Legion - A Grid OS. Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of.

Slides:

Advertisements

Similar presentations

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.

Advertisements

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

A Flexible Security System for Metacomputing Environments A Presentation by Kunal Vaishnav USC.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

A responsibility based model EDG CA Managers Meeting June 13, 2003.

Access Control Methodologies

Grid Security. Typical Grid Scenario Users Resources.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

OSGi: Open Services Gateway Initiative Richard Chapman 5 Sept

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Legion Worldwide virtual computer. About Legion Made in University of Virginia Object-based metasystems software project middleware that connects computer.

Introduction To Windows NT ® Server And Internet Information Server.

Internet Protocol Security (IPSec)

Chapter 7 WORKING WITH GROUPS.

Windows Server MIS 424 Professor Sandvig. Overview Role of servers Performance Requirements Server Hardware Software Windows Server IIS.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Intranet, Extranet, Firewall. Intranet and Extranet.

Protection and the Kernel: Mode, Space, and Context.

Systems Security & Audit Operating Systems security.

Chapter 7: WORKING WITH GROUPS

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

Presented by Amlan B Dey.  Access control is the traditional center of gravity of computer security.  It is where security engineering meets computer.

GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.

SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.

Announcements Assignment 3 due. Invite friends, co-workers to your presentations. Course evaluations on Friday.

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.

Java 2 security model Valentina Casola. Components of Java the development environment –development lifecycle –Java language features –class files and.

Module 9 Configuring Messaging Policy and Compliance.

Military Technical Academy Bucharest, 2004 GETTING ACCESS TO THE GRID Authentication, Authorization and Delegation ADINA RIPOSAN Applied Information Technology.

ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.

Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.

CE Operating Systems Lecture 21 Operating Systems Protection with examples from Linux & Windows.

1 Authorization for Metacomputing Applications G. Gheorghiu, T. Ryutov and B. C. Neuman University of Southern California Information Sciences Institute.

Mine Altunay July 30, 2007 Security and Privacy in OSG.

Wireless and Mobile Security

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB Markus.

Dynamic Creation and Management of Runtime Environments in the Grid Kate Keahey Matei Ripeanu Karl Doering.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Ákos FROHNER – DataGrid Security n° 1 Security Group TODO

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

EMI is partially funded by the European Commission under Grant Agreement RI Common Authentication Library Daniel Kouril, for the CaNL PT EGI CF.

Windows Workflow Foundation Guy Burstein Senior Consultant Advantech – Microsoft Division

Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University

UNICORE and Argus integration Krzysztof Benedyczak ICM / UNICORE Security PT.

ArcGIS for Server Security: Advanced

Stop Those Prying Eyes Getting to Your Data

Understanding Android Security

Securing the Network Perimeter with ISA 2004

Radius, LDAP, Radius used in Authenticating Users

Security mechanisms and vulnerabilities in .NET

THE STEPS TO MANAGE THE GRID

Introduction to Networking

To Join the Teleconference

Grid Security M. Jouvin / C. Loomis (LAL-Orsay)

SAMANVITHA RAMAYANAM 18TH FEBRUARY 2010 CPE 691

Chapter 2: Operating-System Structures

Chapter 29: Program Security

BACHELOR’S THESIS DEFENSE

Understanding Android Security

Designing IIS Security (IIS – Internet Information Service)

Chapter 2: Operating-System Structures

Presentation transcript:

Legion - A Grid OS

Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of object – class object Legion provides default implementation, but all system components can be extended, specialized and replaced.

Object Model Object state Active: hosted within a running process Inert: state/OPR is stored on a persistent storage device OPR: LOID, private key, ACL Identified by location-independent LOID LOID include the public key

Status Of An Object

Legion Runtime Library Defines generic interfaces to services - message passing - object creation, location, deletion flexible, configurable protocol stack - adding message privacy is simply a matter of registering the appropriate message processing event handlers into the Legion protocol stack

Two main concerns User’s concern Protecting the meta-computer’s high-level resources, services, and users from possibly corrupted underlying resources Administrator’s concern Preserving the security policies of the underlying resources that from the foundation of the meta-computer and minimizing their vulnerability to attacks from the meta-computer level

Features Flexible simple policy-neutral mechanism build different policy on top of it Easy to use explore the legion inheritance mechanism Scalable object authenticate one another directly no centralized key services Isolated Object isolation & site isolation

Object Management Object Isolation - isolate system object to user object host object and vault object run in different local account - isolate different user-object from one another native user or generic account Host object does not run in root account PCD(Process Control Daemon) does the object activate, deactivate, reactivate under the request of host object

Creating object Class manager - assigns LOID for the new object - create object’s key - pass the LOID and key to the host object on the machine where the object will run - pass the binary of the object implementation to host object - ask vault object to create directory for the object Host object - map the LOID to local user account - spawn a process to host the object - pass the LOID and key to the active object - change the ownership of the directory for the object

Credential A list of rights granted by the credential’s maker can be passed along the call chain Delegated credentials – what is the right and to who e.g., [object A may call object B’s method M as Alice during the period T] signed Alice Bearer credentials – what is the right - call chain may branch out - the identity of the final object on the call chain may be unknown by the user - increase the risk Both have valid period or short time Authentication credential

Access Control Each object is responsible for enforcing its own access control policy MayI for each object implements access control on a per-function basis Who decides the security policy of object? user initiating the object class object of this object Object A MayI? B b.foo() No! foo ok

Scenario 1 Site isolation Problem: No matter how subverted any external sites in the Legion system might be, no intruder can invoke methods on local Legion resources as Admin Solution: - Local Legion resources should be started as a separate Legion domain - Automated enforcement of no leakage of site critical information off-site by configuring extra event handler e.g., an event handler for message-send event to check whether the ACL of host object is being sent out. If so, the message is block and an exception is raised

Scenario2 Site-wide required access control Problem: - File object with no restrictions on which user can access the file it represents - a site wishes to enforce the policy that files may not be accessed by outside users Solution: use local host object to control access to local resources. The site administrator can configure the ACL of host object to limit the classes of objects that may run at the site.

Scenario3 Site selection policy Problem: which resource to execute my job? Solution: encode the site selection policy in the user’s class manager objects

Comparison Resource proxy vs. host object Delegate identity vs. delegate right No object control vs. MayI