In Chapter 1, we covered several key principles of secure computing. In this chapter, we will take a closer look at the interesting challenges that are present when considering the security of distributed systems. As we will see, being distributed considerably increases the potential threats to the system, thus also increasing the complexity of security measures needed to help mitigate those threats. A real-life example will help illustrate how security requirements increase when a system becomes more distributed.
Let’s consider a bank as an example. Many years ago, everyday banking for the average person meant driving down to the local bank, visiting a bank teller, and conducting transactions in person. The bank’s security measures would have included checking the person’s identification, and account number, and verifying that the requested action could be performed, such as ensuring there was enough money in the account to cover a withdrawal.
Over the years, banks became larger. Your local hometown bank probably became a branch of a larger bank, thus giving you the ability to conduct banking not just at the bank’s nearby location but also at any of its other locations. The security measures necessary to protect assets have grown because there is no longer just a single physical location to protect. Also, more bank tellers need to be properly trained.
Taking this a step further, banks eventually started making use of ATMs to allow customers ...