Presentation is loading. Please wait.

Presentation is loading. Please wait.

Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.

Similar presentations


Presentation on theme: "Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics."— Presentation transcript:

1 Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics

2 Military Technical Academy Bucharest, 2006 Introductionto Grid Security

3 Military Technical Academy Bucharest, 2006 The users of the Grid can be organized dynamically into a number of Virtual Organizations (VOs), consisting of resources, services, and people collaborating across institutional, geographical, and political boundaries, each with different Policy Requirements.

4 Military Technical Academy Bucharest, 2006 This sharing is, necessarily, highly protected, with resource providers and consumers defining clearly and carefully  what is shared,  who is allowed to share,  the conditions under which sharing occurs.

5 Military Technical Academy Bucharest, 2006 Security Models

6 Military Technical Academy Bucharest, 2006 In order to achieve this goal in a trustworthy manner, two common solutions were identified, and two basic concepts & models were defined: “Virtual Organisations (VO)” Model“Virtual Organisations (VO)” Model “Federated Trust” Model“Federated Trust” Model In practice it is often hard to distinguish the boundaries between the VO Model and the Federated Trust Model.

7 Military Technical Academy Bucharest, 2006  The trust anchors in the VO Model are: the Certification Authorities (which govern the authentication infrastructure) andthe Certification Authorities (which govern the authentication infrastructure) and the VOs themselves (who self-govern the use of the resources that have been made available to them)the VOs themselves (who self-govern the use of the resources that have been made available to them)  The trust anchors in the Federated Trust Model are: the organisations themselvesthe organisations themselves The Federated Trust Model typically materialises as a more formal collaboration than that of Virtual Organizations. Here, an enumerable set of organisations join and agree on common policies and processes.

8 Military Technical Academy Bucharest, 2006 We further chose the VO Trust Model, this offering the most appropriate features for the Grid infrastructure according to the real-life requirements. Besides the trust model, Grid computing has traditionally honored a golden rule of thumb: “Always retain local control” – for example, any locally defined access control policy takes precedence over any “external” or centralised policy.

9 Military Technical Academy Bucharest, 2006 VO Trust Model

10 Military Technical Academy Bucharest, 2006 Security tools are concerned with:  establishing the identity of users or services (authentication),  protecting communications, and  determining who is allowed to perform what actions (authorization), as well as with supporting functions such as:  managing user credentials, and  maintaining group membership information.

11 Military Technical Academy Bucharest, 2006 Grid computing research has produced security technologies based not on direct inter-organizational trust relationships but rather on the use of the VO (Virtual Organisation) as a bridge among the entities participating in a particular community or function. VO (Virtual Organisation) = BRIDGE

12 Military Technical Academy Bucharest, 2006 Grid Solution: Use Virtual Organization as Bridge

13 Military Technical Academy Bucharest, 2006 Grid Security Challenges are driven by the need to support scalable, dynamic, distributed virtual organizations (VOs) – collections of diverse and distributed individuals that seek to share and use diverse resources in a coordinated fashion. We cannot, in general, assume trust relationships between the classical organization andthe classical organization and the VO or its external members.the VO or its external members.

14 Military Technical Academy Bucharest, 2006 Grid security mechanisms address these challenges by allowing a VO to be treated as a policy domain overlay VO = POLICY DOMAIN OVERLAY

15 Military Technical Academy Bucharest, 2006 Complicating Grid security is the fact that new services (i.e., resources) may be deployed and instantiated DYNAMICALLY over a VO’s lifetime

16 Military Technical Academy Bucharest, 2006 Dynamic creation of services

17 Military Technical Academy Bucharest, 2006 Dynamic creation of services – Users must be able to create new services (e.g., “resources”) dynamically, without administrator intervention. These services must be coordinated and must interact securely with other services. => We must be able to DINAMICALLY name the service with an assertable identity and to grant rights to that identity without contradicting the governing local policy.

18 Military Technical Academy Bucharest, 2006 Dynamic establishment of Trust Domains

19 Military Technical Academy Bucharest, 2006 Dynamic establishment of trust domains – In order to coordinate resources, => VOs need to establish trust : among users and resources in the VO, and alsoamong users and resources in the VO, and also among the VO’s resources, so that they can be coordinated.among the VO’s resources, so that they can be coordinated. These trust domains These trust domains can span multiple organizations, andcan span multiple organizations, and must adapt dynamically as participantsmust adapt dynamically as participants  join,  are created, or  leave the VO

20 Military Technical Academy Bucharest, 2006 Overview of the Security Architecture services

21 Military Technical Academy Bucharest, 2006 Overview of the components in the security architecture and their interactions: (typical request flow)

22 Military Technical Academy Bucharest, 2006 Logging and Auditing Ensures:  monitoring of system activities, and  accountability in case of a security event

23 Military Technical Academy Bucharest, 2006 Authentication  Credential storage ensures proper security of (user-held) credentials  Proxy certificates enable single sign-on  TLS, GSI, WS-Security and possibly other X.509 based transport or message-level security protocols ensure integrity, authenticity and (optionally) confidentiality  EU GridPMA establishes a common set of trust anchor for the authentication infrastructure  Pseudonymity services addresses anonymity and privacy concerns

24 Military Technical Academy Bucharest, 2006 Authorization  Attribute authorities enable VO managed access control  Policy assertion services enable the consolidation and central administration of common policy  Authorization framework enables for local collection, arbitration, customisation and reasoning of policies from different administrative domains, as well as integration with service containers and legacy services

25 Military Technical Academy Bucharest, 2006 Delegation Allows for an entity (user or resource) to empower another entity (local or remote) with the necessary permissions => to act on its behalf

26 Military Technical Academy Bucharest, 2006 Data key management Enables long-term distributed storage of data for applications with privacy or confidentiality concerns

27 Military Technical Academy Bucharest, 2006 Site proxy Enables applications to communicate despite heterogenous and non-transparent network access

28 Military Technical Academy Bucharest, 2006 Sandboxing Isolates a resource from the local site infrastructure hosting the resource, mitigating attacks and malicious/wrongful use In case of SCAVENGE existing desktops, a protective “SANDBOX” should be implemented on the Grid member-machines, so that: It cannot cause any disruption to the donating machine if it encounters a problem during execution.It cannot cause any disruption to the donating machine if it encounters a problem during execution. Rights to access files and other resources on the grid machine from inside the Grid may be restricted.Rights to access files and other resources on the grid machine from inside the Grid may be restricted. => The protection is ensured BOTH for the donating machine and for the Grid system (2-ways protection)

29 Military Technical Academy Bucharest, 2006 GSI Conceptual Details:  Public Key Cryptography  Digital Signatures  Certificates  Mutual Authentication  Confidential Communication  Securing Private Keys  Delegation and Single Sign-On

30 Military Technical Academy Bucharest, 2006  The Grid Security Infrastructure (GSI) provides security mechanisms i.e. authentication and communication over an open network.  GSI supports a number of features that a Grid user requires Authenticate using a single sign-on mechanismAuthenticate using a single sign-on mechanism Delegation (through proxies)Delegation (through proxies) Integration with local security systemsIntegration with local security systems Trust-based relationships, using Certificate Authority (CA)Trust-based relationships, using Certificate Authority (CA)  GSI is based on public-key encryption (using X.509 certificates) and SSL  The GSI implementation in Globus adheres to the IETF GSS-API standard

31 Military Technical Academy Bucharest, 2006 CONCLUSION:  GSI Key features: Authenticate using a single sign-on mechanismAuthenticate using a single sign-on mechanism Delegation (through proxies - my_proxy)Delegation (through proxies - my_proxy) Trust-based relationships, using Certificate Authority (CA)Trust-based relationships, using Certificate Authority (CA)  GSI is based on public-key encryption (using X.509 certificates) and SSL


Download ppt "Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics."

Similar presentations


Ads by Google