Grid Mean Business: Security Management in Grids – A new challenge? Mike Boniface OGF21, Manchester Wednesday 9 May 2007.

Slides:

Advertisements

Similar presentations

1 The Networked Learning Environment. 2 Blackboards Product Strategy Leading institutions are harnessing the power of information networks to connect.

Advertisements

The Access Grid Ivan R. Judson 5/25/2004.

Delivering User Needs: A middleware perspective Steven Newhouse Director.

Neil Geddes CCLRC Director, e-Science Director, Grid Operations Support Centre The UK National Grid Service.

Tom Sugden EPCC OGSA-DAI Future Directions OGSA-DAI User's Forum GridWorld 2006, Washington DC 14 September 2006.

© 2012 Open Grid Forum Simplifying Inter-Clouds October 10, 2012 Hyatt Regency Hotel Chicago, Illinois, USA.

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT Consortium Grid-based Collaborative Product Design: The SIMDAT Grid.

Project Overview Daniel Mallmann, Research Centre Juelich Alistair Dunlop, University of Southampton.

©2006 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium A SIMDAT Perspective on Grid Standards and Specifications.

1 2 nd Shanghai, 19/02/06 Architecture for Next Generation Grids Kostas Tserpes, NTUA Shanghai, 20th of February 2006.

Gilbert Kalb B ilateral R esearch and I ndustrial Development enhancing and integrating G rid E nabled technologies Bridge Project Presentation Third

The Next Generation Grid Kostas Tserpes, NTUA Beijing, 22 of June 2005.

© Fraunhofer Institute SCAI and other members of the SIMDAT consortium Data Grids for Process and Product Development using Numerical Simulation and Knowledge.

Inetrconnection of CNGrid and European Grid Infrastructure Depei Qian Beihang University Feb. 20, 2006.

CoreGRID European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

DG INFSO- Grid Research & Infrastructures: W. Boch, M. Campolargo 1 Delivery of Industrial-strength Grid Middleware: establishing an effective European.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

Public B2B Exchanges and Support Services

The National Grid Service Mike Mineter.

Research Councils ICT Conference Welcome Malcolm Atkinson Director 17 th May 2004.

The National Grid Service and OGSA-DAI Mike Mineter

Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.

SWITCH Visit to NeSC Malcolm Atkinson Director 5 th October 2004.

OMII-UK Steven Newhouse, Director. © 2 OMII-UK aims to provide software and support to enable a sustained future for the UK e-Science community and its.

E-Science Update Steve Gough, ITS 19 Feb e-Science large scale science increasingly carried out through distributed global collaborations enabled.

From AgentLink II to AgentLink III Co-ordinators: Peter McBurney, University of Liverpool, UK Terry Payne, University of Southampton, UK.

Govern the Flow of Data: Moving from Chaos to Control

Hello i am so and so, title/role and a little background on myself (i.e. former microsoft employee or anything interesting) set context for what going.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Multi-level SLA Management for Service-Oriented Infrastructures Wolfgang Theilmann, Ramin Yahyapour, Joe Butler, Patrik Spiess consortium / SAP.

ICS 434 Advanced Database Systems

Presentation by Priyanka Sawarkar

Suggested Course Outline Cloud Computing Bahga & Madisetti, © 2014Book website:

Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.

Open Workshop on e-Infrastructures, Helsinki October 4 – 5, 2006 Roadmap Parallel Session on last chapter of e-IRG Roadmap: Crossing the Boundaries of.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

Cloud computing Tahani aljehani.

Ravi Sankar Technology Evangelist | Microsoft Corporation

Plan Introduction What is Cloud Computing?

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

1 Autonomic Computing An Introduction Guenter Kickinger.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

Mike Turner BAE Systems ATC Advanced Technology Centre SIMDAT Challenges of SOA in collaborative Aerospace product development.

Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

Plan  Introduction  What is Cloud Computing?  Why is it called ‘’Cloud Computing’’?  Characteristics of Cloud Computing  Advantages of Cloud Computing.

17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Grids in Industry: Lost in Transition? Mike Boniface IT Innovation Business Track: Solutions.

DAME: A Distributed Diagnostics Environment for Maintenance Duncan Russell University of Leeds.

Chapter 5 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.

©2008 University of Southampton IT Innovation Centre and other members of the SIMDAT Consortium SIMDAT Grid Technology Mike Boniface

Ruth Pordes November 2004TeraGrid GIG Site Review1 TeraGrid and Open Science Grid Ruth Pordes, Fermilab representing the Open Science.

Utility Computing: Security & Trust Issues Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.

Easy Access to Grid infrastructures Dr. Harald Kornmayer (NEC Laboratories Europe) Dr. Mathias Stuempert (KIT-SCC, Karlsruhe) EGEE User Forum 2008 Clermont-Ferrand,

Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

B2A Pharma Prototype Implementation of an industrial-strength pharmaceutical workflow in a Grid environment Falk Zimmermann NEC Europe Ltd. IT Research.

ETICS An Environment for Distributed Software Development in Aerospace Applications SpaceTransfer09 Hannover Messe, April 2009.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

ACGT Architecture and Grid Infrastructure Juliusz Pukacki ‏ EGEE Conference Budapest, 4 October 2007.

ETICS, EU-OMII and the Software Repository Andrea Caltroni, INFN Padova ETICS 1 st All-Hands Meeting, Budapest - May 29-31, 2006.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.

Grid Middleware Questionnaire - GRIA EchoGRID Second Strategic Workshop, 31st October, 2007 CNIC, Beijing Rowland Watkins, IT Innovation Centre.

European Middleware Initiative (EMI)

Integrated Management System and Certification

IT Management Services Infrastructure Services

Presentation transcript:

Grid Mean Business: Security Management in Grids – A new challenge? Mike Boniface OGF21, Manchester Wednesday 9 May 2007

© University of Southampton IT Innovation Centre, 2007 IT Innovation An applied research centre, complementing the academic research groups in the School of Electronics and Computer ScienceAn applied research centre, complementing the academic research groups in the School of Electronics and Computer Science Our objective is the innovative application of ITOur objective is the innovative application of IT We carry out applied research and development with and for industry and commerceWe carry out applied research and development with and for industry and commerce –collaborative research (supported by EC and UK programmes) –client-funded research, development and consulting We deliver proofs-of-concept, demonstrators and novel operational systemsWe deliver proofs-of-concept, demonstrators and novel operational systems

© University of Southampton IT Innovation Centre, 2007 Do You Remember… Probabilistic design environment Sensitivity to uncertainties –manufacturing tolerances –modeling assumptions Example applications –satellite antennae deployment –crash modeling Distributed resources –7 sites (3 with firewalls) –over 100 processors

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Where are we today? Acoustics Service Design Optimisation Service Structures Service Aerodynamics Service (Matlab, OGSA-DAI, Condor, GRIA) (Model Center, SunGridEngine, GRIA) (iSightFD, Torque, GRIA) (Patran, GRIA)

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Contextual Collaboration: Virtual Employee Single Controlling Partner

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Extended Enterprise: Business Cooperative Virtual Organisation Prime Contractor

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Extended Enterprise: Business Partnership

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Infrastructure Accreditation Collaboration patterns Operational security policies Business Requirements Technology Capabilities Infrastructure Accreditation Technology Gaps Dynamic trust and security (GRIA) SLA management and accounting (GRIA) E2E Toolkit (NEC) Dynamic Access Control (NEC, IT Innov) Transatlantic Secure Collaboration Programme ( Risk analysis Grid Technology Uptake

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium Operational Security Policies: ISO27001:2005 ControlSummary of GapProcedure update Existing TechnologyTechnology Gap A.6Increased complexity of third party risk assessments. A.7Classification of information and labelling across domains Info Labelling, Monitoring info flows. A.8Propagation of user information domains CAs, SLA and Client management services Monitoring A.10Need for secure and trusted audit logs.Auditing, Monitoring, Fault Logging. A. 10Shared operational procedures and responsibilities A.11Addition complexity of user management Certificate authorities, PKI, Token services Integration with existing identity schemes. A.12Security in development and support process Grid infrastructure release processes. Auditing A.12Grid vulnerability analysisVulnerability analysis tools, Intrusion tolerance A.13Reporting of security events in a Grid system. Monitoring and Reporting tools. A. 15ComplianceAudit

©2007 University of Southampton IT Innovation Centre and other members of the SIMDAT consortium SIMDAT Industrial Grid Profile Adoption analysis of key Web Service and Grid interoperability specifications Motivation to –understand adoption issues when applied to industrial applications (security, operational, performance) –recommend how the specifications can be safely adopted by SIMDAT applications –publish Industrial Grid Profile to wider community e.g. OGF white_papers Thursday 10 th May Standards Alignment Report-Out Charter Suite 5

©2006 University of Southampton IT Innovation Centre © University of Southampton IT Innovation Centre, 2007 GRIA: A Grid for business Open Source Grid middleware for supporting B2B collaborations based on a service-oriented architecture Easy to use yet powerful functionality –business-to-business accounting and service level agreements –dynamic trust and security –distributed file transfer, storage and processing –distributed database access using OGSA-DAI –distributed inter-domain workflow composition, enactment and publication using Taverna/Freefluo –cross-platform, running on Windows XP and various Linux distributions –developers kit for new managed application services Available free and open source from

©2006 University of Southampton IT Innovation Centre © University of Southampton IT Innovation Centre, 2007 Characteristics of Business Grids Customers control which services they consume, how much they are used, and by whom Service providers operate independently and maintain control of their own resources Service providers operate within the terms of relevant application software licenses Services are subject to Service Level Agreements Security to commercial standards Heterogeneous infrastructures Maintenance should be cost-effective

© University of Southampton IT Innovation Centre, 2007 Securing Multi-Organisational SOA Traditional systems are easy to secureTraditional systems are easy to secure –system components are known in advance –threats can be anticipated and defences included –deployments can be configured to manage threat levels within the system Dynamic distributed systems cannot be made secure this wayDynamic distributed systems cannot be made secure this way –system components and configurations change dynamically –system boundaries change as organisations join and leave the application –administration is distributed with no overarching threat assessment or management

© University of Southampton IT Innovation Centre, 2007 Virtual Organisations: Trust, Dependency, Intrusion Tolerance Org AOrg B Org E Org D Org C

© University of Southampton IT Innovation Centre, 2007 Business Partnerships: Trust, Security,Intrusion Tolerance Org AOrg B Org E Org D Org C

© University of Southampton IT Innovation Centre, 2007 Conclusions Is security management in Grids a new challenge? Yes

© University of Southampton IT Innovation Centre, 2007 Thank you for listening