Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Distributed Systems – A look at Globus

Published byGyöngyi Kissné Modified over 5 years ago

Similar presentations

Presentation on theme: "Security in Distributed Systems – A look at Globus"— Presentation transcript:

1 Security in Distributed Systems – A look at Globus
Stephen Rook October 25, 2007

2 Overview Background – security’s role in distributed systems
Overview of Globus Security Policy of Globus

3 Security Overview Why do we need to consider security issues for distributed systems? The main goal is to protect the system and its resources from unauthorized use. Authentication Ex: Is “Adam” truly Adam, an employee in good-standing of a company’s branch in New York, or is “Adam” truly Damien, a recently fired employee whose ultimate goal is to take down the company server? Authorization Ex: Does Adam have write privileges on a file foo.txt located on the company’s Los Angeles server?

4 Security Overview (2) Why is it so difficult to implement security on distributed systems? Resources can span many geographic domains. The system must keep track of where its resources are located Ex: An employee on subnetwork A in the U.S. wishes to access a file stored on the company server on subnetwork C located in Germany. For some resources, only certain classes of users can be allowed access. Falls under the authorization domain Ex: Suppose we have two low-level employees, John and Sam. John should not be able to access Sam’s employment record even though they both work for the same company. However, Sam’s supervisor should have access rights.

5 Security Overview (3) Most distributed systems are heterogeneous
They are comprised of mixed types of computers and resources Ex: Grid systems Need to define protocols to safely access system components no matter where such components reside

6 Globus Proposed by Foster, Kesselman, and Tuecke in 1998
Version 0.1 (the first) was implemented in April 2000 Version 4.1 was released September 2007 Designed for grid computing Security of the vast number of components in the entire system is the prime concern

7 Globus Security Policy
Assumption: The system consists of multiple administrative domains or subsystems. Multiple existing disjoint subsystems (most likely heterogeneous) need to be seamlessly integrated under a minimal number of standardized security protocols. Local operations are subject to local domain security policy only.

8 References Tanenbaum and Van Steen. Distributed Systems – Principles and Paradigms. 2nd ed Foster and Kesselman. “Globus: A Metacomputing Infrastructure Toolkit.” Foster et al. “A Security Architecture for Computational Grids.” Globus Alliance.

Download ppt "Security in Distributed Systems – A look at Globus"

Similar presentations

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.
IEEE/FIPA WG Mobile Agents Ulrich Pinsdorf Fraunhofer-Institute IGD, Germany Dept. Security Technology

IEEE/FIPA WG Mobile Agents Ulrich Pinsdorf Fraunhofer-Institute IGD, Germany Dept. Security Technology
Operating System Security

Operating System Security
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
DDBMS Security - Bakul Gada.

DDBMS Security - Bakul Gada.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.

Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.
Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.

Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.
More on Replication and Consistency CS-4513 D-term 20081 More on Replication and Consistency CS-4513 Distributed Computing Systems (Slides include materials.

More on Replication and Consistency CS-4513 D-term More on Replication and Consistency CS-4513 Distributed Computing Systems (Slides include materials.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.

Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.

11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.

Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Similar presentations

Ads by Google