Advanced Vulnerability Assessment Tool for Distributed Systems
Large-scale high performance systems have significant amount of processing power. One example of such system is the HP-SEE’s HPC and supercomputing infrastructures, which is geologically distributed, and provides 24/7, high performance/high throughput computing services primarily for high-end research communities. Due to the direct impact on research and indirectly on economy such systems can be categorized as critical infrastructure. System features (like non-stop availability, geographically distributed and community based usage) make such infrastructure vulnerable and valuable targets of malicious attacks. In order to decrease the threat, we designed the Advanced Vulnerability Assessment Tool (AVAT) suitable for HPC/supercomputing systems. Our developed solution can submit vulnerability assessment jobs into the HP-SEE infrastructure and run vulnerability assessment on the infrastructure components. It collects assessment information by the decentralized Security Monitor and archives the results received from the components and visualize them via a web interface for the local/regional administrators. In this paper we present our Advanced Vulnerability Assessment Tool, we describe its functionalities and provide its monitoring test results captured in real systems.
Keywordsdistributed computing HPC security vulnerability assessment HP-SEE supercomputing infrastructure
Unable to display preview. Download preview PDF.
- 1.The SEE-GRID-SCI website (2012), http://www.see-grid-sci.eu/
- 2.Kozlovszky, M., Windisch, G., Balasko, A.: Short fragment sequence alignment on the HP-SEE infrastructure. In: MIPRO, 2012 Proceedings of the 35th International Convention, May 21-25, pp. 442–445 (2012)Google Scholar
- 3.Martin, R.A.: Managing Vulnerabilities in Networked Systems. IEEE Computer Society Computer Magazine, 32–38 (2001), http://cve.mitre.org/
- 4.Mell, P., Scarfone, K., Romanosky, S.: A complete guide to the common vulnerability scoring system, version 2.0. Forum of Incident Response and Security Teams (June 2007)Google Scholar
- 5.Balaz, A., Prnjat, O., Vudragovic, D., Slavniv, V., Liabotis, I., Atanassov, E., Jakimovski, B., Savic, M.: Development of Grid e-Infrastructure in South-Eastern Europe. J. Grid. Comput. (9), 135–154 (2011)Google Scholar
- 6.The Pakiti website (2012), http://pakiti.sourceforge.net/
- 7.Acs, S., Kozlovszky, M., Balaton, Z.: Automation of security analysis for service grid systems. In: PARENG 2009, The First International Conference on Parallel, Distributed and Grid Computing for Engineering, Pcs, Hungary (2009)Google Scholar
- 8.The Qualys website (2012), http://www.qualys.com/
- 9.The OpenVAS website (2012), http://www.openvas.org
- 10.The ARC website (2012), http://www.nordugrid.org/arc/
- 11.The gLite website (2012), http://glite.web.cern.ch/glite/