Presentation is loading. Please wait.

Presentation is loading. Please wait.

A user-friendly approach to grid security

Published byEric Curtis Modified over 6 years ago

Similar presentations

Presentation on theme: "A user-friendly approach to grid security"— Presentation transcript:

1 A user-friendly approach to grid security
Could Would Can’t use it, Won’t use it! Bruce Beckles University of Cambridge Computing Service

2 “State of the Grid” Authentication: Authorisation: Auditing:
Digital certificates (X.509-based PKI) Crosses institutional boundaries Authorisation: Either simplistic “allow” lists in text files (the grid-mapfile), or… Complex, heavyweight, “general purpose” authorisation frameworks (e.g. CAS, VOMS, PERMIS, Shibboleth) Auditing: Auditing? What auditing? The “missing link” – Siebenlist, Globus Alliance

3 Problems for End-Users
Digital certificates difficult to obtain and use… so (shock!) users hate them So difficult that users share certificates (and not just within a single institution) Experience so painful some users refuse to use grid technology if it will involve certificates (e.g. BRIDGES project) Most users don’t understand digital certificates, so they behave inappropriately… Multiple copies of certificates (and proxy certificates) scattered across the grid (not always protected)

4 Problems for Administrators
Users’ desperate attempts to cope with certificates mean that soon no one knows who is actually using which certificates and for what… …and when does a certificate get revoked anyway?: When a user leaves the institution? When they leave the project? How does the Certificate Authority know? Confusion between “identity” and “membership” ( authorisation)

5 Authorisation Issues Authorisation mechanisms: choice? what choice?…
Either just an “allow” list: Too simplistic …or complex, heavyweight framework: Difficult to understand, deploy, maintain and administer May require centralised co-ordination or infrastructure In all cases, dependent on the integrity of the authentication mechanism, so, currently… …it’s doomed…

6 Auditing Issues Who did what? From where?:
Who: dependent on integrity of authentication mechanism… uh-oh… What: executable name often “lost in transit” (data, condor_exec.exe), and executable normally deleted on job completion… oh, good... Where: IP address of host submitting job… but IP addresses can be spoofed…! …And what else should we be recording…? Audit data usually stored locally, so… Successful attacker can modify it(!)

7 Why is it like this? Current solutions: Heavyweight: Poor Usability:
Difficult to deploy and administer Often require inappropriately centralised infrastructure Complex (so difficult to understand) Poor Usability: Difficult for end-users to use Difficult to configure and administer Poor/Inappropriate Design: “One size fails all” Designed to developer’s agenda, not users’

8 User-friendly security…
Lightweight: Easy to deploy and administer Easy to understand Restricted to a sensible-sized problem domain User-centred design: Design for the user, not in spite of them Understand and satisfy stakeholder requirements Continuous user involvement Ongoing usability testing Formal security methods: Formal analysis and modelling …so we understand what’s going on Formal security verification …so we know we’ve got it right

9 …in a grid context Handle local issues locally (“localise, don’t centralise”): Authentication: authenticate against local authentication service VO membership: use local identity to determine membership/authorisation (parameterised RBAC?) Distribute information across resources as necessary Certificates appalling, passwords better: Use local authentication to obtain or create certificates on behalf of the user to interact with existing grids User never sees a certificate! Conform to best practice: Audit data stored remotely Don’t rely on IP addresses

10 So who’s doing this? “User-Friendly Authentication and Authorisation for Grid Environments” project: UCL, Manchester, Cambridge, Newcastle, London South Bank University Planned start date: October 2006 EPSRC funded For our proposed authentication mechanism (wraps existing GSI mechanism), see: Removing digital certificates from the end-user’s experience of grid environments (2004): Mechanisms for increasing the usability of grid security (2005):

11 Questions?

Download ppt "A user-friendly approach to grid security"

Similar presentations

Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.

Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.
Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
ASPiS - Architecture for a Shibboleth-Protected iRODS System Mark Hedges, Tobias Blanke Centre for e-Research, Kings College London Adil Hasan, Jens Jensen.

ASPiS - Architecture for a Shibboleth-Protected iRODS System Mark Hedges, Tobias Blanke Centre for e-Research, Kings College London Adil Hasan, Jens Jensen.
Building a secure Condor ® pool in an open academic environment Bruce Beckles University of Cambridge Computing Service.

Building a secure Condor ® pool in an open academic environment Bruce Beckles University of Cambridge Computing Service.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © 2009. Chapter 1, pp 19-28. For educational use only.

Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.

1 Secure Zero Configuration in a Ubiquitous Computing Environment Shenglan Hu and Chris J. Mitchell Information Security Group Royal Holloway, University.
Firewalls and the Campus Grid: an Overview Bruce Beckles University of Cambridge Computing Service.

Firewalls and the Campus Grid: an Overview Bruce Beckles University of Cambridge Computing Service.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Removing digital certificates from the end-user’s experience of grid environments Bruce Beckles University of Cambridge Computing Service.

Removing digital certificates from the end-user’s experience of grid environments Bruce Beckles University of Cambridge Computing Service.
Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.

Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Similar presentations

Ads by Google