GRID COMPUTINGGrid Security

Sandeep Kumar PooniaHead of Dept. CS/IT, Jagan Nath University, Jaipur

B.E., M. Tech., UGC-NET

LM-IAENG, LM-IACSIT,LM-CSTA, LM-AIRCC, LM-SCIEI, AM-UACEE

10/27/2013 1Sandeep Kumar Poonia

10/27/2013 Sandeep Kumar Poonia 2

The three classic security concerns of information

security deal principally with data, and are:

1. Confidentiality: Data is only available to those

who are authorized;

2. Integrity: Data is not changed except by

controlled processes;

3. Availability: Data is available when required.

10/27/2013 Sandeep Kumar Poonia 3

Additional concerns deal more with people and their

actions:

1. Authentication: Ensuring that users are who they say

they are;

2. Authorization: Making a decision about who may

access data or a service;

3. Assurance: Being confident that the security system

functions correctly;

4. Non-repudiation: Ensuring that a user cannot deny

an action;

5. Auditability: Tracking what a user did to data or a

service.

10/27/2013 Sandeep Kumar Poonia 4

Other security concerns relate to:

1. Trust: People can justifiably rely on computer-

based systems to perform critical functions

securely, and on systems to process, store and

communicate sensitive information securely;

2. Reliability: The system does what you want, when

you want it to;

3. Privacy: Within certain limits, no one should know

who you are or what you do.

10/27/2013 Sandeep Kumar Poonia 5

CRYPTOGRAPHY

can be used to address four goals:

1. Message confidentiality: Only an authorized

recipient is able to extract the contents of a

message from its encrypted form;

2. Message integrity: The recipient should be able to

determine if the message has been altered during

transmission;

3. Sender authentication: The recipient can identify

the sender, and verify that the purported sender

did send the message;

4. Sender non-repudiation: The sender cannot deny

sending the message.

• Authentication solution for verifying identities

among a user, the processes, and the resources

during the computation

• Support for Local Heterogeneity– Various authentication/authorization mechanism, polices

• Several Constraints to meet– Single sign-on & delegation

– Protection of Credentials

– Interoperability with local security solutions: Inter-domain

access mechanism

– Uniform certification infrastructure

– Support for secure group communication

– Support for multiple implementations

Security Requirements

Security Requirements -Delegation

• The context initiator gives the context acceptor

the ability to initiate additional security contexts

as an agent of the context initiator – Remote creation of a proxy credential

– Allows remote process to authenticate on behalf of the user

• Delegation in Globus– New key pair generated remotely on server

– Proxy certificate and public key sent to client

– Clients signs proxy certificate with its private key and returns it

– Server puts proxy in /tmp

Terminology

Authentication

Authorization

Integrity and Confidentiality

Security Policy

– A set of rules that define the security subjects, security objects, and relationships(security operations) among them.

CA(Certificate Authority)– The third party that does certification(the binding) and issuing

certificate

Trust Domain – A logical, administrative structure where a single, consistent local

security policy holds

Security Policy in Grid

Multiple trust domains

– Inter-domain interactions + mapping of inter-domain operations into local security policy

Operations within a single trust domain are subject to local security policy only

Mapping from global subjects to local subjects

– Authenticated global subject is considered authenticated locally

Mutual authentication between entities in different trust domains

Local access control decisions by local system administrators

The execution of programs without additional user interaction during the computation

Processes running on behalf of the same subject within the same trust domain may share a single set of credentials

Globus Overview• Globus (Argonne National Lab)

– software toolkit that makes it easier to build

computational grids and grid-based applications

–Protocols and APIs

– Resource Management (GRAM)

– Information Service (MDS)

– Data Transfer (GridFTP)

– Security (GSI)

PKI

(CAs and

Certificates)

SSL /

TTL

Proxies and Delegration

Proxies and delegation

for secure single sign-on

for Authentication

and message protection

(Secured connection)

Certificate & CA

Certificate

Subject Name

Public Key

CA Name

Signature of CA

• A X.509 certificate binds a public key to a name

• Used to identify and authenticate the user or service

• By checking the signature, one can determine that

a public key

belongs to a given user

• The CA signs its own certificate

• distributed across the network

Subject Name : CA

CA’s Public Key

Signature of CA

CA Name : CA

CA’s CertificateUser Certificate

Issued by CA

Mutual Authentication(How to identify each other ?)

CA

Certificate

A

User A

CB

Certificate

B

User B

① Connection established

② A sends B its certificate

③ 1) check validity of CA

based on digital signature of CA

2) extract the public key of A

④ B sends A a plaintext

⑤ A encrypt the plaintext using CA

and sends it to B

⑥ B decrypt the encrypted message

If this matches with the original message,

B can trust A now

Site B(Unix)

Site A(Kerberos)

Site C(Kerberos)

Computer

User

Single sign-on via “grid-id”& generation of proxy cred.

Or: retrieval of proxy cred.from online repository

User Proxy

Proxycredential

Computer

Storagesystem

Communication*

GSI-enabledFTP server

AuthorizeMap to local idAccess file

Remote fileaccess request*

GSI-enabledGRAM server

GSI-enabledGRAM server

Remote processcreation requests*

* With mutual authentication

Process

Kerberosticket

Restrictedproxy

Process

Restrictedproxy

Local idLocal id

AuthorizeMap to local idCreate processGenerate credentials

Ditto

GSI in Action“Create Processes at A and B that

Communicate & Access Files at C”

User Proxy Creation

User Proxy

C’UP

CU

CUP CUP = Sign(U) { C’UP , Start-Time, End-Time}

② Temporary Credential created

③ User Proxy Credential is created

④ A User Proxy is created

① The User gains access to the computer

CUP

The User

Resource Allocation

CUP

Sign(UP) { Allocation Specification }

② 1) Authentication(validate UP

& check the expiration)

2) Authorization by local policy

(may need mapping between

Globus users credential

and local user ID

or maynot)

3) Allocate Resource

③ PROCESS-HANDLE returned

CRM

User Proxy Resource Manager

Process

Manager

Mutual Authentication

based on CUP and CRM

① The UP request Resource Allocation

PROCESS-HANDLE = Sign(RM) { host-identifier, process-identifier}

Resource

Process to Process Authentication

CUP

Sign(PM) { C’P : Process-Credential }

② C’P Passed to PM

③ Process Credential

Request

CPM

User Proxy

Process

Manager

① Temporal Process

Credential created

CP = Sign(UP) {C’P}

Resource

ProcessC’

P

④ 1) examine the request

2) generate CP and return

it to PM

CP

⑤ CP Passed

to the Process

CP

Resource Allocation request from a Process

CUP

Sign(P) { Operation, Operation Arguments }

② 1) authenticate the request

2) executes the request

③ return the result

User Proxy

① The process issues

a request for the resource B

Resource

Process

CP

Resource B

Process

CP

CPM

Process

Manager

Sign(UP) { Execution-Result }

Mapping between Globus Subject

& Resource Subject (1)

Globus

Subject

Resource

Subject

Global NameLocal Name

for local access to some resource

CUP CP

Using Grid Map table

Mapping

User ID

Password

Globus Credential Resource Credential