Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication.

Similar presentations


Presentation on theme: "Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication."— Presentation transcript:

1 Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication Technologies (CETIC) {syed.naqvi, 2 CCLRC Rutherford Appleton Laboratory {s.naqvi,

2 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 2 Location based on data attributes Location of one or more physical replicas State of grid resources, performance measurements and predictions Metadata Service Application Replica Location Service Information Services Planner: Data location, Replica selection, Selection of compute and storage nodes Security and Policy Executor: Initiates data transfers and computations Data Movement Data Access Compute ResourcesStorage Resources Functional View of Grid Data Management taken from

3 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 3 FileStamp Architecture

4 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 4 Decentralized multi-writer file system –Based on a Peer-to-Peer technology –Self managing data storage location FileStamp – Distributed File System

5 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 5 File Redundancy Dynamic replica regeneration

6 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 6 BitTorrent Technology Moreover transfers can be interrupted and restarted from the last transferred bytes FileStamp – File Transfer

7 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 7 How to Express Requirements ? Specification language understandable by all the actors

8 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 8 KAOS : K nowledge A cquisition in aut O mated S pecification Dardenne A., Lamsweerde A. and Fickas S., Goal-Directed Requirements Acquisition, Science of Computer Programming Vol. 20, North Holland, 1993, pp Lamsweerde A., Elaborating Security Requirements by Construction of Intentional Anti-Models, Proceedings of ICSE’04, 26th International Conference on Software Engineering, Edinburgh, May. 2004, ACM-IEEE, pp Goal Model Responsibility Model Operations Model Constraints Model Anti-Goal (Threats) Model

9 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 9 Goal Model

10 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 10 Responsibility Model

11 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 11 Operations Model

12 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 12 Constraints Model

13 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 13 Overall Model

14 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 14 Refinement of Requirements Model

15 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 15 Policy Templates

16 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 16 Example Policy New replica of file is generated when an existing storage node is failed

17 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 17 Further Treatment of the Derived Policies Refinement of High level Policies into Operational Policies –Determination of the resources that are needed to satisfy the requirements of the policy. –Translation of the high-level policies into operational policies that the system can enforce. –Verification that the lower level policies actually meet the requirements specified by the high level policies. Implementation of Policies –Requires specific details of a particular system. –Formal representation techniques are employed. –Implemented in a specification language.

18 European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 18 Conclusions This work addresses issues related to formalizing Grid security requirements at the application level. Our proposed technique is illustrated with the help of a case study of a data management system. Results shows that formal security requirement models are not only helpful to derive security policies but also they can be employed for security rationale. Our future directions include: –Refinement of security policies derived from the requirements model. –Work on negotiation protocols to assure service level security agreements.


Download ppt "Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication."

Similar presentations


Ads by Google