-1

I am currently in progress in a MS in Computer Engineering program. I am looking around for thesis topics related to security (my specialization is in distributed computing). I've been given some ideas by my adviser such as the impact of security on a business, but I find this a bit boring.

I'm currently enrolled in an application security course and I'm finding the content rather interesting. What are somethings I could look at in this area?

MGZero
  • 225
  • 3
  • 6
  • 1
    Hi MGZero.This question is not fit for our Q&A format. Please see http://security.stackexchange.com/help/dont-ask – Shurmajee Jun 12 '13 at 04:23
  • 1
    **Do not vote to close this question.** We can call agree that secureity.se is not here to help someone pass graduate school, however the intersection of security and distributed systems is an interesting realm. I"m sure Mayank Sharma can agree with this. – rook Jun 12 '13 at 05:09
  • 3
    @Rook After the edit,the Question definitely looks better but I feel this is not exactly what the OP was asking for. – Shurmajee Jun 12 '13 at 05:26
  • 2
    @Rook I agree with Mayank. Title definitely changes the question too much. The OP isn't asking about the impact of security on distributed systems... He didn't mention that the thesis has to revolve around distributed computing.. Opting to roll back. –  Jun 12 '13 at 05:47
  • 2
    @MGZero This isn't a really suitable question for the main site, however you are welcomed to join us at the chat room to discuss this more. :) –  Jun 12 '13 at 05:48
  • While doing a bit of research I found this thread... http://academia.stackexchange.com/questions/1646/how-to-select-a-masters-thesis-topic-if-your-advisor-wont-suggest-one – AbsoluteƵERØ Jun 12 '13 at 06:58
  • 1
    With all due respect for the topic inquired about, and while I agree with this would be an intriguing research topic, I have to vote based on suitability of the question as it looks now. It could probably be rewritten to be a better fit for our Q&A here, but that would change its intentions substantially, meaning it's not for us to do but for OP. @Rook, I suggest you simply ask a new question that would fit your answer better and then move it there, as it would be a shame to share the fate of this question. And you can get the _disciplined_ badge for it too, if it helps :)) Cheers! ;) – TildalWave Jun 12 '13 at 08:36
  • 1
    @TildalWave a bit of a rewrite: http://security.stackexchange.com/questions/37380/how-can-an-attacker-abuse-a-distributed-system – rook Jun 12 '13 at 17:25
  • All good guys, thanks for pointing me in the proper direction and providing some links! – MGZero Jun 12 '13 at 19:37

1 Answers1

4

Security + Distributed Systems narrows down the attack pattern significantly. I can only think of one condition in which these two domain come into play... money.

What if finical transactions where backed with an eventually consistent database? Maybe it would net thieves around $1 million USD. Non-relational databases are all the rage, but what if you where to pick Cassandra instead of HBASE as a database for finical transactions?

Out of Availability, Consistency and partition tolerance, you can only pick two: enter image description here

In the realm of finance, availability is key. DoS attacks mean a loss to a company's quality profit. This attack literary denies a finical institution the ability to consume. Consistency is also vital, without this, thieves are able to able to exploit a race condition...

but is that the final verdict?

rook
  • 46,916
  • 10
  • 92
  • 181