Advertisement

Cluster Computing

, Volume 5, Issue 3, pp 257–264 | Cite as

Security Implications of Typical Grid Computing Usage Scenarios

  • Marty Humphrey
  • Mary R. Thompson
Article

Abstract

Grid Computing consists of a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios is presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions is to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios is to increase the awareness of security issues in Grid Computing.

Grid Computing computer security usage scenarios Global Grid Forum Globus Legion 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    S. Chapin, D. Katramatos, J. Karpovich and A. Grimshaw, Resource management in Legion, Future Generation Computer Systems 15(5-6) (1999) 583–594.Google Scholar
  2. [2]
    K. Czajkowski, S. Fitzgerald, I. Foster and C. Kesselman, Grid information services for distributed resource, in: Proc. of the 10th IEEE International Symposium on High-Performance Distributed Computing (HPDC-10) (IEEE Press, August 2001).Google Scholar
  3. [3]
    Department of Energy Science Grid, http://www.itg.lbl.gov/GridGoogle Scholar
  4. [4]
    T. Dierks and C. Allen, The TLS Protocol - Version 1.0. IETF RFC 2246 (January 1999) work-in-progress.Google Scholar
  5. [5]
    European EGrid, http://www.egrid.orgGoogle Scholar
  6. [6]
    S. Farrell, J. Vollbrecht, P. Calhoun, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M. Holdrege and D. Spence, AAA Authorization Requirements, RFC 2906, Informational, August 2000, work-inprogress.Google Scholar
  7. [7]
    A. Ferrari, F. Knabe, M. Humphrey, S. Chapin and A. Grimshaw, A flexible security system for metacomputing environments, in: Proc. High Performance Computing and Networking Europe 1999, Amsterdam, April 1999.Google Scholar
  8. [8]
    I. Foster and C. Kesselman, Globus: A metacomputing infrastructure toolkit, International Journal of Supercomputer Applications 11(2) (1997) 115–128.Google Scholar
  9. [9]
    I. Foster, C. Kesselman, G. Tsudik and S. Tuecke, A security architecture for computational Grids, in: Proc. 5th ACM Conference on Computer and Communications Security Conference (1998) pp. 83-92.Google Scholar
  10. [10]
    Global Grid Forum, http://www.gridforum.org/Google Scholar
  11. [11]
    A. Grimshaw, W.A. Wulf et al., The Legion vision of a worldwide virtual machine, Communications of the ACM 40(1) (1997) 39–45.Google Scholar
  12. [12]
    High Energy Physics Data Grid, http://les.home.cern.ch/les/grid/ welcome.htmlGoogle Scholar
  13. [13]
    M. Humphrey and M. Thompson, Security implications of typical grid computing usage scenarios, Informational Draft (October 2000), http://www.gridforum.org/security/drafts/draft-gridforumsecurity-implications-01.pdf.Google Scholar
  14. [14]
    M. Humphrey and M. Thompson, Security implications of typical grid computing usage scenarios, in: Proc. of the 10th International Symposium on High Performance Distributed Computing (HPDC), San Francisco, CA (7-9 August 2001).Google Scholar
  15. [15]
    W.E. Johnston, K. Jackson and S. Talwar, Security Considerations for Computational and Data Grids, in: Proc. of the 10th IEEE Symposium on High Performance Distributed Computing, August 2001.Google Scholar
  16. [16]
    NASA's Information Power Grid, http://www.ipg.nasa.gov/Google Scholar
  17. [17]
    B.C. Neuman and T. Ts'o. Kerberos: An authentication service for computer networks, IEEE Communications Magazine 32(9) (1994) 33–38.Google Scholar
  18. [18]
    C.M. Pancerell, L.A. Rahn and C.L. Yang, The Diesel combustion collaboratory: Combustion researchers collaborating over the Internet, in: Proc. of SC 99, Portland, OR (13-19 November 1999).Google Scholar
  19. [19]
    G. Stoker, B. White, E. Stackpole, T.J. Highley and M. Humphrey, Toward realizable restricted delegation in Computational Grids, in: Proc. of the International Conference on High Performance Computing and Networking Europe (HPCN Europe 2001), Amsterdam, Netherlands (June 2001).Google Scholar
  20. [20]
    J. Vollbrecht, P. Calhoun, S. Farrell, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M. Holdrege and D. Spence, AAA Authorization Application Examples, RFC 2905, Informational (August 2000) workin-progress.Google Scholar

Copyright information

© Kluwer Academic Publishers 2002

Authors and Affiliations

  • Marty Humphrey
    • 1
  • Mary R. Thompson
    • 2
  1. 1.Computer Science DepartmentUniversity of VirginiaCharlottesvilleUSA
  2. 2.Distributed Security Research GroupLawrence Berkeley National LaboratoryBerkeleyUSA

Personalised recommendations