Final Thesis Report Grid Computing_CCM4902_M00430641

8/12/2019 Final Thesis Report Grid Computing_CCM4902_M00430641

1/56

CCM 4902

Report Title

To evaluate security related issues encountered in Grid

Computing and evaluate possible solution to it.

AuthorBILAL ABBAS BAKHSHI

M00430641

SupervisorJASPREET SINGH SETHI

Dated: 8/10/2013

"A thesis submitted in partial fulfillment of the requirements for the degree

Master of Science in Computer Network Management."


2/56

2 | P a g e

Abstract

In the opening chapter the researcher has given the problem statementon which research is based,

then follows the aims and objectiveswhich are to evaluate security requirements, security issues

encountered and best solution to them. A rationale of studyis given on which the particular topic is

taken. In the end the thesis outline is given portraying the layout of the entire report. Grid computing

yields significant computing capability, excessive data warehousing, and cooperation eventualities to

its end users. In the connected ingress to the computing with a single sign on scheme as the gateway

to the prospects of world wide computing grids security characterize a decisive role. The literature

reviewlends a detail secondary research of the various mechanism of bracing security issues in the

grid computing domain, and explicitly devotes to the finding security solution to them and also

identifying security requirements of grid computing. The grid middleware architecture is given on

which grid computing is based especially on globus, Bonic and globus toolkit. The scheme portrayed

divides grid computing security literature into System clarifications, Behavioral clarifications and

Hybrid clarifications. Each one of these kind is given in features to lend acumen as to their rare

mechanism of attaining grid security, the kinds of grid and security circumstances they employ

optimum to, and the advantages and disadvantagesfor each kind of clarification. While in research

methodology chapter briefly gives view of why we chose qualitative research method and our

selection of survey consisting of questionnaires. Then in chapter findings the result of primary

research are given while conducting survey regarding security issues in authentication and

authorization in bonic and globus grid computing. Then in last chapter discussion the answers to

research questions and overall information found through primary research in contrast withsecondary research is given which is actually heart of report. While in the end future

recommendationsand conclusionare given which could be looked at by future researchers.

Keywords: Grid computing,Globus, Authentication and Authorization, GSI, PKI, Securityrequirements.


3/56

3 | P a g e

Declaration

I hereby declare that the research thesis dissertation project work entitled To evaluatesecurity related issues encountered in Grid Computing and evaluate optimum possible solution

to itsubmitted to the Middlesex University London, is a record of an original work done by

me under the guidance of my supervisor Jaspreet Singh Sethi, Faculty Member, MiddlesexUniversity Dubai Campus and this project work has performed the basis for the award of the

Postgraduate Degree.

Bilal Abbas Bakhshi

M00430641


4/56

4 | P a g e

Acknowledgements

I would like to express my gratitude to everyone who helped me complete my thesis work. First

and foremost thanks go to my project supervisor Sir Jaspreet Singh Sethi. Jaspreet not only

made it possible for me to continue my dissertation project, but he was an invaluable source of

new opinions and critiques. Iam also grateful to my module leader Dr Lejla Vrazalic for

approving topic for my thesis and for all the deliberation we had throughout the journey called

graduation. My special thanks go to Middlesex University in providing me access to library

and other resources in completing my dissertation thesis project. This chain of gratitude would

be incomplete without thanking my family for all the support they provided.

M00430641

Dated: October 10th

, 2013


5/56

5 | P a g e

Table of Contents

Abstract ...................................................................................................................................................... 2

List of Figures ........................................................................................................................................8

List of Tables ...............................................................................................................................9

Chapter 1: Introduction........................................................................................................... 10

Problem Statement........................................................................................................... 11

Research Questions...........................................................................................................

11

Research Aims and Objectives11

Rationale of Study.....................................................................................................11

Thesis Outline..12

Chapter 2: Literature Review..13

Relevance.13

Background Grid Computing and security issues prevalent

in it.13

Grid Computing Middleware and its Components.14

Components of Grid Middleware.14

Grid Middleware Security Concerns...15

Authentication and Authorization.16

Scheduling.16

Execution.17


6/56

6 | P a g e

Data Ingress and Management..17

Fabric Management.18

Information and Monitoring...18

Challenges and Possible Solution to Security Issues in Grid

Computing.19

Physical Ingress Security Aspects..20

Grid Computing in the Distributed Computing Context.20

Synopsis of Grid Computing Security..21

Systems Clarifications26

System Security for Grid Resources.26

Intrusion Detection Systems (IDS) in Grid Computing.27

Behavioral Clarifications..28

Comprehensive Guideline Oversights.29

Reliance-Based Security Clarifications29

Hybrid Clarifications..31

Authentication vs. Authorization..31

Authentication and authorization based clarifications.31

Chapter 3: Research Methodology34

Introduction34

Qualitative Research Method..34


7/56

7 | P a g e

Quantitative Research Method.34

Reason for choosing Qualitative research method.....................34

Limitation..35

Summary.35

Chapter 4: Findings.36

Introduction................................................................................................................36

Results.37

Summary.37

Chapter 5: Summary.38

Discussion..39

Conclusion.40

References...............................................................................................................................41

Appendix47


8/56

8 | P a g e

List of Figures

Figure 1 - Grid Computing Architecture..10

Figure 2 - Grid Middleware Architecture...15

Figure 3 - Distribution for grid computing security..25


9/56

9 | P a g e

List of Tables

Table 1 - Recap some of the aspects of the distinctive distributed

Computing settings............................20-21

Table 2 - Kinds of grid computing systems.21

Table 3 - Kinds of grid systems and security circumstances

according to the suggested categorization system23-24


10/56

10 | P a g e

Chapter 1

Introduction

Grid computing can mean different thing to different individual in their respective fields. The grand

idea is often presented as a correlation to power grids where end users (or electrical appliances) get

ingress to electricity through wall sockets with no care or condition for where or how the electricity

is literally generated. In our context of use grid computing, computing becomes prevalent and

peculiar users (or client applications) gain ingress to computing resources (processors, storage, data,

applications, and so on) as obligational with little or no knowledge of where those resources are

located. In addition what the elemental technologies, hardware, operating system, and so on are. In a

nutshell grid computing is basically employing geographically distributed and interconnected

computers together for computing and for resource distribution. Now getting to the stage the topic

we are researching is connected to security related issues faced in grid computing and evaluating

optimumpossible solution to this critical problem. Thats why it was important to give overview andidea of concept of grid computing. Numerous investigations by organization have shown that there

exists serious problem of security violation by unregistered users by hacking, eavesdropping and

intercepting vital information. There are some clarifications that have been discovered and

successfully employed to the security issues encountered in grid computing. As set of different

independent computers are interconnected from substantially different regions of the world to

achieve common purpose by fully exploiting idle resources of system in order to achieve higher

goals. The grid computing idea is shown in figure 1 below.

Figure 1 Grid computing architecture


11/56

11 | P a g e

Source:http://www.it.uom.gr/teaching/unc_charlottePPG/grid.htm

Problem Statement

The main problems which are encountered in grid computing application and mostly in every

technology used are security issue. The researcher is evaluating security issues encountered in gridcomputing regarding system solution, behavioral solution, hybrid solution mainly concentrating on

authentication and authorization in grid computing by employing globus toolkit middleware in it.

Also evaluate optimum possible solution to various problems. We will also evaluate by employing

the globus toolkit software which can be employed for utilizing various unused resources by users to

get their work done easily. So when these various systems are interconnected located in various

regions and utilized various unused resources so they bound have mechanism in place to avoid

hackers compromising their system. The user when login in into the system there should some

verification in place to establish that users are not impersonating by stealing password and acquire

user sensitive information.

Research questionsQ1. What are security related issues are encountered in grid computing?

Q2. What are security requirements in grid computing?

Q3. Evaluate optimum possible solution to security related issues in grid computing?

Research Aims and Objectives

1. The researchers aim is to evaluate security related issues in grid computing2. To study security related issues faced in grid computing and security Requirements.

3. To evaluate optimum possible solution to the security related problems.

Rationale of StudyAlthough there is a vast amount of literature available on the Grid computing and its Grid

middleware are employed in it like globus and security solutions of authentication being solved by

employing of PKI in its grid security infrastructure. In which PKI uses digital signature for

authentication and authorization purposes. Also the thing that encouraged the researcher to

investigate further in security requirements and issues, possible solution to them also furtherstrengthens one optimum solution. The study further goes in depth of security problems in grid

computing which is being employed in volunteer computing and Grid computing like BONIC. The

researcher is also encouraged by the application of grid technology in electricity grids of global

aspects. So far there has been no direct study conducted in the area where the impact is analyzed in

detail. The study also helps us to understand grid computing and grid middleware architecture in

order to further inquire security requirements and issues encountered. Rest of important information

will be unraveled further in thesis.
http://www.it.uom.gr/teaching/unc_charlottePPG/grid.htmhttp://www.it.uom.gr/teaching/unc_charlottePPG/grid.htmhttp://www.it.uom.gr/teaching/unc_charlottePPG/grid.htmhttp://www.it.uom.gr/teaching/unc_charlottePPG/grid.htm


12/56

12 | P a g e

Thesis OutlineThe rest of thesis is as follows.

Chapter 2Literature review: In this section we present a brief background on grid computing to give concept

of technology on which are writing thesis materials under relevance. Then giving view of security

issues prevalent in it from the historical perspective given by the father of grid computing concept

Ian foster. Further the grid computing middleware and its architecture is explained. Then in order tounderstand the security concerns and requirements the grid middleware security concerns are

elaborated. Then security challenges regarding grid computing and their possible solutions are given

and in addition further the physical security aspects of grid computing are given. Then the main

ending section relating to system solution, behavioral solution and hybrid solution regarding

authentication and authorization in grid computing regarding security issues is discussed to arrive at

appropriate choice.

Chapter 3

Research Methodology: In this section the researcher will give reasons why the appropriate methodof research qualitative was chosen instead of quantitative method. It will give brief overview of

quantitative and qualitative research methods. Then further the method of qualitative research in

which survey was chosen a brief outline given and limitation of the research with summary given in

end of section.

Chapter 4

Findings: In this section the research results of primary data will be given in form of text and

percentage figures. The section includes introduction of chapter which give brief view. Then it is

followed by the results section of elaborating the findings. The end is followed by summary of

chapter.

Chapter 5

Discussion: In this section the research collected in primary data is compared with the secondary

data reviewed in literature review to arrive at the answers to our research questions explained in

problem statement and aims and objective section. As further there is recommendation for further

research and method which could be explored to better this security problem regarding

authentication and authorization. In the end there is brief conclusion describing what the researcher

has found in the dissertation exercise.

References: Then follow the reference section containing the references used during the writing of

the thesis in order and cited in text also.

Appendix: The appendix will consist of information relevant to the thesis report topic and will

contain the questions asked during survey conducted. It will consist of definitions of some new and

some old terms specific to the report.


13/56

13 | P a g e

Chapter 2

Literature Review

Relevance

Background Grid Computing and security issues prevalent in

it

In recent years, Grid computing technology has emerged as a viable option for high performance

computing as sharing of resources lends improved performance at a lower cost than if each

organization were to own its own closed box resources(A.R. Butt, et al. 2003, pp.1006-1014). Grid

computing in literature is defined as System and applications that integrate and manage resourcesand services distributed across multiple control domains (M. Humphrey, et al. 2005, pp644-652).

As Grid Computing has security issues that should be considered since it is a distributed system

where a heterogeneous set of computers share their idle resources. Marty Humphrey, Mary R.

Thompson defined various synopses and gave various clues on how Grid security should be managed

and what are its problems. Computational grid scientists had spent tireless amount of effort to come

up with a shield environment for sharing resources. However, advance intruders still compromising

machines on the grid, which justify the research in intrusion detection system for Grid environment.

We will also discuss some issues of the GIDS on Grid environment with suggested clarifications. A

suggested solution will be analyzed from conceptual framework toward technical architecture. This

research paper describes the particular concept of having a Grid-based Intrusion Detection System

(GIDS) for the Grid environment. We will give few synopses of how GIDS can take place on theGrid environment (M. Humphrey and M.R. Thompson, 2001, pp. 95-103). In the end researcher

will give conclusion which will help better security related issues in grid computing.

Grid is a system that confirms to three specific categories as follows it coordinates resources that

are not subject to centralized control, it uses standard, open, general-purpose protocols and

interfaces, and it delivers nontrivial quality of service (I. Foster and K. Kesselman, 1999). The ever

evolving number of devices and thus mostly unused resources connected to the internet triggered

many different opinions to share available computing and storage resources. In 1998 Ian Foster and

Carl Kesselman defined in the book The Grid: Blueprint for a New Computing Infrastructure a

computational grid as a hardware and software infrastructure that lends dependable, consistent,

pervasive, and inexpensive ingress to high-end computational capabilities(Ian Foster,2002, pp.817-840). This definition was subsequently refined according to new circumstances in emerging

technologies. In general, grid computing lends users with the capability to divide and spread large

computations across multiple machines as well as ingress to distributed storage and collaboration

possibilities within virtual organizations(Ian Foster,2002, pp.817-840). As in the coordination,

administration, and subsequently also the billing of resource employment in a grid is not only

challenged by the decentralized oversight and ownership of the computing and storage structure but

also by the aim to provide an efficient and usable environment to its users. The prevalent grid

middleware like the Globus Toolkit, legion 2, gLite3, or BOINC4 provide a fundamental software

infrastructure and tools for masking the ramification of the divergent infrastructure of a grid from the

users, for easing the administrating and configuration of the participating systems, for subordinating

and oversee vacant resources, and for presenting a basic layer for developers to produce grid

applications. In the following a closer look will be taken at security threats, countermeasures, and


14/56

14 | P a g e

detection in grids and how different grid middleware clarifications approach these issues (I.Foster, et

al. 1998, pp. 8392).

Grid Computing Middleware and its Components

Middleware stage out to a genre of computer software used to linkup, or allow the

communication of software components with their applications. Middleware is encompassed ofservice sets that warrant the complement of numerous numbers of processes operating synchronously

on one or numerous computing gadgets. In grid computing, middleware supports diversified

architectures, which in turn reinforce diversified utilization (Andera Stein, 2013). We illustrate the

middleware preserving in sense the key tasks it lends. Globus Toolkit (GT) is a paramount

middleware and the veritably definitive for grid performance (Choi-Hong Lai and Frdric

Magouls, 2009). It will be the focus of our deliberation subsequent on thesis report in appendix

section.

Components of Grid Middleware

In order to understand the security related issues in grid computing and from different

perspectives, to arrive at some solution just a concise overview of its components. The disperse

entree of grids, the adaptability and the divergent nature of their infrastructure, and the intent of

being a vast desired system are a trail to grid middleware to cater a feasible distributed, impregnable,

substantial, and high aspect-of-utility system to its end users or attaining this most ingression of grid

middleware are broken up into the following segments (S.Burke, et al. 2008):

Basic middleware: This constituent yields the basic abstraction layer from the system segregated in

the grid and also the API for progressing and functioning applications on the grid.

Authentication and Authorization system: This constituent is liable for the authentication andauthorization of users, virtual organizations, and processes that ingresses the grid.

Workload Management: This constituent governs the organizing, dissemination, and preference of

jobs and processes operating on the grid.

Data Management: This constituent governs the data storage and also the ingress to data on the

grid.

Fabric Management: This constituent yields tools for installation management of grid applications

and basic task management, observing, and configuration.

Information System: This constituent collects available knowledge about the grid like availability

and status of resources, the job queue and the status of active jobs, knowledge about users and virtual

organizations, etc. These systems allow observing the grid and also yielding tools allowing users to

collaborate with their submitted jobs (I.Foster, et al. 1998, pp. 8392).


15/56

15 | P a g e

Figure 2 Grid Middleware Architecture

Grid Middleware Security Concerns

Due to the peculiar of grids each of these subcomponents provide a test for security in knowledge

systems to avert alteration, exploitation, unauthorized ingress, denial of service, hijacking, halting of

processes, and stealing of info stored on the grid, computing power yielded by the grid, and as a

whole devices connected to the grid(I.Foster, et al. 1998, pp. 8392).Each tier of grid middleware

constituent is encountered with security concern, either with problem concerning only its kind or

issues concerning numerous kinds. But as soon as one constituent is conceded or yields a securityloophole the entire grid substructure may be compromised by incursions, which have the chance to

ApplicationsApplications and Portals

User Level Middleware

Development Domain & Tools

Core Middleware

Fabric

Distributed Resources & Coupling Services

Local Resource Management


16/56

16 | P a g e

hijack the grid and get into a distributed computing substructure which is devised for high efficiency

computing. On setting out with taking charge of user authentication in grids (R.Butler, et al. 2000,

pp. 60-66) the security working association of the grid forum started to outline issues, which also

have to be consigned when looking at the security of grids (M.Humphrey and M.Thompson , 2001 ).

Authentication and Authorization

Most security deliberation in grids is spotlighted on the authentication and authorization to

ingress the reachable resources on the grid. From an applicability stage of view to ingress the grid

and all its resources users should insert their login authorization particulars only once. This single-

sign-on approach to entree the different and distributed environment of grids is a corner stone of the

success and in addition surge and dissemination of grids (R.Butler, et al. 2000, pp. 60-66).Using

public key infrastructure (PKI) based on X.509 certificates has become the standard for grid

middleware like Globus to employ the single-sign-on ingression. The employment of this PKI

constitute a collective reliance link among the user and the entree stage to the grid granting not only

the grid to review the userscertificate but also vice versa allow the user to certify the ingress to the

grid via the certificate (N.Park, et al. 2003, pp. 112-120).

In addition to this basic authentication the middleware Globus use a user proxy approach to

empower the accreditation to the systems either used for ciphering by the user or the user processes

and encompassing data obligatory by the user or usersprocesses. Using a proxy the user empowers

the prerogative to its which again can empower the prerogative to processes started by the user and

obligation to ingress other systems of the grid infrastructure. To evade the disclosure and

dissemination of the usersaccreditations the proxy employs its own accreditations which are only

valid for short period of time, usually for about 12 hours (Novotny, et al. 2001, pp. 104-111). On the

systems themselves the grid users are generalized to local user accounts, which allow the attainment

of the desired jobs and entree to data mandatory for the attainment of the request. In Globus this

user-mapping is based on grid map-files (R.Butler, et al. 2000, pp. 60-66).In Globus the ingress to

resources can also be confined by compelling users to be members of virtual organizations (VO). By

restraining the ingress to systems of the grid infrastructure to special VOs, only representatives of

those VOs are authorized to ingress them (Xue, et al. 2008, pp.33-40).

Scheduling

The organizing of jobs and managing ajobsingress to data, especially if the attaining process is

very data comprehensive (Xue, et al. 2008, pp.33-40).Processes functioning in grid environments do

not only want CPU time but also bandwidth and data storage, which should be kept for the processes.Due to the arrangement of grids and resources which are managed, distributed organizing of tasks

improves the organizing performance and according to (Xie, et al. 2005, pp. 219-237) makes a

system compact, impregnable, and well proficient of distributing organizing workload among a host

of computational sites in the system. In (Xie, et al. 2007, pp.145-153) a managing approach is

presented, where the disparity among the desired security levels and granted security levels effects

the managing of jobs on the grid. The aligning from universal user accounts to peculiar user accounts

on computing elements of a grid may lead to such disparities, which have to be considered at

organizing time, so that susceptible data or computations may not be altered or viewed by

unauthorized users. When looking at numerous grid middleware utilizations, not all of them have

security- and guideline-based organizing.


17/56

17 | P a g e

Although Globus use GSI as a primary layer for all processes and users have the facility to give

numerous obligations which have to be met by available resources to decide which ones should be

used (S.Burke, et al. 2008) the time managing is by default based on the information given by the

users in the job report file and the users virtual organization (VO). BOINC, as a tremendous

throughput grid arrangement, lets the possessor of the resource decide at which project he wants to

engage and all available resources are used. In contrast to Globus where the users are the ones who

ingress others resources and thus have dependence on the resources and the infrastructure, when

participating at BOINC the users have to rely on the software and data installed and sent to them.Regarding security, the scheduler server of BOINC 5 checks, whether a resource i-e a users

computer is reliance worthy or not and sends the job demand (S.Burke, et al. 2008).

Execution

After a job is endured and scheduled for execution it is submitted to the designated resource and

computing element for execution. Numerous security aspects have to be considered at this stage.

From an administrators perspective the job should have no eventualities to do any misuse to the

resource it is working on. It should not be able to ingress data and other jobs it is not granted to

entree as well as it should not be able to exhaust so many resources on the computing machine thatother locally originated jobs starve due to resource shortage. Numerous mechanisms like application-

level sandboxing, virtualization, user-space sandboxing, or flexible kernels can be used to hold back

data on the computing machine (Chakrabarti, et al. 2008, pp. 44-51). Grid middleware like Globus

only grant liable users to endure jobs, develop new applications, and send and ingress those jobs and

applications. In general WMS allows numerous levels of sandboxing; from account-based

sandboxing by creating a user environment on the fly to full virtualization by booting a user peculiar

virtual machine (EGEE JRA3, 2005).

In comparison to these grid middle wares BOINC6 does not use PKI for user authentication on

the BOINC grid, which allows easy assimilation of resources. To avert pernicious executable

distribution BOINC employs code signing, which allows only signed code to be executed on the

computing elements. Each executable is checked before being executed on the computing elements,

which also allows pernicious code to be traced back to its originator. In addition to this account

based sandboxing is used on the computing elements, which restricts the grid applications to ingress

other data stored on the computing elements. Account based sandboxing only works if the privileges

are set correctly. If the prerogatives of the account created by BOINC are altered by the possessors of

the computing element for sure private information about the possessor could be acquired as the

resources used by BOINC applications are mostly privately owned computers (Chakrabarti, et al.

2008, pp. 44-51).

Data Ingress and Management

Besides distributing and parallelizing computations on the grid the ingress to saving of data in the

heterogeneous environment of a grid also lend many ultimatums regarding distribution, replication,

and attainment as well as regarding security issues. Globus use GridFTP as transportation protocol,

which is a FTP solution, is based on GSI, and employs transport layer security (TLS) for attaining

the file transfer among clients, storage elements, and computing elements (V.Welch, 2005). Besides

GridFTP Globus also lends shield file transfer via web services: reliable file transfer (RFT) service.

In contradiction to GridFTP, where the file transferspredicament is lost in instance of a failure of

the client, RFT prevail the predicament of the file transfer in reliable storage (Globus Alliance,

March 2008). Also GSI dCache Ingress Protocol (gsidcap) without an entire file transfer. But in

general when operating a process a user specifies an input sandbox where the data is read from and

an output sandbox where the output of the process is placed. Both sandboxes frequently have to be


18/56

18 | P a g e

owned by the grid user starting the process. All references to files on the grid which are read and/or

written by grid applications are stored in a file cataloguethe LCG File Catalogue (LFC)which

also contains the ingress oversight list (ACL) for each file(S.Burke, et al. 2008).Besides plain text

storage on storage elements also encrypted storage is possible in globus as described. The solution

stores the encryption key distributed on numerous key servers and whenever a user or a process

started by the user desires encrypted data, this key is reacquired and only on the computing element

the data is decrypted for processing. Thus at two stages of the grid architecture the data is available

in plaintext: on the client side and on the computing element, where it is used as plaintext in memoryand probably in a temporal file on the disk (EGEE JRA3, 2005).

Apart from pure file based data ingress, storage, and management also a generic data ingress

interface for grids is available. The project Open Grid Services Architecture Data Ingress and

Integration (OGSA-DAI) is aimed at providing web service based entree to any possibility of

ingression and storing data regardless of how the data is stored, whether the data is stored in

databases, in structured, semi-structured, or unstructured file formats. OGSA-DAI are built upon the

grid security infrastructure and necessitate web service based authentication to ingress data from data

sources available via OGSA-DAI (OGSA-DAI 3.0 Documentation, 2007).

Fabric Management

As grids are not component of one but are distributed over numerous administrative domains,

installed services, configuration management, and update strategies vary widely. Therefore, the grid

middleware has to atone on one hand the dissemination guideline of jobs to resources where the

desired services are available and on the other hand the in reverse rapport to older still operating

versions. Depending on the administrator of an administrative domain software updates are installed

sooner or subsequent, configurations regarding the security of the local system and/or the whole grid

infrastructure have been applied correctly or not, etc. Those mostly human factors currently are not

atoned by current grid middlewares.

Information and monitoring

Collecting information about available and used resources computing and storage resources, the

status of jobs, active services, etc. is a vital component of managing and also using a grid

infrastructure. Each grid middleware has tools to collect information provided optionally by

computing and storage elements and information which must be available to schedulers and make

this information via a public interface available to administrators and users of the grid. Globus for

instance encompasses the web information and monitoring tool GridICE(S.Burke, et al. 2008), which

can yield information about vacant memory, number of CPUs, storage size, etc. for computing and

storage elements, which is handy information for administrators and users, but also probably usefulinformation for intruders.

At BOINC, if the possessor of computing elements allows the dissemination of the information, it

is possible to find out hardware and software information about the computing elements a user has

the BOINC middleware installed on; for instance the number and kinds of CPUs, size of memory,

size of cache, and the active operating systems (OS version, updates). In addition to security issues

of the grid middleware itself these grid portals introduce security issues of web applications to the

grid infrastructure. Although breaking into a Grid may not necessarily allow the infiltrator entree to

backend Grid resources, but as most grid portals allow users to ingress grid resources and manage

their accreditation, monitor and maybe even interact with their operating jobs, breaking into grid

portals lends the same prerogative to an infiltrator as the grid user has on the grid portal. Generally

speaking, providing ingress to and oversight over grid resources to users via a web portal increasesthe security breach of a grid infrastructure (Vecchio, et al. 2006, p.114).


19/56

19 | P a g e

Challenges and Possible Solution to Security Issues in Grid

Computing

Security in grid computing contradicts from the Internet security due to the threat that arises when

we seek to build extensible virtual organizations. Grid Computing has a lot of security issues that

should be examined since it is a distributed system where a dissimilar set of computers share their

unproductive resources. Marty Humphrey, Mary R. Thompson (Marty Humphrey and Mary R.Thompson, 2009) defined various instances and gave various tips on how Grid security should be

handled and what are their dilemmas. Here is a checklist of the main challenges and clarifications:

1. A machine is distributing its resources and the user is operating applications. Then it is

obligational to make certain that the machine has not been conceded.

Solution: A particular scheduler that allows users with ample prerogative to run applications.

2. Local user ID and Grid user ID must be graphed.

Solution: It can be done through the use of streamline domain oversights, for instance

OpenLdap, that yield user authentication and authorization mechanism.

Others (Marty Humphrey and Mary R. Thompson, 2009) give another solution: a single Grid sign-

in mechanism.

3. Ingress to logs that are over sighted by numerous users.Solution: To do this peculiar security libraries can be used to ingress the data and restraint that

who did what?

4. Determine ingress guidelines to services either locally or remotely.

Solution: The authorization rule must locally be digitally signed by the possessor and conserved

shielded. Remotely, the possessor must be able to have an impregnable connection and

authenticate himself.

5. Data integrity and confidentiality should be attained.

Solution: Integrity is attained through MAC algorithms. Confidentiality is attained through

encryption methods and keys with a limited life time.

6. Convenient key administration.

Solution: One prospect is to use smart cards.

7. Reliance rapport among users and domains/hosts become essential.

Solution: Authentication is attained by SSL accreditation or impregnable DNS and IPsec.

8. Delegation of prerogative to one or various persons is a dilemma with no clarion solution yet.

9. Information must be reachable and can be desired from everywhere.

Solution: So in order to have opportunity, information services are used. LDAP can be

used to these objective since it gives user/password entree oversight and can graph the usersid

to his servicesdirectory.

10. Firewalls and VPNsamong Gridsdomains became a threat.

Solution: Infrastructure servers can be configured to run on known ports which can be granted

by the firewall. In the instance of VPN, certificates like x509 identity certificates would be agood solution to grant ingress to other grid domains (Marty Humphrey and Mary R. Thompson,

2009).


20/56

20 | P a g e

Physical Ingress Security Aspects

Physical ingress security has to be examined as well and some other issues about Grid Computing

have been considered by Ian Foster, Yong Zhao, Ioan Raicu and Shiyong Lu in Public-key based

GSI (Grid Security Infrastructure) protocols are used for authentication, communication protection

and authorization(I.Foster, et al. 2008, pp.1-16)

1. Grid computing is more dissimilar and has potent resources, which is why it should abode some

concerns: A single sign-in mechanism to entree multiple Grid sites, concealment, integrity and

isolation should be taken into account so that resources owned by one user cannot be ingress

by unauthorized users and/or interfere with during transmission (I.Foster, et al. 2008, pp.1-16).

2. Community Authorization Service (CAS) is used for progressive resource authorization within

and beyond domains(I.Foster, et al. 2008, pp.1-16).

Grid computing in the distributed computing context

However, there are numerous variation which are given in Table 1 (T. Dimitrakos, et al. 2002,pp.228-231).

Table 1 Recap some of the aspects of the distinctive distributed computing settings

Distributed

computing

settings

Instance Oversight and

management

design

Security rule

design

Conventional

users

Reliance levels

and

impermanence

Classic

centralized

networkcomputing

Computer

network

within onecompany

Supervised by a

single entity who

preservetightened

oversight over

network; shield

architecture;

various network

regulation

prevails (bus,

token ring, star,

Wireless

802.11b, etc.)

Usually

immense level

securityguidelines; if

not, sustaining

steady security

guidelines is

still

probable due to

centralized

oversight

Representatives

of a single

institution orentity;

network admin

has ingress to

all of them

High reliance

due

to lowimpermanence

of

representatives

Grid

computing

MIT Grid Some

centralization

due to

presence of

resource broker/

schedulers,

however

resources

are possessed

and handled by

Thorough

security

guidelines can

and do

probable,

however may

be problematic

to

employ due to

non centric

Users/resource

possessors

are

representatives

of many

companies , or

may be

particular

private

persons.

Medium

reliance

due to increased

impermanence

of

representatives

over

network

computing


21/56

21 | P a g e

numerous

entities; some

regulation exists

nature

Peer-to-Peer

(P2P)

computing

Kazaa No centralized

management

structure; no

regulation.

No centralized

security

guidelines;

howeversingular

users/resource

possessors may

or may not

have local

security

guidelines

Component of

many

institutions or

maybe private

users.

Depleted

reliance due to

huge

impermanenceof

users.

Synopsis of grid computing securityThis section gives a synopsis of the prevailing grid computing settings, as well as a conciseinitiation of the security circumstances faced in today's distributed computing settings. There are

three major form of computer grids in use today: computational grids, data grids, and service grids

(A.R. Butt, et al. 2003, pp.1006 -1014). Each has its own stipulated of susceptibility in the security

area, as shown in Table 2.

Table 2

Kinds of grid computing systems (B.A. Kirschner, et al. 2008, pp. 102-109)Kinds of grid computing

system

Brief explanation Most common susceptible

loopholes

Computational grid Grid architectures that focus on

setting particular resources

explicitly for computing power;

i.e. solving equations and

complex mathematical

problems; machines taking

component in these kinds of

grid are mostly high-

performance servers.

Programs with infinite loops

can be employed to bring down

nodes of this grid, reducing

functionality.

Data grid Grid architecture liable for

saving and providing ingress tolarge volumes of data, often

across various companies.

Users can manipulate data of

other users if they surpass theiruseable space-this ruins the

other usersdata.

Service grid A grid which lends services that

are not applicable on a single

machine (N. Li, et al. 2003, pp.

128-171)

Users can employ the service

grid to propel Denial of Service

Incursion (DOS) against

another site

Since the research papers thoroughly reviewed in literature review contend with security hazard

that could be encountered by any kind of grid, it is established in these findings that the phrase grid

computing system encompasses each of these three kinds. In our finding that while the kinds of gridlisted in Table 2 depicts the three common groups of grid computing systems, some grid systems can


22/56

22 | P a g e

employ form of numerous or all of the three kinds, labeling them hybrid grid computing systems.

These grids could then counter any of the susceptibility encountered by the grid kinds they are built

up of. For seeing the grid environments divergent and geographically detached resources and wide

array of users, each with rare obligation and objectives for the grid system, the stage of overseeing

the security of users and resources becomes a matter of concern. The users of a grid, be it

computational, data, or service orientated, might have adverse rationale with each other, and thus

would want some assertion that their grid-based activity are shielded from the eyes of other users

(Oracle, Sun Grid, 2010). With the grid agreeable much of a financial resource, users will impel todemand the equivalent level of security out of their grid employment as they do from any computer-

based commercial tool, such as e-commerce, to assuredly convey satisfactory outcomes. Without

security, a grid setup would be left susceptible to illegitimate users, pernicious processes, and data

intruding that could probably yield it meaningless. A current study rated grid computing as sixth on

preference lists for IT investment among commercial professionals (P.Shread, 2013).

Any impregnable grid environment must employ method to protect authentication, authorization,

data encryption, resource protection, and impregnable transmission (K. Kaneda, et al. 2002, p. 212)

Grid security itself prompts numerous rare security prospects, inclusive of overseeing user

identification across local and global networks, overseeing the diversification of local resource/user

security systems, reliance rapport among entities, end-user key and credential management, andlending security to resources contra maligned acts from grid users (I.Foster, et al. 1998, pp. 8392).

Modeling an impregnable grid necessitate taking into particular the obligation of grid users for

impregnable distant resources that shield the integrity and confidentiality of data; and also the

obligations of resource possessor to assure that only legitimate, reliance individuals are using their

systems (A.S. Grimshaw, et al. 2004, pp.233-254).

Now the following portrayed distribution system of six viable synopsis encountered by a

distributed computing environment, and the numerous security issues they prompt. Since grid is a

kind of distributed computing environment, these synopses are applicative to the grid computing

platform as well. The first synopses are prompt job implementation, when the user has large amounts

of data that urges to be accumulated from numerous origins for prompt execution. Some instances of

this circumstance encompass the following: a super scheduler must examine list of probable hosts

if it has not already been determined, then requisite adjudge if user is granted to carry out tasks on

those hosts; governing agent must ask for hosts on preference of user; collective authentication must

take place, and the user's grid ID must be graphed to a local ID if paramount. The second synopses

are when a job execution necessitates beforehand scheduling; i.e. to hold back resources for a

subsequent date. Some security ramifications encompass the obligation to empower the user's

prerogative to the super scheduler or broker to make prearrangement, the assertion that if

prearrangement is granted, the user will have the resource for stated time, and the prerequisite for anon-forgeable prearrangement claim. The user must be able to establish themselves as possessor of

the claim or having had claim legitimately sent to them at the time of employment. The third

synopses is job oversight which the capability to disengage from a job and then restoration to it at

some stage, probably from different regions. The resource being shielded is reachable to an operating

job, so the user operating the job will set ingress oversight guideline. The stage of re-entry is

precisely into computations, circumvent the Grid, so the user must be able to authenticate to the

computations itself. In instance of compelled expiry (if the job is getting out of command) then the

system administrator must establish this status, abort the process, and alert the job possessor. The

fourth synopses are ingression of grid information services. In this circumstance, authentication takes

place among user and possessor of resources. The information service resource implements its own

ingress oversight guideline. Confidentiality or integrity of the message being published could beobligatory by user and/or information service in this circumstance. The fifth, and probably most


23/56

23 | P a g e

security-prone synopses, is setting or inquiring security criterion. This encompass authentication

actions, such as verifying user identity through grid ID, and specification of reliance grid hosts

across grid domains, in which grid resources prove their affiliation in a reliance grid to gain

ingress to a different grid. The sixth synopses, auditing of grid tasks, encompass security criterion

such as logging of system consequences and identification of possible intrusions through weird

consequences (M. Humphrey, et al. 2005, pp. 644-652). Table 3 below lends an intuition into how

our categorization system, analyzed in particular in subsequent sections of the paper, will abode the

different kinds of grids and security circumstances brought out in these findings.

Table 3Kinds of grid systems and security circumstances according to the suggested categorization

system

References in this

portion

Applicable grid

kinds (Table 2)

Security circumstance

aboded (B. White, et

al. 2001 , p.21)Section 3System

security

Section 3.1System-

based

security for grid

resources

Entropia (K. Amin, et

al. 2008, pp.749-764)

Virtual private grid

(A.S. Grimshaw, et al.

2004, pp.233-254)

Cooperation and risk

(M. Haynos, 2012)

Data

Data, service

Computational, service

Prompt job execution,

ingression of

information

Prompt job execution,

ingression of

information

Ingression grid

information,

setting/inquiringsecurity criterion,

auditing grid tasks

Section 3.2IDS Abstraction-based

intrusion detection

(B. White, et al. 2001 ,

p.21)

Service Ingression grid

information,

setting/inquiring

security criterion,

auditing grid tasks

Section 4Behavioral

security

Section 4.1Guideline

oversights

Guideline driven

ingress

oversight(B. White, et

al. 2001 , p.21)

Computational Prompt job execution,

exceptional scheduling,

job oversight, ingresses

grid information,

setting/

inquiring security

criterion, auditing grid

tasks

Security architecture

for computational grids

(K. Connelly and A.

Chien, 2002)




grid information,setting/


24/56

24 | P a g e

inquiring security

criterion, auditing grid

tasks

Section 4.2Reliance Evolving and

managing reliance

(D. Frincke,2000)

Computational,

Data

Ingresses grid

information,

setting/inquiring

security criterion

Integrating reliance (D.Frincke,2000)

Computational, data Ingresses gridinformation, setting/

inquiring security

criterion

Section 5.0Hybrid

clarifications

Section 5.2

Authentication and

authorization based

clarifications

Adapting Globus and

Kerberos ( N. Peng, et

al. 2001, pp.407-452)




grid, information,

setting/

inquiring security

criterion

SHARP (F. Azzedin

and M. Maheswaran,

2002)

Service Prompt job execution

LegionFS(A. Chien, et

al. 2003, pp.597-610)

Computational Prompt job execution

Accounting and

Accountability (J.J.

Mchugh and B.

Michael 2004)

Computational Auditing of grid tasks

Shield group

management

(E.J. Salles, et al. 2002,

pp. 97-104)

Computational Setting/inquiring

security criterion,

auditing grid

information

According to our suggested categorization system for grid computing security research, grid

computing security can be arranged into the following components: systems, behavioral, hybrid as

shown in Fig. 3.


25/56

25 | P a g e

Figure 3 Distribution for grid computing security

Computational

GridData Grid Services Grid

Grid Computing Security

System

Clarifications

Behavioral

Clarifications

Related

Technologies

Clarifications

Hybrid

Clarifications

Guideline Based

Clarifications

Reliance Based

Clarifications

Authentication &

Authorization

BasedIntrusion

Detection

System

security

for Grid

Resources


26/56

26 | P a g e

This Distribution lends numerous assistances to the research society. By designating first under

vast opinions and then breaking down into more peculiar groups, we isolate the opinions (securing of

grid resources, authentication and authorization, etc.) from the implementations (Entropia, Globus

etc.). Further, in the analysis of each opinion and implementation we have hinted to the reader which

opinions and implementations are optimum accustomed to which kinds of grid, as cited in Table 2,

and which kinds of grid employment synopses, as cited in(M. Humphrey, et al. 2005, pp. 644-652).

Further functionality is added by detaching the security clarifications into behavioral vs. system-based clarifications. For instance, a grid programmer/ administrator looking to implement a peculiar

technology on his grid system might turn promptly to the system-based clarifications, while a

researcher studying behavioral aspects of security would have information obligations more

accustomed to the behavior section of the categorization system. What follows is a particularized

deliberation of the categorization system, broken into sections based on the different categorizations

of grid security clarifications within the categorization tree. Within each section is a brief description

of each categorization, along with particularized instances of clarifications falling into that

categorization. The following section discusses the system clarifications from the categorization

system presented in Fig. 3. It is decomposed into system security for grid resources and intrusion

detection systems.

Systems clarifications

This section deliberates papers that propose system based clarifications to shield grid computing

environments. Comparatively than deliberating the implementing of security guidelines and

behavior-based clarifications, this component of the categorization deals with clarifications whose

focus is to manipulate the hardware and software of a grid system precisely in order to achieve

security. Box-product technologies, topologies and architectures, and intrusion detection systems are

aboded benefits in this section.

System security for grid resources

This section deals with research focused on system based clarifications toward grid security.

Suggested clarifications falling into this portion seek to protect resources on the grid. Ingress

oversight is a valid mechanism for protecting resources, and will be analyzed in a subsequent section

of this paper; however it cannot be the only line of defense to assure that grid nodes, applications,

data, and communications are protected from pernicious users. This portion spotlights on protecting

the grid resources, which encompass hardware and computing equipment, applications operating on

the grid and the data that they contain, as well as communication among grid nodes. Clarificationsfalling into this portion abode the data and service kinds of grids (Table 2) and the security

circumstances of Prompt Job Execution and Ingression of Information (Table 3).One method of

using technology, comparatively than guidelines, to shield grid resources is to isolate the portion of

the resource dedicated to the grid from the portion of the resource that the possessor wishes to

preserve private. The Entropia system employs a technique known as sandboxing to protect

applications, clients, processes and resources on the grid (A. Chien, et al. 2003, pp.597-610).

The sandbox technique protects the PC client (grid node) by isolating the application from the grid

that is operating on the client. This ramifications of doctoring with the PC registry or desktop and

protects against application fault due to software bugs or viruses. Along with protecting the PC node,

Entropia contains preventive measures to protect the application as well (A. Chien, et al. 2003,

pp.597-610). The sandbox preserves application files and data files encrypted on disk, so no one can


27/56

27 | P a g e

ingress the application who is not supposed to get to it. Simply put, the implications of the

application are not obtainable to non-Entropia applications. Data and application files are also

monitored for doctoring evidence by Entropia to assure their integrity (A. Chien, et al. 2003, pp.597-

610). By contradictions, implied the Virtual Private Grid infrastructure, which implicates curbing

virtual private network (VPG) technology and applying it to grid computing. This infrastructure

function over heterogeneous, locally-peculiar security circumstances such as firewalls, private IP,

and Dynamic Host Configuration Protocol (DHCP) that would otherwise obstruct grid functionality.

VPG lends a rare nickname to exclusive machine on the grid that is not reliant on IPsec or DNSname, lends job submissions to any nicknamed machine, and lends redirections to and from a file on

a nicknamed machine. VPG pipes between commands carried out on any nicknamed machine,

building up a self-stabilizing management tree among machines. VPG forwards messages via paths

in the tree. Authentication is exclusively performed when it constructs a tree, so there is less security

overhead. In short, this spontaneously establishes a private network for the grid environment that

grant users to ingress resources, while still granting them to be locally shielded by firewalls, private

IP, and other methods that would obstruct classical grid infrastructures (A.S. Grimshaw, et al. 2004,

pp.233-254).

Both of these methods provide security for grid resources; however they go about it in different

methods. These system-based clarifications isolate the physical resources and communications thatmake up the grid system, in order to achieve a shield grid network. Entropia acts as polite security

by not letting anyone doctor with anything they shouldn't be doctoring with. The sandboxing

technique, such as that employed in (A. Chien, et al. 2003, pp.597-610), also does not abide the user

prospect of security, inclusive of such things as user identification and authorization. VPG employs a

more decentralized method of aboding grid resources. It grants local users to set their level of

security with firewalls, private IPs and other security devices that typically would not be adaptable

with permanence on a grid environment. This boosts the level of self-rule for grid resource

possessors, which is a desirable property within the grid structure. However, security issues of the

system as an entire are not extensively analyzed it implies that security is being left to the resource

possessors, now that VPG can grant grid users ingress around local users' security circumstances.

Perhaps VPG ought to have more security inherent in its own structure, comparatively than solely

renouncing the users' security applications intact (A. Chien, et al. 2003, pp.597-610).

Intrusion detection systems (IDS) in grid computing

This section gives overview of problems and their solution present in an intrusion detection

system (IDS) model for shielding the grid environment. For the context of this research, an inflator

into the grid is exemplified as any grid user who attempts to endanger the grid or its resources, or

attempts to employ the grid for objectives other than what it was devised for. Comparatively than

being a peculiar software package or brand name box product, intrusion detection is a technological

theory which can be enforced employing any one of numerous software and hardware methods. IDSgrid clarifications function in the computational and service grids (Table 2) and abode the security

clarifications of Ingression Grid Information, Setting/Inquiring Security Criterion, and Auditing Grid

Tasks (M. Humphrey, et al. 2005, pp. 644-652).

Some research efforts comprising intrusion detection in grid security are analyzed below. While

intrusion detection of a single node extensively is monitoring one resource, an intrusion on a grid

could involve numerous resources at once. Thus, coalition among resources on a grid network lends

the grid with essential information to seek out potential unauthorized ingress attempts. This

accession is not devoid of danger. Too less coalition impedes functionality, but too excessive

coalition concedes for intruders (M. Haynos, 2012). Communication among grid entities can take

three forms: manager/ subordinate, peer/peer, and friend/friend. Intrusions are detected either by the

assaulted entity or by other entities on the grid. In detection engaging other grid entities, detection


28/56

28 | P a g e

and summarizing of incident is reliant upon the cooperation and its repercussion on data

dissemination. Some entities can disseminate data with each other due to their rapport, but efficacy

not does it due to the cost of disseminating. Resources can have numerous cooperation levels with

other resourcesselfish, data-interdependence, reciprocal, and generouswhich is employed to find

out if a resource will disseminate data with another resource. Intrusion can be detected if cooperation

exists, because entities disseminate data. However if disseminate data is discerning, cooperation

could cause susceptibilities. If any agent in a cooperative ring is pernicious, or if a member has a

disseminating cooperation with an entity outside ring, the working is security-compromised.

Rectification policies analyzed in (M. Haynos, 2012), such as data reduction and data sanitization,

lessen danger in cooperation while maximizing cooperation's efficacy. Another paramount facet of

intrusion detection implicates the expiry of entree as a legitimate act or an intrusion. This typically

count on the ingress action being correlated to a listing of noted incursion strategy; while in many

instances this is effective, it would not detect an incursion which does not comply to any previously-

attempted incursion strategy. This complication maybe notably evident with grids, whose fluid

structure may make them susceptible to many kinds of incursions never attempted on single nodes or

traditional, tightly-over sighted networks. Using abstraction, known incursion signatures are

abstracted to cover possible incursions; abstraction of the known incursions will contribute to the

dominance of not having to devise new signatures for each incursion ( N. Peng, et al. 2001, pp.407-452).Abstraction is error-prone due to its in exact nature, and also very interdependent on the

knowledge of the person writing the signatures. In order to magnify the efficacy of abstraction, the

IDS obligations to take into consideration the many components of incursions, such as the system

view, misuse signature, and view definition (N. Peng, et al. 2001, pp.407-452).

The system view lends a representation of observable information, such as event schema, and a

set of predicates associated with an event. The signature is a distributed event design that represents

incursion in a probable way. The view definition evolves information from the matches of a

signature and portrays it through a reciprocal system view. This matching up of signatures to system

views grants for abstractions. Having these three components, when a new incursion is discovered

we only obligation to specify new combinations of signatures and view definitions (to present the

signature through the appropriate system view) comparatively than creating new incursion signatures

or system views for the IDS to associate with the incursion. The following section accord with

behavioral clarifications, which focus on security by guideline and human action comparatively than

security via some boxed product. This section is further broken into Comprehensive Guideline

oversights and Reliance-Based security solution sections.

Behavioral Clarifications

The following section abodes kinds of clarifications that assert guideline and management

oversights over hardware/software clarifications to maintain a shield grid. Behavioral clarificationsare unreal and intuitive, comparatively than employing a physical technology to sustain security in

the grid. Account capability, group management, and reliance are all matters that are aboded here.

Within each section, instances are provided which helps the reader in comprehending the foundation

for each portion of the categorization (Fig. 3) which is analyzed. The findings are analyzed for

strengths, weaknesses, and directions for future obligational research.

Comprehensive Guideline Oversights

This portion of finding deals with security through guideline definition. The findings

suggesting reliance as a security solution could be examined as a subset of this portion. However,those papers were peculiar to reliance, while the following papers cover numerous kinds of


29/56

29 | P a g e

guidelines in their clarifications, thus it seems more pertinent to group the reliance-based papers

isolated. Research falling into the guideline oversights portion, consequently, discusses guideline sets

controlling a broad range of grid computing actions, comparatively than centering on one area of

activity while participating in a grid. These guidelines abode all areas of grid computing, including

authorized user selection, sign-on strategy and ingress oversight, and local vs. global security

settings. Comprehensive guideline oversees function optimum in computational grids (Table 2) and

abode all security circumstances identified in (N. Peng, et al. 2001, pp.407-452) (Table 3).

As guideline oversights mainly affect the human component of the grid, comprehensive

guideline sets devised to administer groups of users are a rationale extension of this mechanism of

grid security. The Closed User Group (CUG) system described in (G. Goos, et al. 2002, pp.165-168)

employs guideline-driven entree oversight to support CUGs that are geographically dispersed.

Administrator nodes in each CUG oversee ingress to group by issuing certificates. Guidelines are

deployed to numerous CUGs in the domain by guideline objects. Imposition is left up to the

respective entities, granting guidelines to be compelled over heterogeneous systems. The system

merges aspects of both the guideline system and the CUG system. Each CUG has local prospect of a

global guideline system. Guideline objects are generated here and possessed by local administration

nodes. CUGs modify and interchange guideline information with each other, creating a global

guideline system that stretch over the entire grid. There can be CUG guidelines and local guidelines,which are guidelines possessed by a member of the CUG. This merging and cooperating of

guidelines employed by one user or group of users with guidelines essential to the entire grid attains

the imperative grid-extensive security, while also maintaining the self-reliance of grid systems. The

grid computational processes involving numerous resources possessed by numerous possessors

aftermath in the obligation for security not just amid client and server, but amidst the client and any

of numerous thousand other clients. Inter domain grid security constraints must be interoperable with

local ingress oversight guidelines of individual resources. Grid-wide guidelines which can

accomplish this encompass the following: single sign-on for all grid resources, shielded accreditation

(passwords and private keys), inter-operability with local security clarifications (allowing for single

sign-on and giving local resource possessors control) and export capability (the capability to be used

in multinational clarifications, meaning that encryption must not be the bulk of the security

clarifications because of its current constraints on exportation) (I.Foster, et al. 1998, pp. 8392).

The security guidelines must also support uniform credential and certification infrastructure,

shield group communication, and multiple utilization i.e. one peculiar technology platform should

not be obligatory across all users and resources. There are numerous unique significance and

insignificance to this aspect of grid security. Comparatively than supporting black-box security

technology, guideline-driven security grants for the use of rules and regulations to accomplish the

goal of a shield grid network (I.Foster, et al. 1998, pp. 8392). This back both atop scrutiny in a

high-performance grid and the heterogeneous nature of the grid. The issues of heterogeneity and

control brought out in (I.Foster, et al. 1998, pp. 8392) are at the heart of the majority of researchconcerning grid security, as heterogeneity and control themselves having become a chief goal of the

grid environment.

Some questions heightened by these kinds of security, however, encompass the severity to which

guideline sets are unvarying beyond the grid vs. set by the respective nodes or user groups. If they

are unvarying, it takes away control correlated with a grid. Interoperability with local security

clarifications is the primitive focal point of and is also analyzed in (T. Dimitrakos, et al. 2002,

pp.228-231). One solution would be to grant the users to determine their endemic guideline sets, as

protracted as they expedient some essential grid-wide regulation designed to not present such

essential security requirements as to pose a threat to the remainder of the grid. Authentication from

global to local resources was analyzed in (P.C.Moore, et al. 2001, p.21). Non-varying accreditationand resource proxy/mapping tables grant single sign-on for global and local user authentication.


30/56

30 | P a g e

Some controversy that could heighten as a result of carrying out this structure encompasses the

impediment effect, as all resource demand must pass through a user proxy/resource proxy. Mapping

tables from global grid IDs to local IDs could also become exceptionally large as the grid sprout in

size.

Reliance-based security clarifications

The findings analyzed in this section all based their security clarifications on the enactment,

definition, assessment and utilization of reliance in grid computing environments. This contradicts

from the authentication-based security area, analyzed in the Hybrid section, in that authentication

try to uncover the identity of someone seeking to gain ingress to the grid. Reliance-based

clarifications, by contrast, go one step beyond providing an individual's identity, to associating a

level of reliance worthiness with that identity. In grid computing, resource possessors are often

hesitant to enter the grid environment because they will be disseminating resources. This distrust

leads many potential grid entrants to use their own closed-box system comparatively than a gridsystem with other resources. This is an inept use of global computing resources, which can be

aboded through the use of reliance-based security clarifications in grid computing. By reliance

worthiness, these clarifications area are ascertaining the belief that a particular user will use the

resource in a non-pernicious manner. Reliance-based clarifications can be identification based or

behavior-based identification-based clarifications deal with who you are, while behavior-based

clarifications deal with what you do. Reliance-based clarifications function in computational and

data grids (Table 2) and abode the security circumstances of the ingression of grid information and

setting/inquiring security criterion (M. Humphrey, et al. 2005, pp. 644-652). The disparity among

reliance and non-reliance entities, the prerogative that should be given to each, and various methods

of earning (or losing) reliance, are all analyzed. A user of the system can make exceptional decisions

about the intercommunication with its peers if it knows the prominence of that peer in the system.Creating the perception of a global reliance value for each user in the system can lead to apartheid of

the proper users of the system from the reprehensible users of the system. Issues of concern, such as

storing and ingress of these values must also be negotiated with. The Eigen reliance algorithm (S.D.

Kamvar, et al. 2003, pp. 640-651) recommended a distributed solution to the dilemma of reliance

management which can riposte the threats implied by pernicious users as well as commune. Reliance

tasks, inclusive of explicit experience, reputation, and time since the last intercommunication with

the entity in supplication, have arisen in grid security literature (E.J. Salles, et al. 2002, pp. 97-104).

Explicit reliance (reliance-based on rapport among entities) is asymmetric, so each entity decides

for its own self how reliance worthy the other is. A reliance agent evaluates the level of reliance-

based on the explicit reliance rapport, and on the reputation from recommender entities in the grid. Adecay function represents the passage of time since the last synergy and interrelated decay of reliance

level. All of the above cited aspects make up a reliance level, for both the client and the resource. A

resource sets its obligatory reliance level, or the minimal Reliance Level a client should have to

ingress a resource. Clients also set obligatory reliance levels for resources they plan to use.

Breaching these obligatory reliance level results in system abuse, like engrossing too many

resources, renouncing behind junk data after employment, going farther the designated boundary,

and commencing tasks that the breaching entities are not purported to start. Each local resource

comes up with reliance penalty levels pertinent to the effects the offense had on its system. For

example, a resource with adequate disk space possibly not be flaunted by junk data, but a resource

with restricted RAM efficacy be severely imitative by an entity engrossing superfluous resources.

Reliance levels can be efficiently updated, and entities can acquire reliance when infiltrating a

system. However acquiring reliance possibly not is as beneficial to others as earned reliance, so a


31/56

31 | P a g e

member-weight is ascribed based on how long entity has been in system. Reliance and reliance

worthiness levels can be determined numerically and used to constraint overhead and resources

devoted to hard security strategy (F. Azzedin and M. Maheswaran, 2002).

Current security strategy, such as encryption and data hiding, within grids bring out overhead that

degrades the high performance nature of the grid. If a client and resource have adaptable reliance

levels, the enterprise they are embroiled in goes on devoid of further security overhead. If either the

resource or the client has an obligatory reliance level above that of its opposite number reliancelevel, then further security measures are enacted to allow the operation to take place, comparatively

than the incursion penalties analyzed in the literature review. Either domain can strengthen its

obligatory reliance level to maximal in order to impose embellish security 100% of the time (F.

Azzedin and M. Maheswaran, 2002). The notion of a reliance algorithm to embellish security

strategy, and scale down system-based security overhead, would be beneficial to use in conjunction

with the opinions expressed in (M. Haynos, 2012).

The reliance variable computed by these calculations would be very useful in ascertaining the

hazard correlated with collaborating with a given entity on the grid. The support of the suggestion

analyzed here encompasses the permanence that it is apprehensive of resource management and

security. It overture security when mandatory, but employs reliance as a reinstatement for hardsecurity in irrelevant circumstances. The numerical computations of reliance/ reputation for a user or

resource as mathematical variable for inclusion in resource management are precise and use

numerous considerations to find out a reliance level. All in all, the principle use of this system is that

it combines security and resource management comparatively than pits them contra to each other.

The solution implied here, however, is not perfect. The reliance/reputation variable may not be as

inattentive a variable as the author implies; reliance levels should be reexamined repeatedly to assure

that clients and resources have not been conceded.

Hybrid Clarifications

A thorough review of the literature concerning grid computing security issues will disclose that

the peculiar perception of authentication and authorization of grid users could be aboded evenly by

system-based clarifications and behavior-based clarifications analogous. Thus, it is more convenient

to create a Hybrid Solution sub-portion to abide this issue, since it falls analogous under System and

Behavioral grid security clarifications.

Authentication vs. authorization

Grid computing is exceptionally susceptible to authentication and authorization due to its

decentralized nature, and the matter that many grids do not have a single-sign-on mechanism in placeto let a user to utilize all resources. Although they are similar notions, authentication and

authorization each have distinct peculiar tasks that each work to shield a grid. According to (E.J.

Salles, et al. 2002, pp. 97-104), authentication is the verification of the identity of a person or

process. Authorization, however, is defined in (A. Chien, et al. 2003, pp.597-610) as being the

process by which an entity such as a user or a server gets the right to perform a privileged operation.

An Authentication and Authorization Infrastructure (AAI) is a significant yet eminently complicated

component of every Grid infrastructure. The AAI is the framework over which Grid resources, users

and Virtual Organizations can authenticate one another by means of their guidelines. Analyzed

below are grid security clarifications that accord with authentication and authorization of users. The

system-based clarifications encompass the Globus/Kerberos solution (N. Nagaratnam, et al. 2003),

Shield Highly Available Resource Peering (SHARP) (F. Yun, et al. 2003, pp. 133-148) andLegionFS. The behavior-based clarifications encompass the Accounting System for Grids and the


32/56

32 | P a g e

Hierarchical vs. Flat Communication Structure. These hybrid clarifications works optimum within

computational and service grids (Table 2) and abode all six security circumstances found in (M.

Humphrey, et al. 2005, pp. 644-652)

Authentication and authorization based clarifications

This section deliberates implied clarifications which give security based on authentication and

authorization. Authentication-based and authorization-based security clarifications seek to shield a

grid environment by confining ingress to reliance members, and by abidance track of operations

performed by a peculiar user. Actions that could pinpoint a pernicious user encompass overwork of

system resources, applications that trespass by ingression of prohibited areas of the resource it is

running on, and numerous ingress demands over a short period of time (M. Humphrey, et al. 2005,

pp. 644-652). Authentication and authorization alone will not safeguard the grid from all modes of

incursion; however they act as a good first line of deterrence to aid in to preserve unauthorized users

from obtaining ingress to grid resources. Endorsement of accreditation for a grid user can be resource

consuming. Moore suggested a Globus system (which supports Grid Security Infrastructure) to

Kerberos to utilize Generic Security Services Application Program Interface (GSSAPI) which isbacked by both systems (P.C.Moore, et al. 2001, p.21). This also allows the application being

ingresses to see a credential, without having to physically get it and authenticate it; the authentication

is all controlled by GSSAPI. Since Kerberos accreditations are backed by numerous platforms, this

will boost the interoperability of the grid. Another Globus-based grid authorization and

authentication technology is conferred in (H. Jung, et al. 2005, pp. 61-77). This innovative system

abode the issues of static authentication and authorization which annoys the current Globus system

by recommends an adaptable security system which can work in the dynamic grid environment.

Similarly, (J.Watt, et al. 2006, pp.136-143) confers a technological authorization authentication

system for grid users based on the Shibboleth technology, which grants for a single-sign on for users

to ingress resources from various sites on the grid at the University in Scotland.

Furthermore, having a lone certifying agency or node grants for a single stage of nonsuccess on

the complete grid, as well as constituting a bottleneck ramification that could hamper the grid's

processing rate. This difficulty can be aboded through use of the Shield Highly Available Resource

Peering system, also known as SHARP (M. Haynos, 2012). The security facets of this resource AL

regions system are as follows: agents and resource managers are constrained to public-key signed

digital certificates, and assertion is cryptographically signed to enact them unforgeable. There is also

no in the middle verifying agency due to which each resource site acts as its own verifying agency,

sending and approving claims and verifying keys. This takes aside the single stage of failing

connected with the single certifying agency. Certainly, the LegionFS file system gives technological

security for grid environments through its three level naming schemes and cautiously oversee ingressoversight lists. The three-level naming scheme shields users from low level data discovery, while

also not tying names accurately to the locality of data to lend for flawless movement of data from

one resource to some other. Each content of the LegionFS domain has its own security domain, with

ingress administered by the ACLs (B. White, et al. 2001, p.21). There is no super-user in Legion and

single objects are liable for implementing their security guidelines. This rapport the heterogeneity of

grid systems. Under the Legion infrastructure, a user logs on, acquires a short-lived, unforgeable

security credential. Using this credential, the ACLs of the objects find out who is authorized and who

are not. An identical system which predicament a grid user to a local guest account on each resource

employed is given in (B.A. Kirschner, et al. 2008, pp. 102-109).

The Walden system, as it is called governs authentication and authorization on a per-resourcebasis, which also grants it the scalability and resilience obligational on the dynamic grid


33/56

33 | P a g e

environment. While system-based authentication and authorization clarifications use technology and

black-box security to absolutely authenticate

Documents

Final Thesis Report Grid Computing_CCM4902_M00430641