Advertisement

A Security Auditing Approach Based on Mobile Agent in Grid Environments

  • Zhenghong Xiao
  • Changqin Huang
  • Fuyin Xu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3984)

Abstract

Due to the dynamic and multi-institutional nature, auditing is fundamental and difficult to solve in grid computing. In this paper, we identify security-auditing requirements, and propose a Cross-Domain Security Auditing (CDSA) architecture, in which mobile agent is applied to help gathering security information in the grid environment. Whilst a new authorization mechanism is presented to improve the performance by changing the traditional manner "route once, switch many" over the network into the "audit once, authorize many" in the Grid, and a multi-value trust relationship model is constructed in order to carry out the dynamic auditing. The system enforces these mechanisms to enable cross-domain security in the aid of special services based on Globus Toolkit version 3.0 and IBM Aglet.

Keywords

Mobile Agent Trust Relationship Grid Resource Grid Environment Virtual Organization 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Welch, V., Siebenlist, F., Foster, I., et al.: Security for Grid Services. In: Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing (HPDC 2003), pp. 48–57 (2003)Google Scholar
  2. 2.
    GGF SAAAR RG: Grid Authentication Authorization and Accounting Requirements Draft 5. At current (2006), https://forge.gridforum.org/projects/saaa-rg/document/draft-ggf-saaar-reqs-5.txt/en/1
  3. 3.
    Thompson, M., Olson, D., Cowles, R., et al.: CA-Based Trust Model for Grid Authentication and Identity Delegation. In: Proceedings of Grid Certificate Policy Working Group (2002)Google Scholar
  4. 4.
    Mendes, S., Huitema, C.: A New Approach to The X.509 Framework: Allowing A Global Authentication Infrastructure Without A Global Trust Model. In: Proceedings of NDSS 1995, pp. 172–190 (1995)Google Scholar
  5. 5.
    Ellison, C., Frantz, B., Lampson, B., et al. (eds.): SPKI Certificate Theory, Internet Request for Comments, p. 2693 (1999)Google Scholar
  6. 6.
    Li, T.-Y., Zhu, H., Lam, K.-Y.: A novel two-level trust model for grid. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 214–225. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Azzedin, F., Maheswaran, M.: Evolving and Managing Trust in Grid Computing Systems. In: Canadian Conference on Electrical and Computer Engineering, Proceedings of IEEE CCECE 2002, pp. 1424–1429 (2002)Google Scholar
  8. 8.
    Foster, I., Kessslman, C., Nick, J., et al.: The Physiology of the Grid: An Open Grid Services Architecture for Distributed System Integration. Global Grid Forum (2002), http://www.nesc.ac.uk/talks/ggf5_hpdcll/physio_o_grid220702.pdf
  9. 9.
    Raghnnathan, S., Mikler, A., Cozzolino, C.: Secure Agent Computation: X.509 Proxy Certificates in a Multi-lingual Agent Framework. The Journal of Systems and Software 75(1-2), 125–137 (2005)CrossRefGoogle Scholar
  10. 10.
    Gou, X.T., Jin, W.D., Zhang, G.X.: Multi-agent Based Security Auditing System of Broadband MAN. In: Proceedings of the 2004 International Conference On Intelligent Mechatronics and Automation, pp. 939–944 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Zhenghong Xiao
    • 1
  • Changqin Huang
    • 2
  • Fuyin Xu
    • 2
  1. 1.Department of Computer Science and TechnologyHunan University of Arts and ScienceChangedeP.R. China
  2. 2.Department of Computer Sciences and TechnologySouth China Normal UniversityGuangzhouP.R. China

Personalised recommendations