security in grid computing
DESCRIPTION
Security in Grid Computing. GRID COMPUTING. Three basic approaches for managing code, data and computer resource: 1. Remote Computing: (as provided by CORBA) The code of interest is at a computer-server. - PowerPoint PPT PresentationTRANSCRIPT
2
GRID COMPUTING Three basic approaches for managing
code, data and computer resource: 1. Remote Computing: (as provided by
CORBA) The code of interest is at a computer-server. The user sends his data for processing to the
computer server and gets back the results.
Ref: Ch.16 : “Security, Accounting and Assurance” by Clifford Neuman
3
Three basic approaches: (continued)
2. Code Shipping: (as used in ‘network computers’)
The requesting location gets the code, which is normally located on a server.
The code operates on the local data at the clients environment.
4
The Third approach:
3. Proxy Computing: (as used in Legion and Globus) Both the code and the hardware may
be obtained from other parties. Both the code and data are
transferred to the compute-server and the results are made available to the user.
5
Requirements
Requirements: Validation of
source and code-integrity, the client, the computer server, and, The code provider.
6
Grid SecurityTraditional Security System :
To protect the system, owned by one user, against attempts at unauthorized “entry” from all the other unauthorized users (supposed to be of malicious intent).
GRID Security Systems : To protect application and data from the
owner/administrator of the system and to protect local programs and data on the system on
which another remote user’s process may also be getting executed
Data, Code and resources accepted after proper authentication
Integrity of data and code is required to be verified.
7
Security Requirements1. AUTHENTICATION
Verifying a principal’s claimed identity.Principal:- a user logged on a remote system or
- a local user logged on the server or - the server itself
Two - step process: - User Name - Password (check: - something you know (common)
- Something you have- Something you are- what you do (key-stroke patterns)- where you are )
8
Security Requirements (cont’d)GRID: Mutual authentication required for user and service provider.(The resources and data being provided by a server could be
provided by an attacker.)
Data origin authentication : To determine whether a program was modified or sent by an attacker to compromise the server.
Data origin authentication : does not inform the data was recently sent by the principal.
Delegation of Identity : When an application or a process is authorized to assume the identity of a different principal.
9
Security Requirements : Authorization2. AUTHORIZATION :
Authentication is used for granting authorization.Authorization is based on the successful authentication of a principal and the information available with the server. The information is the
Access Control List for a file/directory/service.Example : - Authorization for accessing a file in a digital library.
- Authorization for reserving bandwidth on a network by using RSVP(Resource Reservation Protocol).
- Authorization to run a task on a given node.Access Control Lists may also contain
- Names of authorized programs- Checksums of authorized programs- Names of principals authorized to invoke the program.
10
Security Requirements : Authorization (cont’d)
Delegation of Authority : by a user or a process authorized to perform an operation to another process.
Delegation of Authority vs Delegation of Identity : DA is more restrictive than DI.
Important for running tasks on remote nodes since the tasks may have to be given the authority to read/write data on entities across the network.
Example : A Resource Manager may allocate a node to a task. It delegates to the task’s initiator the authority to use the node.
11
Security Requirements : Assurance
3. ASSURANCE/Accreditation :
Authorization So that the service provider may decide whether to perform the job of the requester of the service.
AssuranceSo that the requester of the service may decide whether the service provider/node satisfies his needs for security, reliability etc.
Example : If the service provided is a software package : A Resource Manager has to verify assurance credentials of the program before it is run.
12
Security Requirements : Accounting
4. ACCOUNTING :
Grid requires distributed accounting servers and the systems should be scalable beyond organizational boundaries.
Scenario of Excess Processing Power : equitable distribution of load/earnings.
Scenario of Excess Processing Loads : equitable decision about which jobs to run.
cost ?in cash/barter ?
13
Security Requirements : Audit and Integrity & Confidentiality
5. AUDIT :
Audit function records the operations performed by each system on the grid ; the principal for whom the operation was performed etc.This is to analyze failures, security breaches, intrusions.
To detect Network attacks, audit function should be distributed.
Or audit records sent to a central location for each organization. And summary information shared across
network boundaries.
6. Integrity and confidentiality of program and data sent from one node to another.
14
Security Requirements : Comments
Authentication
AuthorizationIntegrity
Are Mandatory
Others may be needed for some applications/ environments.Basically Authentication establishes who you are.
Authorization establishes what you can do.
In Grid applications, the User is also to be protected from Interference by others. The needs of the user would depend upon his application.
15
Technologies :Cryptography
symmetricasymmetric – public/private key system
Comparison : Asymmetric systems require the generation of only one key-pair for every user,
Symmetric system requires the generation of a key for every pair of users.
Thus the number of keys required for a symmetric key system is n(n-1)/2, where is it is 2n for asymmetric case. (for n >= 6, the number of keys for symmetric system is more than that for an asymmetric system.)
16
Cryptographic Systems: Performance
Performance : Asymmetric systems are much slower than the corresponding symmetric systems.
Example (page 402, 1999 book) : RSA, with a common key size of 512 to 1024 bits, may take 100 ms or longer on PC’s.
Problem of Certifying Authority/Trusted Third Party.
17
Technologies:(Cont’d)
Application:Authentication Systems :
-ASSERTION-based :for systems where processors and
their associated software is trusted to identify users to other process.
and where messages are protected from modification by adversaries.
-Password-based : PW cannot be sent on a network.
Use PW as an encryption key
18
Encryption: Applications
Encryption used for - confidentiality of data- integrity of data (message digest/check sum)- authentication
Certification for Authentication : provides the binding between
- an Encryption key and- the authenticated identity
X.509 used by – browsers- commercial e-mail- PK products based electronic payment
systems.
19
Distributed Authorization &
Assurance Hierarchical organization of CA’sCertification is also required for
authenticity of authorization(PRIVILEGE ATTRIBUTE CERT)
authenticity of assurance(CREDENTIALS CERT)
To an authorization for an operation may be added restrictions and conditionalities.
ALTERNATIVE : Authorization information may be provided by an authorization Server directly to the Service Provider.
Integrity of communication between the Authorization Server and the Service Provider?
20
Accounting
BILLING – requires authentication of user. - requires to know the constraints on
authorization for levying charges correctly.
Limits : - Limits on Resource Use by a User- Limits on use of the Resource – set by a Service Provider.
may require co-ordination/some element of centralization even when accounting is distributed.
Intrusion Detection & Audit Systems
22
Current Practices File & e-mail encryption Technologies
Pretty Good Privacy S/MIME
Transport Layer technologies/ Web Access Technologies
Secure Socket Layer Network Encryption Technologies
IP sec used for implementing VPNs can use
Kerberos, public key system or symmetric keys- known to the two hosts
23
Current Security Practices… continued
Authentication Technologies Kerberos PK certificates
Assurance technologies Microsoft Authenticode Proposals :
Mechanism for issuing Credentials Platform for Content Selection (PICS)
Confinement Technologies
24
Distributed Authorization Mechanism
Authorization: group information or authorization to perform certain operations
OSF-DCE(Open Software Foundation’s Distributed Computing
Environment)
Comprehensive frameworks for Authorization have become available;
required to be designed, implemented and tested before rolling out on the grid
25
Distributed Authorization Mechanism …. contd
Authorization information can be sent to the Service Provider –
- directly through restricted Credentials, or
- through adding authorization information to certificates
26
Security at Transport layer
At transport layer, addition of security mechanism can provide Authentication Confidentiality IntegritySecurity can be adapted to the requirements of
communication. Example: for a multi-processor system
communication, no encryption may be required.Authorization can be decided only after
interrogating the application.
27
Distributed Authorization Mechanism …continued
Performance Issues: Authentication may be required only
once. Authorization and delegation of
authorization may be required many times during the execution of a job.
PK based systems, like the certificates, may become a bottleneck.
28
Current Security Practices… continued
IPSec and VPNs
Firewalls: Open channel grid connected to
others through a public network through encrypted message flow
29
Grid Practices1. Grids use technologies similar to the ones
used in PGP. Procedure
Compute a Message Digest function over the message Encrypt the message – Symmetric key Encrypt the message Digest and Symmetric key by
using the public key-system Confidentiality – Use recipient’s public key. Integrity (Digital Signature) – Use Sender’s private key
In PGP, any user can certify another user’scertificate. The verifier decides whether he wouldaccept the certificate or not. Grid: a more formal process
30
Grid Practices … continued2. SSL is normally used in web browsers to authenticate
the server. User: authenticated by password(over a secure
channel) In grid applications, the user certificate can be used to
authenticate user. To improve performance SSL may be permitted to
cache symmetric keys The cached keys: To be used for subsequent
connections between the server and the user for connections between the same entities.
31
Grid Practices … continued
3. Kerberos: Suitable for systems which require frequent authentication
Better performance than that of systems based on public-key cryptography
Can be integrated easily with ‘Intrusion Detection and Authorization systems.
(due to its centralized nature)
PKINIT extension to Kerberos