Home Up Feedback Contents Search

 
Grid2 Security

 

 

 

Security Example

 

 

Sponsor Links
IBM Virtualization Engine Grid Toolbox for Multiplatforms - ( v. 1.x ) - media
HP/Compaq Proliant BL20p G3 Blade Server
IBM eserver BladeCenter HS20 8832 - Xeon 3.2 GHz
logo_88x31
HP StorageWorks Modular SAN Array 1000, includes one controller and one single-port Fibre Channel I/O Module
Hotwire.com
Intel Server Compute Blade SBXL52 - no CPU
Red Hat Linux Advanced Server
Intel Cluster Math Kernel Library for Linux - ( v. 7.x ) - complete package
Dell Outlet
Intel Blade Server Chassis SBCE - desktop - 7 U
iBook G4
HP Installer Kit for Linux - media
HP StorageWorks Continuous Access EVA - ( v. 1 ) - complete package
HP Fabric Manager Enterprise - ( v. 4.x ) - complete package
IBM Cluster Systems Management Base for Xlinux/EServer - ( v. 1.4 ) - media
HP F500 Cluster for EVA Basic
S/W Integration Kit for HP OpenView NNM SNMP MGMT
HP StorageWorks 300mx MO Jukebox 2 Drives , 291.2 GB
Novanet Microsoft Clusters
HP StorageWorks Magneto-Optical Storage 2200mx , 2.17TB
MacMini_01

Security for Virtual Organizations: Federating Trust and Policy Domains
SECTION 1
Requirements
Grid Society
Example
Challenges
Architecture
Trust Domains
Dynamic Services

SECTION 2
Coming soon
 

SECTION 3
Coming soon
 

 

Frank Siebenlist, Nataraj Nagaratnam, Von Welch, and Clifford Neuman

This chapter discusses the security requirements encountered in Grid environments and how they are being addressed. We begin by describing Grid-specific security and policy challenges. We then discuss current trends in security technologies and their relationship to the Grid. We also introduce the ongoing efforts in the Global Grid Forum to define an Open Grid Services Architecture (OGSA) security model. Using the OGSA (279) (Chapter 17), we illustrate how a Grid security implementation takes shape. We conclude with a brief discussion of the current state of Grid security and the expectations for the near future.

This is an excerpt from Grid 2: Blueprint for a New Computing Infrastructure. Printed with permission from Morgan Kaufmann publishers, a division of Elsevier. Copyright 2005. For more information about this book and other similar titles, please visit www.books.elsevier.com/computing.


21.1 GRID SECURITY REQUIREMENTS

We focus first on general Grid security requirements, using the notion of a secure Grid society to expose the source of these requirements and how they may be addressed. We also present a real-world example of a Grid application, which demonstrates the nontrivial nature of the security requirements. The virtual organization concept is used to model Grid collaborations and their security challenges.

21.1.1 The Secure Grid Society

To make a society prosper, one needs rules (both written and unwritten), understanding of good and bad behavior with its consequences and accountabilities, acknowledgment of cultural differences in behavior, initial trust and earned trust, identification of the risks associated with transactions, and so on (301). By studying these requirements and possible solutions and their parallels with the Grid, we can better understand how to achieve a “secure Grid society.”

The Internet has created a whole new economy and a new society. We commonly order from commercial Web sites with our credit cards, and many have bought and sold goods from auction services such as eBay. These activities depend on our establishing a level of trust that makes us feel comfortable: We have some idea of the risks involved and understand the potential benefits. To help us with that risk-versus-reward determination, we may quantify the risk: vendors are rated for their service, sellers and buyers earn or lose stars through past performance, chat-group gossip conveys the experiences of others, and credit cards have limited liability. This new electronic society is in many ways a mirror of the real one.

As the commercial world moves to electronic business-to-business interactions, the abstraction level of these interactions is raised. Ultimately, the services of many businesses will be found through the equivalents of electronic yellow pages or brokers, and business transactions will be concluded if automated negotiated service-level agreements (SLAs, Chapter 18) are agreed upon. Part of the SLA equation is risk-benefit analysis, which will be facilitated by real-time access to credit bureaus and Dun and Bradstreet-like rating services (427).

We believe that the Grid will evolve in this direction, too, and it may have to use the same kind of business semantics in the SLA negotiation between requesters and providers of Grid services.

We envision a Grid future in which resources are completely virtualized and the identities associated with Grid entities, requesters, and service providers are completely hidden behind services for discovery, matchmaking, negotiation, scheduling, and so forth. The fact that Grids are used to build dynamic cross-organizational collaborations (virtual organizations, or VOs, Chapter 4) further complicates the situation because VOs require the establishment of trust and associated security across multiple organizational boundaries. In this case, a risk management approach that quantifies issues of trust, cost, and benefit will be essential to creating policies that meet VO operational objectives. Although these concepts find use in sitewide security analysis (e.g., in the insurance and financial services industry), techniques for applying risk management principles to dynamic cross-organizational collaborations are in their infancy and require more research. The Grid research community should tackle these complex socioeconomic interactions in collaboration with economists and social scientists.

2 3 4 5 6 >>
 

VirusScan Online - 120x90
Banner
ipodphoto120x90
Build Upgrade Replace - Animated
 

 

 

Home ] Up ] Security Example ]

Send mail to with questions or comments about this web site.
Copyright © 2005-7 GridSummit.com
Last modified: 10/30/07