1 / 22

GridTrust Trust and Security for Next Generation Grids CETIC, Belgium Philippe Massonet

GridTrust Trust and Security for Next Generation Grids CETIC, Belgium Philippe Massonet phm@cetic.be. www.gridtrust.eu. GridTrust. GridTrust: Objectives and Expected Results. General Objective: definition and management of security and trust in dynamic virtual organisations

darryl-burns
Télécharger la présentation

GridTrust Trust and Security for Next Generation Grids CETIC, Belgium Philippe Massonet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GridTrustTrust and Security for Next Generation Grids CETIC, Belgium Philippe Massonet phm@cetic.be www.gridtrust.eu

  2. GridTrust GridTrust: Objectives and Expected Results • General Objective: definition and management of security and trust in dynamic virtual organisations • Expected results – « framework » composed of: • environnement et analysis method at all levels of the NGG architecture • A reference security architecture for Grids • An open source reference implementation of the architecture, validated by several innovative businessscenarios. NGG Architecture GRID Application Layer GRID Service Middleware Layer GRID Foundation Middleware Layer Network Operating System Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  3. Project Partners 5 countries 4 companies 3 researchinstitutes 1 university Duration: 3 years (06/2006-05/2009) Global budget: 3 856 135 euros CETIC budget: 540 697 euros Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  4. Dynamic 6 3’ Dynamic Virtual Organisations “ Virtual organizations: a temporary or permanent coalition of geographically dispersed individuals, groups, organisational units or entire organisations that pool resources, capabilities and information in order to achieve common goals” Business Process Case Studies • Supply chain (Moviquity, HP) • Distributed authoring (IGDA) • Distributed Knowledge management (Interplay) 2 Services 1 4 5 3 - Changes can be manual or semi-automated or automated (Self*) Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  5. Trust in Virtual Organisations “Since VOs are based on sharing information and knowledge, there must be a high amount of trust among the partners. Especially since each partner contribute with their core competencies” • Threats: • Bad service (contract not respected) • Attacks – loss of information • Attacks – disruption of service • Vulnerability to attacks (low level of security at one of the partners) • … Collaboration 2 1 4 5 3 How do you maintain Trust and Security properties in dynamic VO? Need for Trust and security mechanisms Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  6. VO policy rules: 3 • If trust of node x < Min trust threshold • Then tighten security for node x 3’ • If trust of node x < Min trust threshold • Then replace node x Desired Self-Organization/Self-Protection Behavior User Trust requirement: always all nodes sufficiently trusted 2 1 4 5 3 Dynamic Business Processes -> Self-organization <-> Self-protection Avoid/Minimize intervention of human operators Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  7. Protection 1. Global Policies Hosting Environment 1.1 User Policies Service Instance 1.2 SP Policies 2. Local Policies Shared resources Trust and Security in Virtual Hosting Environments (Outsourcing) Service Requestor Service Provider (SP) VO Images Maps Service Request Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  8. Current State of the Art in Grid Authorization • GridTrust focuses on authorization • OGSA/Globus default autorisation mechanism: GridMap is coarse Grained and static • Extended authorization mechanisms • Akenti (fine grained distributed access control) • PERMIS (RBAC) • Shibboleth (cross-domain single sign-on and attribute-based authorization) • Basic limitation: once you receive access to a resource, you are free to use it without any control. • Need for finer grained and continuous control Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  9. Usage Control: beyond Access Control UCON [Park04] Privacy Protection DRM Intellectual Property Rights Protection TraditionalAccess Control TrustMangt. Sensitive Information Protection Usage Control Server-sideReference Monitor (SRM) Client-sideReference Monitor (CRM) SRM & CRM Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  10. GridTrust Objective: Bring Usage Control To The Grid • Integrate usage control into Grid • Supports many existing access control models • New models of trust and security • Usage control model: policy language Rights Usage Decision Objects Subjects Attributes Attributes Authorizations Obligations Conditions Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  11. Continuity of decision Ongoing decision Ongoingusage After usage Ongoing update Pre update Post update Mutability of attributes From Access Control to Usage Control Pre decision Before usage Time Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  12. Service Provider (SP) Local Policy Opened Start Service Instance Maps Monitor Closed Reading Policy EnforcementPoint Violation How Continous Usage Control Works Hosting Environment Service Program … OpenFile() … ReadFile() … OpenFile() Shared resources … CloseFile() … Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  13. Applications of Usage Control • With UCON we can express policies such as • Mandatory Access Control (MAC),  • limited number  of simultaneous usages of the same resource, and • history based access control in general, • chinese wall (CWSP), • With UCON integrated with RTML, credential based-trust management, we can also enforce • Role Based Access Control,  • Attribute Based Access Control policies, or • other credential-based policies • Other … Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  14. Collaborates on Allocated to Owned By Conflict of Interest Collaborates on Managing Conflicts of Interest in Virtual Organisations Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  15. access The Chinese Wall • Based on the notion of conflict of interest class • Need a history Conflict of interest class Client 1 Client 2 Resource 1 Resource 2 Resource 3 Resource 4 Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  16. Example: Chinese Wall Security Policy Usage Control Policy Language gvar[1]:=0. gvar[2]:=0. ([eq(gvar[2],0),eq(x1,”/home/paolo/SetA/*”),eq(x2,READ)].open(x1,x2,x3).lvar[1]:= x3.gvar[1]:= 1. i([eq(x1,lvar[1])].read(x1,x2,x3)). [eq(x1,lvar[1])].close(x1,x2) ) Par ([eq(gvar[1],0),eq(x1,”/home/paolo/SetB/*”),eq(x1,READ)].open(x1,x2,x3).lvar[1]:= x3.gvar[2]:=1. i([eq(x1,lvar[1])].read(x1,x2,x3)). [eq(x1,lvar[1])].close(x1,x2) ) System Calls

  17. Trust: Updating Reputation based on Resource Usage • Gather low level resource usage information • SLA violations • Successful performance • Update VO level reputation • Reputation at different levels • Service • VO member • VO as a whole • Reputation based on past behavior • history • performance Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  18. Trust and SecurityGoals … Self-* 1. Global Policies VO Mngt VO-level Policies Secure res. broker Usage Cont. service Usage Control Policies 2. Local Policies Computational usage control +TM Fine grained Continuous VO Model and Refinement Tool GridTrust Framework: Tools and Policy-based Services Secure VO Req Editor NGG Architecture GRID Application Layer OGSA compliant Dynamic VO Services GRID Service Middleware Layer Reputation Mgtservice … VO Members GRID Foundation Middleware Layer Network Operating System … Resources Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  19. Chinese wall UCON Policy UCON Policies must be continuous and can be fine grained From Trust and Security Requirements to Usage Control Policies NGG Architecture GRID Application Layer Business Requirement: client data must remain confidential GRID Service Middleware Layer GRID Foundation Middleware Layer Network Operating System Layer Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  20. Patterns for Trust and Security Confidentiality Integrity Confidentiality of the content of a communication Delegation Confidentiality of identity of sender and receiver Availability Trust Confidentiality of communication occurrence Privacy Authorization ChineseWall Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  21. GridTrust Services Integrated in OGSA Application GridTrust Services Second EchoGrid Workshop Beijing – 29 & 30 October 2007

  22. Conclusions • GridTrust Framework • Services • VO Level: Secure resource broker, Service level usage control, Reputation management service, Security aware VO management • Node level: Computational usage control • Policy refinement tools: Usage Control Policy editor, Usage control refinement tool • Will be Released in open source • Innovation • UCON for Grids (improves state of the art: mutable attributes, obligations, continuous enforcement) • Computational level • Service level • Combining Brokering and security • Combining security with reputation • Globus reputation used for service discovery and selection • Here we wanto to use reputation for authorization decision • Derivation of Business trust and security requirements to policies • VO management integrated with GridTrust services • Looking for collaborations Second EchoGrid Workshop Beijing – 29 & 30 October 2007

More Related