A user-friendly approach to grid security Bruce Beckles University of Cambridge Computing Service A user-friendly approach to grid security “Grid ‘security’?

Slides:



Advertisements
Similar presentations
Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.
Advertisements

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
GT 4 Security Goals & Plans Sam Meder
Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.
ASPiS - Architecture for a Shibboleth-Protected iRODS System Mark Hedges, Tobias Blanke Centre for e-Research, Kings College London Adil Hasan, Jens Jensen.
Building a secure Condor ® pool in an open academic environment Bruce Beckles University of Cambridge Computing Service.
3SKey 3SKey.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Presentation Two: Grid Security Part Two: Grid Security A: Grid Security Infrastructure (GSI) B: PKI and X.509 certificates C: Proxy certificates D:
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
Grid Security. Typical Grid Scenario Users Resources.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
User requirements for UK e-Science grid environments Bruce Beckles University of Cambridge Computing Service.
Firewalls and the Campus Grid: an Overview Bruce Beckles University of Cambridge Computing Service.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Removing digital certificates from the end-user’s experience of grid environments Bruce Beckles University of Cambridge Computing Service.
University of Kentucky Proxy Service Presentation By Kelly Vickery
Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Using NMI Components in MGRID: A Campus Grid Infrastructure Andy Adamson Center for Information Technology Integration University of Michigan, USA.
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
Supporting education and research Security and Authentication for the Grid Alan Robiette, JISC Development Group.
National Computational Science National Center for Supercomputing Applications National Computational Science Credential Management in the Grid Security.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Oxford University e-Science Centre 1 Managing Access 4 Dec Managing Access to Resources on the Grid 4 December 2002.
OGF22 25 th February 2008 OGF22 Demo Slides Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Authentication and Authorization Architecture for AstroGrid and the VO Guy Rixon Tony Linde Elizabeth Auden Nic Walton TIVO, June 2002.
Condor Project Computer Sciences Department University of Wisconsin-Madison Grids and Condor Barcelona,
US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.
National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
X.509 Proxy Certificates for Dynamic Delegation Ian Foster, Jarek Gawor, Carl Kesselman, Sam Meder, Olle Mulmo, Laura Perlman, Frank Siebenlist, Steven.
DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Office of Science U.S. Department of Energy Grid Security at NERSC/LBL Presented by Steve Chan Network, Security and Servers
1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.
E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.
Andrew McNab - Dynamic Accounts - 2 July 2002 Dynamic Accounts in TB1.3 What we could do with what we’ve got now... Andrew McNab, University of Manchester.
The National Grid Service Mike Mineter.
Rights Management for Shared Collections Storage Resource Broker Reagan W. Moore
Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.
CaGrid 1.0 Security Infrastructure Stephen Langella, Scott Oster, Shannon Hastings, David Ervin, Joshua Phillips, Vinay Kumar, Tahsin Kurc, Joel Saltz.
Decentralized User Authentication in a Global File System CS294-4 Presentation Nikita Borisov October 6, 2003.
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Introduction Salma Saber Electronic.
Virtual Organisations and the NGS Mike Jones Research Computing Services e-Science & “The Grid” for Bio/Health Informaticians, IT January 2008.
Grid Computing Security Mechanisms: the state-of-the-art
Grid Security.
UK e-Science All Hands Meeting, 2006 Mark Norman 18 Sept 2006
A user-friendly approach to grid security
Privilege Separation in Condor
Grid Security M. Jouvin / C. Loomis (LAL-Orsay)
Securing your hack-free work environment
Windows Active Directory Environment
Grid Computing Software Interface
Presentation transcript:

A user-friendly approach to grid security Bruce Beckles University of Cambridge Computing Service A user-friendly approach to grid security “Grid ‘security’? We’re not there yet.” Co-authors: Peter Coveney, UCL Peter Ryan, Newcastle Ali Abdallah, LSBU Stephen Pickles, Manchester John Brooke, Manchester Mark McKeown, Manchester

Definition of Terms user-friendly, a. : Easy to use; designed with the needs of users in mind (Source: OED) approach, n. : A way of considering or handling something, esp. a problem. (Source: OED) grid security: “computer security in the context of a computational grid environment” computational grid environment: “a distributed computing environment which is transparent across multiple administrative domains”

“State of the Grid” Authentication:  Digital certificates (X.509-based PKI)  Crosses institutional boundaries Authorisation:  Either simplistic “allow” lists in text files (the grid-mapfile ), or…  Complex, heavyweight, “general purpose” authorisation frameworks (e.g. CAS, VOMS, PERMIS, Shibboleth) Auditing:  Auditing? What auditing?  The “missing link” – Siebenlist, Globus Alliance

Problems for End-Users Digital certificates difficult to obtain and use… so (shock!) users hate them So difficult that users share certificates (and not just within a single institution) Experience so painful some users refuse to use grid technology if it will involve certificates (e.g. BRIDGES project) Most users don’t understand digital certificates, so they behave inappropriately… Multiple copies of certificates (and proxy certificates) scattered across the grid (not always protected)

Problems for Administrators Users’ desperate attempts to cope with certificates mean that soon no one knows who is actually using which certificates and for what… …and when does a certificate get revoked anyway?:  When a user leaves the institution?  When they leave the project?  How does the Certificate Authority know?  Confusion between “identity” and “membership” (  authorisation)

Authorisation Issues Authorisation mechanisms: choice? what choice?…  Either just an “allow” list: Too simplistic  …or complex, heavyweight framework: Difficult to understand, deploy, maintain and administer May require centralised co-ordination or infrastructure  In all cases, dependent on the integrity of the authentication mechanism, so, currently… …“doomed, doomed” …

Auditing Issues Who did what? From where?:  Who: dependent on integrity of authentication mechanism… uh-oh…  What: executable name often “lost in transit” ( data, condor_exec.exe ), and executable normally deleted on job completion… oh, good...  Where: IP address of host submitting job… but job may arrive via a proxy or portal… Anyway, IP addresses can be spoofed…! …And what else should we be recording…? Audit data usually stored locally, so…  Successful attacker can modify it(!)

Why is it like this? Current solutions:  Heavyweight: Difficult to deploy and administer Often require inappropriately centralised infrastructure Complex (so difficult to understand)  Poor Usability: Difficult for end-users to use Difficult to configure and administer  Poor/Inappropriate Design: “One size fails all” Designed to developer’s agenda, not users’

How “The Grid” was designed Grid technology developer: “Here’s a thing I just developed. I’m sure it’ll be useful to you for something or other. Go on, give it a whirl…” Grid infrastructure developer: “OK, I’ll deploy it so that my application developers can use it. Boy, this sure is complicated to deploy… Umm, what did you say it should be used for again?” Grid application developer: “Right, so this is the latest grid technology? Great. I’ll build it into my application… Now my application is five times as large, doesn’t do anything useful and I have a migraine. Why am I doing this?” End-user: “I am confused. Please help.”

Our approach to grid security: raison d’être Grid Security (currently): HEAVYWEIGHT HEAVYWEIGHT + poor usability + inappropriate design = systemic errors Inherently Insecure! Systemic Flaws = Inherently Insecure! QED: we need a new approach to grid security.

User-friendly security… Designed to be “lightweight”:  Easy to deploy and administer  Easy to understand  Restricted to a sensible-sized problem domain User-centred design:  Design for the user, not in spite of them  Understand and satisfy stakeholder requirements  Continuous user involvement  Ongoing usability testing Formal security methods:  Formal analysis and modelling …so we understand what’s going on  Formal security verification …so we know we’ve got it right

…in a grid context Handle local issues locally (“localise, don’t centralise”):  Authentication: authenticate against local authentication service  VO membership: use local identity to determine membership/authorisation (parameterised RBAC?)  Distribute information across resources as necessary Certificates appalling, passwords better:  Use local authentication to obtain or create certificates on behalf of the user to interact with existing grids  User never sees a certificate! Conform to best practice:  Audit data stored remotely  Don’t rely on IP addresses

So who’s exploring this approach? “User-Friendly Authentication and Authorisation for Grid Environments” project:  UCL, Manchester, Cambridge, Newcastle, London South Bank University  Planned start date: October 2006  EPSRC funded For our proposed authentication mechanism (wraps existing GSI mechanism), see: Removing digital certificates from the end-user’s experience of grid environments (2004): Mechanisms for increasing the usability of grid security (2005):

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.