are brought down by a huge amount of network trafﬁc, and users are denied

access to a service. Because cloud computing deployment has not reached the

“critical mass” yet (that is, not every single service provider on the Internet is

deploying cloud computing), the service level attacks are still limited. However,

with cloud computing poised for a huge growth in the next few years, this area

is of the utmost concern. The cloud service level security issues can be further

subdivided into two main types: denial of service (DoS) and Distributed Denial

of Service (DDoS) issues; and Quality of Service (QoS) violation issues, which in

turn is the forced QoS violation by the adversary through congestion, delay-

ing or dropping packets, or through resource hacking.. The D/DoS is the more

dangerous of the two where access to a certain service is denied.

DoS

The solutions proposed for DoS (denial of service) attacks can be categorized

into two primary types: preventive solutions and reactive solutions. Preventive

624463c01.indd 32 3/29/11 2:26:36 AM