Presentation is loading. Please wait.

Presentation is loading. Please wait.

Grid Security Giảng viên: PhD. Phạm Trần Vũ

Published by亵盟 黎 Modified over 5 years ago

Similar presentations

Presentation on theme: "Grid Security Giảng viên: PhD. Phạm Trần Vũ"— Presentation transcript:

1 Grid Security Giảng viên: PhD. Phạm Trần Vũ
Sinh viên: Ngô Dương Hà Lê Phú Trần Nhật Phương

2 Outline Introduction Grid Security Issues A Grid Security Scenario
Grid Security Architecture Summary References 2 2

3 Outline Introduction Grid Security Issues A Grid Security Scenario
Grid Security Architecture Summary References 3 3

4 Introduce What is Grid Security?
Security architecture to enable dynamic, scalable, and distributed VOs protect resources for resource providers, computing entities for VOs, and end-processing for end-users

5 Introduce(cont.) Security for whom? Resource Providers
End-user (participants) Virtual Organization

6 Introduce(cont.) Virtual Organization in the Grid
Virtual organizations (VOs) are collections of diverse and distributed individuals that seek to share and use diverse resources in a coordinated fashion. Users can join into several VOs, while resource providers also partition their resources to several VOs.

7 Grid Security Issues Architecture Infrastructure Management

8 Grid Security Issues(cont.)
Architecture Information Security Authorization Service Security

9 Grid Security Issues(cont.)
Architecture > Information Security The security related to the information exchanged between different hosts or between hosts and users. Issues includes secure communication, authentication, and single sign on and delegation.

10 Grid Security Issues(cont.)
Architecture > Information Security > Secure communication Secure communication: uses symmetric key encryption, Asymmetric key encryption

11 Grid Security Issues(cont.)
Architecture > Information Security > Secure communication(cont.) Secure communication: uses symmetric key encryption, Asymmetric key encryption

12 Grid Security Issues(cont.)
Architecture > Information Security > Authentication Authentication procedure

13 Grid Security Issues(cont.)
Architecture > Information Security > Single sign on and delegation Single sign on and delegation: use the certificates by Certification Authority (CA), digital signatures, and proxy certificates.

14 Grid Security Issues(cont.)
Architecture > Information Security > Single sign on and delegation (cont.) Certificate includes: A subject name. The public key of the subject. The identity of a Certificate Authority (CA). The digital signature of the named CA.

15 Grid Security Issues(cont.)
Architecture > Information Security > Single sign on and delegation (cont.) Digital Signatures: A message signed by the private-key

16 Grid Security Issues(cont.)
Architecture > Information Security > Single sign on and delegation (cont.) Proxy Certificates

17 Grid Security Issues(cont.)
Architecture > Authorization The authorization systems can be mainly divided into two categories: VO Level Systems Resource Level Systems. Alice Access control

18 Grid Security Issues(cont.)
Architecture > Authorization > VO Level Systems VO Level Systems: are centralized authorization for an entire Virtual Organization, the resource hold the final right in allowing or denying the access to the users

19 Grid Security Issues(cont.)
Architecture > Authorization > Resource Level Systems Resource Level Systems : provide a consolidated authorization service for the virtual organization, the resource level authorization systems implement the decision to authorize the access to a set of resources

20 Grid Security Issues(cont.)
Architecture > Service Security The grid service level security issues can be subdivide into two main types: Denial-of-service QoS Violation

21 Grid Security Issues(cont.)
Architecture > Service Security > Solutions Denial-of-Service: can be categorized into mainly two types: Preventive Solutions and Reactive Solutions. Preventive Solutions: try to prevent the attack from taking place by taking precautionary measures( e.g, filtering, location hiding…) Reactive Solutions: are used to trace the source of the attack(e.g, logging, packet marking, link testing,…)

22 Grid Security Issues(cont.)
Architecture > Service Security > Solutions QoS Violation: rely on some amount of monitoring and metering systems which try to detect the QoS levels of the systems and then make decisions to raise the alarms.(e.g, Watchers project)

23 Outline Introduction Grid Security Issues A Grid Security Scenario
Grid Security Architecture Summary References 23 23

24 A Grid Security Scenario
Statement Problem A member of a multi-institutional scientific collaboration, who receives from a colleague regarding a new data set. He starts an analysis program, which dispatches code to the remote location where the details stored (site C). Once started, the analysis program determines that it needs to run a simulation in order to compare the experimental results with predictions. Hence, it contacts a resource broker service maintained by the collaboration (at site D), in order to locate idle resources that can be used for the simulation. The resource broker in turn initiates computation on computers at two sites (E and G). These computers access parameter values stored on a file system at yet another site (F) and also communicate among themselves and with the broker, the original site, and the user.

25 A Grid Security Scenario
The Grid Security Problem The user population is large and dynamic. The resource pool is large and dynamic. A computation (or processes created by a computation) may acquire, start processes on, and release resources dynamically, during its execution. The processes constituting a computation may communicate by using a variety of mechanisms, including unicast and multicast. Resources may require different authentication and authorization mechanisms and policies. An individual user will be associated with different local name spaces, credentials, or accounts, at different sites. Resources and users may be located in different countries. 25

26 A Grid Security Scenario(Cont.)
Security Requirements Grid systems and applications may require any or all of the standard security functions, including authentication, access control, integrity, privacy, and non-repudiation. Provide authentication solutions that allow a user, the processes that comprise a user’s computation, and the resources used by those prcesses, to verify each other’s identity. Allow local access control mechanisms to be applied without change, whenever possible.

27 A Grid Security Scenario(Cont.)
Security Requirements(Cont.) Besides developing a security architecture that meets these requirements, choose to satisfy the following constraints derived from the characteristics of the grid environment and grid applications: Single sign-on Protection of credentials Interoperability with local security solutions Exportability Uniform credentials/certification infrastructure Support for secure group communication Support for multiple implementations

28 A Grid Security Scenario(Cont.)
Terminology Subject : a participant in a security operation (i.e., a user, a process operating on behalf of a user, a resource, a process acting on behalf a resource…) Credential: a piece if information that is used to prove the identity of a subject (i.e., passwords, certificates…) Authentication: the process by which a subject proves its identity to a requestor. Object: a resource that is being protected by the security policy. Authorization: the process which determine whether a subject is allowed to access or use an object. Trust domain: a logical, administrative structure which a single, consistent local security policy holds.

29 A Grid Security Scenario(Cont.)
Security Policies The grid environment consists of multiple trust domains. Operations that are confined to a single trust domain are subject to local security policy only. Both global and local subject exist. For each trust domain, there exists a partial mapping from global to local subjects. Operations between entities located in different trust domains require mutual authentication. An authenticated global subject mapped into a local subject is assumed to be equivalent to being locally authenticated as that local subject. All access control decisions are made locally on the basis of the local subject. A program or process is allowed to act on behalf of a user and be delegated a subset of the user’s rights. Processes running on behalf of the same subject within the same trust domain may share a single set of credentials.

30 Outline Introduction Grid Security Issues A Grid Security Scenario
Grid Security Architecture Summary References 30 30

31 Grid Security Architecture
Subjects: users, processes Objects: computers, data respositories, networks, display devices, … The thick lines: protocols The curved line: separate the user from the rest of the figure. The dashed lines: authenticated inter-process communication.

32 Grid Security Architecture(cont.)
Concepts User proxy: a session manager process given permission to act on behalf of a user for a limited period of time. Resource proxy: an agent used to translate between inter-domain security operations and local intra-domain mechanisms. Notation used U, R, P User, resource, process UP, RP User proxy, resource proxy CX Credential of subject X SigX{text} “text” signed by subject X

33 Grid Security Architecture(cont.)
Operations Allocation of a resource by a user Allocation of a resource by a process Communication between processes located in different trust domains Requirement can meet by: Allowing a user to log on to the grid system Creating a user proxy using protocol 1 The user proxy can allocate resources(and hence create processes) using protocol 2 Using protocol 3, a process created can allocate additional reources directly Protocol 4 can be used to define a mapping from a global to a local subject

34 Grid Security Architecture(cont.)
User Proxy Creation Protocol The user gains access to the computer from which the user proxy is to be created, using whatever form of local authentication is placed on that computer. The user produces the user proxy credential, CUP, by using their credential, CU, to sign a tuple containing the user’s id, the name of the local host, the validity interval for CUP, and any other information that will be required by the authentication protocol used to implement the architecture(such as a public key if certificate-based authentication is used) CUP = SigU{user –id, host, start-time, end-time, auth-info, …} A user proxy process is created and provided with CUP. It is up to the local security policy to protect the integrity of CUP on the computer on which the user proxy is located.

35 Grid Security Architecture(cont.)
Resource Allocation Protocol The user proxy and resource proxy authenticate each other using CUP and CRP. As part of this process, the resource proxy checks to ensure that the user proxy's credentials have not expired. The user proxy presents the resource proxy with a signed request in the form SigUP{allocation specification} The resource proxy checks to see whether the user who signed the proxy’s credentials is authorized by local policy to make the allocation request. 35

36 Grid Security Architecture(cont.)
Resource Allocation Protocol(Cont.) If the request can be honored, the resourse proxy creates a RESOURCE-CREDENTIALS tuple containing the name of the user for whom the resource is being allocated, the resource name, etc The resource proxy securely passes the RESOURCE-CREDENTIALS to the user proxy The user proxy examines the RESOURCE-CREDENTIALS request, and, if it wishes to approve is, signs the tuple to produce CP, a credential for the requesting resource. The user proxy securely passes CP to the resource proxy. The resource proxy allocates the resource and passes the new processes CP. (the latter transfer relies on the fact that the resource proxy and process are in the same trust domain) 36

37 Grid Security Architecture(cont.)
Resource Allocation from a Process Protocol The process and its user proxy authenticate each other using CP and CUP The process issues a signed request to its user proxy, with the form SignP {“allocate”, allocation request parameters} If the user proxy decides to honor the request, it initiates a resource allocation request to the specified resource proxy using Protocol 2 The resulting process handle is signed by the user proxy and returned to the requesting process. 37

38 Grid Security Architecture(cont.)
Mapping Registration Protocol User proxy authenticates with the resource proxy User proxy issues a signed MAP-SUBJECT-UP requested to resource proxy, providing as arguments both global and resource subject names User logs on to the resource using the resource’s authentication method and starts a map registration process Map registration process issues MAP-SUBJECT-UP request to resource proxy, providing as arguments both global and resource subject names Resource proxy waits for MAP-SUBJECT-UP and MAP-SUBJECT-P requests with matching arguments 38

39 Grid Security Architecture(cont.)
Mapping Registration Protocol(Cont.) Resource proxy ensures that map registration process belongs to the resource subject specified in the map request If a match is found, resource proxy sets up a mapping and sends acknowledgments to map registration process and user proxy If a match is not found within MAP-TIMEOUT, resource proxy purges the outstanding request and sends an acknowledgments to the waiting entity If acknowledgment is not received within MAP-TIMEOUT, request is considered to have failed. 39

40 Outline Introduction Grid Security Issues A Grid Security Scenario
Grid Security Architecture Summary References 40 40

41 Summary Advantages This is a security architecture for large-scale distributed computation This architecture is useful and provide a foundation for investigation if more sophisticated mechanisms. This architecure address most of the requirements The introduction of a user proxy addresses the single sign-on requirement The resource proxy enables interoperability with local security solutions Shortcoming All resource allocation requests must pass via the user proxy is a potential bottleneck. 41

42 References A Security Architecture for Computational Grids (Ian Foster, Carl Kesselman, Gene Tsudik, Steven Tuecke) Slides - Grid Security: Authentication and Authorization(Jong Kim) Taxonomy of Grid Security Issues Slides – Grid Security(Heinz Stockinger) Slides – Grid Security, A first introduction ( 42

43 Thanks for attention ! Ask & Answer

Download ppt "Grid Security Giảng viên: PhD. Phạm Trần Vũ"

Similar presentations

Introduction of Grid Security

Introduction of Grid Security
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Access Control Methodologies

Access Control Methodologies
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Condor-G: A Computation Management Agent for Multi-Institutional Grids James Frey, Todd Tannenbaum, Miron Livny, Ian Foster, Steven Tuecke Reporter: Fu-Jiun.

Condor-G: A Computation Management Agent for Multi-Institutional Grids James Frey, Todd Tannenbaum, Miron Livny, Ian Foster, Steven Tuecke Reporter: Fu-Jiun.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.

Similar presentations

Ads by Google