Improving Grid Services Security with Fine Grain Policies

  • Fabrizio Baiardi
  • Fabio Martinelli
  • Paolo Mori
  • Anna Vaccarelli
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3292)


Grid computing is a continuously growing research field that concerns the implementation of a large scale resource sharing among different kind of institutions over the Internet. The sharing of resources among untrusted entities poses non trivial security problems. This paper proposes an approach to improve the security of computational services in the grid environment. For each grid service, this approach defines a fine grain security policy, that details the operations that are allowed on this service. This policy determines the secure environment where the grid job is executed.


Security Policy System Call Grid Environment Computational Service Grid Service 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alpern, B., Attanasio, C.R., Barton, J.J., et al.: The jalapeño virtual machine. IBM System Journal 39(1) (2000)Google Scholar
  2. 2.
    Anderson, A.: Java access control mechanisms. Technical report, Sun Microsystems (2002)Google Scholar
  3. 3.
    Baker, M., Buyya, R., Laforenza, D.: Grids and grid technologies for wide-area distributed computing. International Journal of Software: Practice and Experience (SPE) 32(15), 1437–1466 (2002)MATHCrossRefGoogle Scholar
  4. 4.
    Chapin, S.J., Katramatos, D., Karpovich, J., Grimshaw, A.: Resource management in Legion. Future Generation Computer Systems 15(5-6), 583–594 (1999)CrossRefGoogle Scholar
  5. 5.
    Chrinstense, E., Curbera, F., Meredith, G., Weerawarana, S.: Web service description language. W3C (2001)Google Scholar
  6. 6.
    Czajkowski, K., Foster, I., Karonis, N., Kesselman, C., Martin, S., Smith, W., Tuecke, S.: A resource management architecture for metacomputing systems. In: Feitelson, D.G., Rudolph, L. (eds.) IPPS-WS 1998, SPDP-WS 1998, and JSSPP 1998. LNCS, vol. 1459, pp. 62–92. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Foster, I., Kesselman, C.: The globus project: A status report. In: Proc. of IPPS/SPDP 1998 Heterogeneous Computing Workshop, pp. 4–18 (1998)Google Scholar
  8. 8.
    Foster, I., Kesselman, C., Nick, J.M., Tuecke, S.: Grid services for distributed system integration. IEEE Computer 35(6), 37–46 (2002)Google Scholar
  9. 9.
    Foster, I., Kesselman, C., Nick, J.M., Tuecke, S.: The physiology of the grid: An open grid service architecture for distributed system integration. Globus Project (2002),
  10. 10.
    Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: Proc. 5th ACM Conference on Computer and Communications Security Conference, pp. 83–92 (1998)Google Scholar
  11. 11.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. International Journal of Supercomputer Applications 15(3), 200–222 (2001)CrossRefGoogle Scholar
  12. 12.
    Gong, L.: Inside Java2 Platform Security, 2nd edn. Addison-Wesley, Reading (1999)Google Scholar
  13. 13.
    Gray, P.A., Sunderam, V.S.: Icet: Distributed computing and java. Concurrency: Practice and Experience 9(11), 1139–1160 (1997)CrossRefGoogle Scholar
  14. 14.
    Gosling, J., Joy, B., Steele, G., Bracha, G.: The Java Language Specification. Sun Microsystems (2000)Google Scholar
  15. 15.
    Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Sun Microsystems (1999)Google Scholar
  16. 16.
    Nagaratnam, N., Janson, P., Dayka, J., Siebenlist, F., Welch, V., Tuecke, S., Foster, I.: Security architecture for open grid service. Global Grid Forum Recommendation Draft (2004)Google Scholar
  17. 17.
    Neary, M.O., Christiansen, B., Cappello, P., Schauser, K.E.: Javelin: Parallel computing on the internet. Future Generation Comp. Systems 15, 659–674 (1999)CrossRefGoogle Scholar
  18. 18.
    Sarmenta, L.F.G., Hirano, S.: Bayanihan: building and studying Web-based volunteer computing systems using Java. Future Generation Computer Systems 15(5-6), 675–686 (1999)CrossRefGoogle Scholar
  19. 19.
    Tuecke, S., Czajkowski, K., Foster, I., Frey, J., Graham, S., Kesselman, C.: Grid service specification. Global Grid Forum Recommendation Draft (2002)Google Scholar
  20. 20.
    Vahdat, A., Anderson, T., Dahlin, M., Belani, E., Culler, D., Eastham, P., Yoshikawa, C.: WebOS: Operating system services for wide area applications. In: Proc. of the Seventh Symp. on High Performance Distributed Computing (1998)Google Scholar
  21. 21.
    Welch, V., Siebenlist, F., Czajkowski, K., Gawor, J., Pearlman, L., Foster, I., Bresnahan, J., Kesselman, C., Metier, S., Tuecke, S.: Security for grid services. In: 12th IEEE International Symp. on High Performance Distributed Computing (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Fabrizio Baiardi
    • 1
  • Fabio Martinelli
    • 2
  • Paolo Mori
    • 2
  • Anna Vaccarelli
    • 2
  1. 1.Dipartimento di InformaticaUniversità di PisaPisa
  2. 2.Istituto di Informatica e TelematicaCNR PisaPisa

Personalised recommendations