Wuhan University Journal of Natural Sciences

, Volume 11, Issue 6, pp 1805–1808 | Cite as

An improved grid security infrastructure by trusted computing

  • Yan Fei
  • Zhang Huanguo
  • Sun Qi
  • Shen Zhidong
  • Zhang Liqiang
  • Qiang Weizhong
Security of Network and Communication
Received:

Abstract

Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.

Key words

trusted computing grid computing grid security trusted platform module 

CLC number

TP 309 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    Foster I, Kesselman C, Tsudk G,et al. A Security Architecture for Computational Grids [C]//Proc of the Fifth ACM Conference on Computer and Communications Security. Washington: ACM Press, 1998:83–92.Google Scholar
  2. [2]
    Novotny J, Tueke S, Welch V. An Online Credential Repository for the Grid: MyProxy [C]//Proc of the Tenth IEEE International Symposium on High Performance Distributed Computing. New York: IEEE Press, 2001:104–111.Google Scholar
  3. [3]
    Humphrey M, Thompson M, Jackson K R. Security for Grids [J].Proc of the IEEE (Special Issue on Grid Computing), 2005,93(3):644–652.Google Scholar
  4. [4]
    Pearlman L, Welch V, Foster I,et al. A Community Authorization Service for Group Collaboration [C]//Proc of IEEE 3rd Int Workshop on Policies for Distributed Systems and Networks. New York: IEEE Press, 2002:50–59.Google Scholar
  5. [5]
    Trusted Computing Group.TCG Specification, Architecture Overview, Spec Revision 1. 2 [R]. Beaverton, Oregon, USA: TCG, April, 2004.Google Scholar
  6. [6]
    Department of Defense Computer Security Center. DoD 5200. 28-STD.Department of DeFense Trusted Computer System Evaluation Criteria [S/OL]. [2006-01-06].http://www. fas. org/irp/nsa/rainbow.Google Scholar
  7. [7]
    Marchesini J, Smith S W. SHEMP: Secure Hardware Enhanced MyProxy [C]//Proc of Third Annual Conference on Privacy, Security and Trust. The Fairmont Algonquin St Andrews, New Brunswick, Canada, October, 2005.Google Scholar
  8. [8]
    Lorch M, Basney J, Kafura D. A Hardware-Secured Credential Repository for Grid PKIs [C]//Proc of 4th IEEE/ACM International Symposium on Cluster Computing and the Grid. New York: IEEE Press, 2004:640–647.Google Scholar
  9. [9]
    Yan Fei, Qiang Weizhong, Shen Zhidong,et al. Daonity: An Experience on Enhancing Grid Security by Trusted Computing Technology [C]//Proc of 3rd International Conference on Autonomic and Trusted Computing. Wuhan, Hubei, China, September, 2006.Google Scholar
  10. [10]
    Mao W, Daonity Team. Daonity Specification Part I: Design [EB/OL]. [2006-02-27].http://forge. gridforum. org/project/tc-rg.Google Scholar
  11. [11]
    Dyer J, Lindemann M, Perez R,et al. Building the IBM 4758 Secure Coprocessor [J].IEEE Computer, 2001,34 (10):57–66.Google Scholar

Copyright information

© Springer 2006

Authors and Affiliations

  • Yan Fei
    • 1
  • Zhang Huanguo
    • 1
  • Sun Qi
    • 1
  • Shen Zhidong
    • 1
  • Zhang Liqiang
    • 1
  • Qiang Weizhong
    • 2
  1. 1.School of ComputerWuhan UniversityWuhan, HubeiChina
  2. 2.College of Computer Science and TechnologyHuazhong University of Science and TechnologyWuhan, HubeiChina

Personalised recommendations