Security and Performance Verification of Distributed Authentication and Authorization Tools

Parallel distributed systems are widely used for dealing with massive data sets and high performance computing. Securing parallel distributed systems is problematic. Centralized security tools are likely to cause bottlenecks and introduce a single point of failure. In this paper, we introduce existing distributed authentication and authorization tools. We evaluate the quality of the security tools by verifying their security and performance. For security tool verification, we use process calculus and mathematical modeling languages. Casper, Communicating Sequential Process (CSP) and Failure Divergence Refinement (FDR) to test for security vulnerabilities, Petri nets and Karp Miller trees are used to find performance issues of distributed authentication and authorization methods. Kerberos, PERMIS, and Shibboleth are evaluated. Kerberos is a ticket based distributed authentication service, PERMIS is a role and attribute based distributed authorization service, and Shibboleth is an integration solution for federated single sign-on authentication. We find no critical security and performance issues

Analysis of Real-Time Concurrent System Models Based on CSP Using Stochastic Petri Nets,” presented at 12th ESM

This paper addresses the real-time and reliability analysis of models for concurrent systems. Such models define independent entities that cooperate by explicit communication. Communications represent visible actions which, if they do not occur or are delayed beyond their deadline, will cause a failure to occur. This approach converts a formal functional system description into the information needed to predict its behavior as a function of observable parameters (i.e., topology, fault-tolerance, deadlines, communications and failure categories). The CSP-based models are translated into Stochastic Petri nets (SPNs) using our tool CSPN ( C SP-to- S tochastic P etri N ets). 1 dependent on the system, its operating environment, workload and system design including the integration and testing process