GRID COMPUTINGGrid Security
Sandeep Kumar PooniaHead of Dept. CS/IT, Jagan Nath University, Jaipur
B.E., M. Tech., UGC-NET
LM-IAENG, LM-IACSIT,LM-CSTA, LM-AIRCC, LM-SCIEI, AM-UACEE
10/27/2013 1Sandeep Kumar Poonia
10/27/2013 Sandeep Kumar Poonia 2
The three classic security concerns of information
security deal principally with data, and are:
1. Confidentiality: Data is only available to those
who are authorized;
2. Integrity: Data is not changed except by
controlled processes;
3. Availability: Data is available when required.
10/27/2013 Sandeep Kumar Poonia 3
Additional concerns deal more with people and their
actions:
1. Authentication: Ensuring that users are who they say
they are;
2. Authorization: Making a decision about who may
access data or a service;
3. Assurance: Being confident that the security system
functions correctly;
4. Non-repudiation: Ensuring that a user cannot deny
an action;
5. Auditability: Tracking what a user did to data or a
service.
10/27/2013 Sandeep Kumar Poonia 4
Other security concerns relate to:
1. Trust: People can justifiably rely on computer-
based systems to perform critical functions
securely, and on systems to process, store and
communicate sensitive information securely;
2. Reliability: The system does what you want, when
you want it to;
3. Privacy: Within certain limits, no one should know
who you are or what you do.
10/27/2013 Sandeep Kumar Poonia 5
CRYPTOGRAPHY
can be used to address four goals:
1. Message confidentiality: Only an authorized
recipient is able to extract the contents of a
message from its encrypted form;
2. Message integrity: The recipient should be able to
determine if the message has been altered during
transmission;
3. Sender authentication: The recipient can identify
the sender, and verify that the purported sender
did send the message;
4. Sender non-repudiation: The sender cannot deny
sending the message.
• Authentication solution for verifying identities
among a user, the processes, and the resources
during the computation
• Support for Local Heterogeneity– Various authentication/authorization mechanism, polices
• Several Constraints to meet– Single sign-on & delegation
– Protection of Credentials
– Interoperability with local security solutions: Inter-domain
access mechanism
– Uniform certification infrastructure
– Support for secure group communication
– Support for multiple implementations
Security Requirements
Security Requirements -Delegation
• The context initiator gives the context acceptor
the ability to initiate additional security contexts
as an agent of the context initiator – Remote creation of a proxy credential
– Allows remote process to authenticate on behalf of the user
• Delegation in Globus– New key pair generated remotely on server
– Proxy certificate and public key sent to client
– Clients signs proxy certificate with its private key and returns it
– Server puts proxy in /tmp
Terminology
Authentication
Authorization
Integrity and Confidentiality
Security Policy
– A set of rules that define the security subjects, security objects, and relationships(security operations) among them.
CA(Certificate Authority)– The third party that does certification(the binding) and issuing
certificate
Trust Domain – A logical, administrative structure where a single, consistent local
security policy holds
Security Policy in Grid
Multiple trust domains
– Inter-domain interactions + mapping of inter-domain operations into local security policy
Operations within a single trust domain are subject to local security policy only
Mapping from global subjects to local subjects
– Authenticated global subject is considered authenticated locally
Mutual authentication between entities in different trust domains
Local access control decisions by local system administrators
The execution of programs without additional user interaction during the computation
Processes running on behalf of the same subject within the same trust domain may share a single set of credentials
Globus Overview• Globus (Argonne National Lab)
– software toolkit that makes it easier to build
computational grids and grid-based applications
–Protocols and APIs
– Resource Management (GRAM)
– Information Service (MDS)
– Data Transfer (GridFTP)
– Security (GSI)
PKI
(CAs and
Certificates)
SSL /
TTL
Proxies and Delegration
Proxies and delegation
for secure single sign-on
for Authentication
and message protection
(Secured connection)
Certificate & CA
Certificate
Subject Name
Public Key
CA Name
Signature of CA
• A X.509 certificate binds a public key to a name
• Used to identify and authenticate the user or service
• By checking the signature, one can determine that
a public key
belongs to a given user
• The CA signs its own certificate
• distributed across the network
Subject Name : CA
CA’s Public Key
Signature of CA
CA Name : CA
CA’s CertificateUser Certificate
Issued by CA
Mutual Authentication(How to identify each other ?)
CA
Certificate
A
User A
CB
Certificate
B
User B
① Connection established
② A sends B its certificate
③ 1) check validity of CA
based on digital signature of CA
2) extract the public key of A
④ B sends A a plaintext
⑤ A encrypt the plaintext using CA
and sends it to B
⑥ B decrypt the encrypted message
If this matches with the original message,
B can trust A now
Site B(Unix)
Site A(Kerberos)
Site C(Kerberos)
Computer
User
Single sign-on via “grid-id”& generation of proxy cred.
Or: retrieval of proxy cred.from online repository
User Proxy
Proxycredential
Computer
Storagesystem
Communication*
GSI-enabledFTP server
AuthorizeMap to local idAccess file
Remote fileaccess request*
GSI-enabledGRAM server
GSI-enabledGRAM server
Remote processcreation requests*
* With mutual authentication
Process
Kerberosticket
Restrictedproxy
Process
Restrictedproxy
Local idLocal id
AuthorizeMap to local idCreate processGenerate credentials
Ditto
GSI in Action“Create Processes at A and B that
Communicate & Access Files at C”
User Proxy Creation
User Proxy
C’UP
CU
CUP CUP = Sign(U) { C’UP , Start-Time, End-Time}
② Temporary Credential created
③ User Proxy Credential is created
④ A User Proxy is created
① The User gains access to the computer
CUP
The User
Resource Allocation
CUP
Sign(UP) { Allocation Specification }
② 1) Authentication(validate UP
& check the expiration)
2) Authorization by local policy
(may need mapping between
Globus users credential
and local user ID
or maynot)
3) Allocate Resource
③ PROCESS-HANDLE returned
CRM
User Proxy Resource Manager
Process
Manager
Mutual Authentication
based on CUP and CRM
① The UP request Resource Allocation
PROCESS-HANDLE = Sign(RM) { host-identifier, process-identifier}
Resource
Process to Process Authentication
CUP
Sign(PM) { C’P : Process-Credential }
② C’P Passed to PM
③ Process Credential
Request
CPM
User Proxy
Process
Manager
① Temporal Process
Credential created
CP = Sign(UP) {C’P}
Resource
ProcessC’
P
④ 1) examine the request
2) generate CP and return
it to PM
CP
⑤ CP Passed
to the Process
CP
Resource Allocation request from a Process
CUP
Sign(P) { Operation, Operation Arguments }
② 1) authenticate the request
2) executes the request
③ return the result
User Proxy
① The process issues
a request for the resource B
Resource
Process
CP
Resource B
Process
CP
CPM
Process
Manager
Sign(UP) { Execution-Result }
Mapping between Globus Subject
& Resource Subject (1)
Globus
Subject
Resource
Subject
Global NameLocal Name
for local access to some resource
CUP CP
Using Grid Map table
Mapping
User ID
Password
Globus Credential Resource Credential