G-PASS: Security Infrastructure for Grid Travelers Tianchi Ma, Lin Chen, Cho-Li Wang, Francis C.M....
-
date post
18-Dec-2015 -
Category
Documents
-
view
213 -
download
0
Transcript of G-PASS: Security Infrastructure for Grid Travelers Tianchi Ma, Lin Chen, Cho-Li Wang, Francis C.M....
G-PASS: Security Infrastructure for Grid Travelers
Tianchi Ma, Lin Chen, Cho-Li Wang, Francis C.M. LauThe University of Hong Kong
Grid Travelers
A Grid Traveler is a process that can move itself across the boundary of organizations during the runtime.
Two types of Grid travelers Mobile agent Migrate-able process
Organization = Policy space Security policy (identity, access control) Other policies
Security Issues for Grid Travelers
Protect Grid travelers from malicious hosts Eavesdropping Integrity compromising
Protect hosts from malicious travelers Illegal resource accessing Deliver fake information DoS attack (replay)
Protect from network eavesdropping Use security transfer
Under a Grid Scenario (1)
Complex authorization relationship Multiple policy spaces concerned
Identity mapping Reputation system
Most of existing mechanisms are less general purpose
Organization Organization
Identity mapping
Reputation
Dispatcher
Warrantor
! Exception
Under a Grid Scenario (2)
Policy space
Warranted
An example scenario of a Grid traveler who wants to access resources in other organization. Please note this example will be the simplest one in Grid
Problems
How to carry and proof the authorizations and warrants?
How to record and track the history events?
How to do the identity mapping? How to propagate the security
exception and reputation?
Grid Fashion
Infrastructure General purpose (not application
specific) Providing fundamental information and
control mechanisms Weak defense
Monitoring instead of preventing Stable information Reputation system
Relative Information
Distributed Trust Model Authorization Delegation Warrant
Events Migration Resource consuming / job submission Exceptions
GSI – Not Enough for Grid Traveler
Providing fundamental establishment derived from conventional distributed trust PKI X.509 Global DN -> Local user
Job service Delegation Proxy
The X.509 delegation is unsuitable for Grid traveler Scalability – will form a certificate chain Delegation abusing in full delegation protocol
Cannot deal with a complex identity mapping
Traveler in Reality
Hong KongS.A.R.C
ustom
Passport Name: XXXDate of
Bi rth: XX-XX-XXXX
Nati onal i ty:P. R. Chi na
Oct.21Leave
Oct.21Arrive
Visa
HSBC
The example shows how a traveler can be permitted to visit an unacquainted country and do some critical operations
G-passport
G-passport is a list of certificates and proved security information
Records and proofs Transit Privilege betaken Security exception
Contracts Double linked traceable list
G-passport Example
Mi grati onA->B
Si gnatureof HostA
Contents ofAuthori zati on
Si gnatureof
Di spatcher
G-passport
Page2Page1G-di spatch G-event
Si gnatureof
Warrantor
Page3G-warrant
Si gnatureof HostB
I ni t i ati ngMi grati ng
f rom HostA toHostB
...
I ntroducti on Contents ofAuthori zati on
A Grid traveler’s recorded history:
Birth -> Initiation -> Migration -> Warranted -> …
Instance-Oriented Delegation
Security transaction Separation of responsibility
Security instance Binding transaction with its valid
specification Issuer sign on it
Different with capability Representing delegation but not direct
authorizations on resource
Across the Organization Boundary
I dent i t yRol e
Rol e
Rol eI nstance Rol e Rol e
I nstance Rol e Rol e
I nstance Rol e
I nstance Rol e Rol e
Rol e
I nstanceDi spatcher I nstance
ApprovalWarrantor Approval Approval
Credent i alCar r i er
Rol e Tabl e
Pr i vi l ege Tabl e
+
I dent i t y
I dent i t y
I dent i t y I dent i t y I dent i t y
Global identity cannot be recognized by local resources
Mapping: G-passport -> Local privilege table Role-based: RBAC3
Position of G-PASS
Fabric
Gri dMi ddl eware
Appl i cati on Regular Routines
Agent Agent
G-PASS
Connectivity Layer
Resource Layer
AgentAgent Platform
GSI
• Under the application layer
• Can access resource layer
• Based on GSI
Application: G-JavaMPI
Grid based Java MPI Support for process migration Four reasons of migration
Availability Searching better resource Load balancing Optimizing program by removing the
bottleneck caused by communication
JmpiBLAST
A BLAST program on G-JavaMPI Four universities sha
ring CPU cycles and local bio-databases
Funded by two organizations
MPI VO coordinates their resources together
A B
C D
MPI VO
U1
U2
Data Data
Data Data
HKU Gideon 300 Cluster
Pentium 4 2.0 GHz w/ 512 Kbytes L2 cache
512 Mbytes (PC2100) DDR SDRAM
Fast-Ethernet adaptors x 2 40 GB IDE hard disk Linux OS (RedHat 7.3/8.0) High-performance network (for inter-
process communication) Foundry Networks' Fast-Ethernet switch with 312 ports Hierarchical management network (for I/O access and
cluster management) 24-port Gigabit-Ethernet switch x 1 24-port Fast-Ethernet switch (with Gigabit-Ethernet
uplink) x 13
UTP network cables x 620
Hong Kong GridHKGrid provides a platform for its members to experiment with various research prototypes and pilot applications
Institutions
City University of HK
HK Baptist University
HK University of Science and Technology
The HK Polytechnic University
The HK Institute of HPC
HKU – Computer Centre
HKU – Department of CSIS
Environment Setting
JmpiBLAST setting Application: Blastp Database: nr (687MBytes) Segment: 1MBytes (687 segs)
Experiment setting Three Blastp programs, total 18 processes (8,6,4 re
spectively) Global scheduling: GA vs. Min-Min Original nodes: 5 Event 1: 2 nodes join in Event 2: 2 nodes quit
Data Reports
•In task 1 & 2, the GA is better than Min-Min
•In task 3, Min-Min generates a better result
•Scheduling by GA in task 1 has fully utilized the addi-tional 2 nodes, and has provided maximal through-put during the fixed time interval between event 1 and event 2.