Week 9 - Distributed Systems & Security

Learning Objectives:

In this week of the course, you will learn to:

• Describe 5 key goals of distributed systems and the 8 fallacies that make it hard to achieve those goals
• Characterize the benefits of replication and partitioning in distributed systems
• Evaluate the tradeoffs between consistency and availability in distributed systems
• Recognize the causes of and common mitigations for common vulnerabilities in web applications

Important Dates:

• HW4 Due Mar 19 by 10pm

Lessons:

• 9.1: Why Engineer Distributed Software? Video, Slides: PDF, PPT, Keynote
• 9.2: Strategies for Engineering Distributed Software Video, Slides: PDF, PPT, Keynote
• 9.3: Software Engineering + Security Threats Video, Slides: PDF, PPT, Keynote
• 9.4: Engineering Secure Software Video, Slides: PDF, PPT, Keynote

Resources

• Prof Bell’s in-class notes reviewing Distributed Systems, in-class notes reviewing Security, vulnerable transcript app
• Juice Shop Activity

For further reading:

• “Distributed Systems for Fun and Profit” by Mikito Takada
• “Fallacies of Distributed Computing” (Wikipedia)
• “The CAP FAQ - The Paper Trail”
• “OWASP Top 10 Web Security Risks”
• LGTM analysis of transcript server and XSS example on transcript server (This link might be annoying, but is not malicious)
• Software supply-chain vulnerabilities: ESLint 2018 attack, Podcast on SolarWinds attack