1 / 13

Security, Accounting, and Assurance

Security, Accounting, and Assurance. Mahdi N. Bojnordi 2004 mnbojnordi@yahoo.com. Overview. Requirements What is expected from grids nowadays? Technologies Which are developed to provide the security. Current Practice Existing implementation of security services. Future Directions

lyris
Télécharger la présentation

Security, Accounting, and Assurance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security, Accounting, and Assurance Mahdi N. Bojnordi 2004 mnbojnordi@yahoo.com

  2. Overview • Requirements • What is expected from grids nowadays? • Technologies • Which are developed to provide the security. • Current Practice • Existing implementation of security services. • Future Directions • What is met by existing technologies insufficiently?

  3. Requirements • Authentication • The process of verifying the identity of a participant. • A verified entity called principal (e.g. user logged into system). • Authority to use delegation of identity. • Authorization • The process determining whether a particular operation is allowed. • Supporting delegation of authority.

  4. Requirements (cont’d) • Assurance • A form of authorization validating the authority of service provider (i.e. accreditation). • Allow the requester to decide whether a system is secure, reliable, etc. • Accounting • A means to manage the quotas.

  5. Requirements (cont’d) • Audit • Records what have been performed by a system on behalf of a principal. • Integrity and Confidentiality • Correct functioning of applications on the network. • Optional Security Services • Is all the described requirements needed for our system?

  6. Technologies • Cryptography • The most basic technology for distributed system security. System is conditioned on secrecy of key. • Symmetric & Asymmetric methods

  7. Technologies (cont’d) • Authentication • There is several authentication methods including assertion, passwords, encryption-based protocols. • Certification • Provides binding between a particular key and a principal. • This binding certified by a Certification Authority.

  8. Technologies (cont’d) • Distributed Authorization & Assurance • Privilege attribute certificates or assurance credentials. • Accounting • Distributed database • Intrusion Detection & Auditing • www.cert.org/archive/pdf/IEEE_IDS.pdf

  9. Current Practice • File Encryption, Email, and Public-Key Auth. • Pretty Good Privacy (PGP) • http://www.pgp.com • http://www.davidyaw.com/crypto/PGP.pdf • http://www.pgpi.org/cgi/download.cgi?filename=pgpsrc658win32.zip • Secure Sockets Layer & Transaction-Level Sec. • Embedded in most Web browser

  10. Current Practice (cont’d) • Kerberos

  11. Current Practice (cont’d) • IPSec, IPv6, and Virtual Private Networks • Disabling sniffers • Firewalls • A barrier at the boundary

  12. Future Directions • Group Communication • Better ways needed • Distributed Accounting • NetCheque

  13. Thank you

More Related