Securing Grid-Based Supply Chains

Trust and Security for Next Generation Grids, www.gridtrust.eu

Securing Grid-Based Supply ChainsSecuring Grid-Based Supply Chains

Marco Di GirolamoMarco Di Girolamo

HP Italy Innovation Center, ItalyHP Italy Innovation Center, Italy

On behalf of the GridTrust ConsortiumOn behalf of the GridTrust Consortium

EGEE Conference 2008, Business Track, EGEE Conference 2008, Business Track, Istanbul, September 23Istanbul, September 23rdrd, 2008, 2008


GridTrust VisionGridTrust Vision

• VOs operated over Service-Oriented ArchitecturesVOs operated over Service-Oriented Architectures

• Trust handled through security and reputation Trust handled through security and reputation managementmanagement

• ““Continuous Usage Control” concept permeating Continuous Usage Control” concept permeating design and operation of VOs:design and operation of VOs:Continuous Usage Control expressed at level of

security requirementsVOs managed by policies derived from security

requirementsSecurity policies enforced by means of GridTrust

servicesReputation monitoring and dynamic update


GridTrust: Objectives andGridTrust: Objectives andExpected ResultsExpected Results

• General Objective: definition and management of General Objective: definition and management of security and trust in dynamic Virtual Organizations security and trust in dynamic Virtual Organizations Improve Access Control – Authorization Introduce usage control for Grids

• Expected results – “framework” composed of:Expected results – “framework” composed of: Tools for reasoning about security at all levels

of the NGG architecture

A reference security architecture for Grids Including UCON authorization service,

secure-aware broker, reputation management service, among others

An open source reference implementation of the architecture, validated by several innovative business scenarios.

GRID Service Middleware Layer

NGG Architecture

GRID Application Layer

GRID Foundation Middleware Layer

Network Operating System

Grid

Tru

st


Project PartnersProject Partners5 countries4 companies3 research institutes1 university

Duration: 3 years (06/2006-05/2009)Global budget: 3 856 135 eurosCETIC budget: 540 697 euros


A Grid-Based Transportation Supply ChainA Grid-Based Transportation Supply Chain

• ScenarioScenarioContext is logistics services:

Moving customers’ goods from one place to another

Competitive driving factors: Delivery time

Service price

Gap to bridge - transporter’s side : Only big service providers can afford optimization tools (scale

reasons)

Availability of optimization services could foster market competition (SME inclusion)

Gap to bridge - customer’s side: Wanting to find the best transporter for each transportation task


The business caseThe business case

• Solution pillars:Solution pillars:Use of an auctioning system,

Exploit competition between transporters

Allow customers to find the best provider for each task

Use of route computing services, Computational services providing maps and libraries to

execute applications solving the logistic optimization problem

Enable small transporters to perform routing optimization

Hosted on GRID resources!


The business case – VO modelThe business case – VO model

The VBE modelThe VBE model

• Association of organizations Association of organizations adhering to common operating adhering to common operating principles and infrastructureprinciples and infrastructure

• Main objective: participating in Main objective: participating in potential VOs.potential VOs.

• Organizations participating to a Organizations participating to a VO are selected from the VBEVO are selected from the VBE

VBE Manager service provider provider

user

VBE

VO Manager

VO Owner

VO


Auction based supply chainAuction based supply chain

• Fist-Price Sealed-Bid reverse auction modelFist-Price Sealed-Bid reverse auction model• Producers (auction proponents) produce RfQs for transportation tasksProducers (auction proponents) produce RfQs for transportation tasks• Transporters can recalculate routing exploiting routing computational Transporters can recalculate routing exploiting routing computational

services running on GRID resourcesservices running on GRID resources• Offer selection based on customer requirements: time, price, transporter’s Offer selection based on customer requirements: time, price, transporter’s

reputationreputation• Producers create a Producers create a Delivery VODelivery VO (auction and delivery management) (auction and delivery management)• Transporters create Routing VOs to compute best routes for answering the Transporters create Routing VOs to compute best routes for answering the

auctionauction


Computational problem overviewComputational problem overview

• Find a set of NV vehicle routes, originating from and Find a set of NV vehicle routes, originating from and terminating at the depot, such thatterminating at the depot, such that Each vehicle services one route Each vertex vi i=1..N is visited only once Quantity of goods on each vehicle never exceeds its capacity

C Start time of each route is >= r0

End time of each route is <= d0

Time of beginning of service at vertex i is >= ri (ready time) If arrival time ti at vertex i is < ri then the vehicle waits for a

waiting time wi= (ri - ti) Time of ending of service at vertex i is <= di (due date)

• VRPTW: Vehicle Routing Problem with Time WindowsVRPTW: Vehicle Routing Problem with Time Windows

• Usually algorithms minimize NV and then the total distance Usually algorithms minimize NV and then the total distance TDTD


Securing the Grid-Based Securing the Grid-Based Supply ChainSupply Chain

• ObjectiveObjective Identify security challenges presented by Grid-based

supply chainDefine security components helping to solve such

challenges• MethodologyMethodology

Perform a security analysis to define security requirements for the application, using a goal-oriented requirements-engineering methodology

Identify and develop architecture components that could contribute to meet the main identified security challenges.

Evaluate how the architecture helps in solving security challenges


Security Issues in the Transportation Security Issues in the Transportation Supply ChainSupply Chain

• Auction:Auction: Secure identification of auction participants Secrecy of offers at least until auction closure Data integrity and non-repudiation of both offers and RfQs

• Routing services:Routing services: Execution of unknown applications on behalf of potentially

unknown or untrusted users Need to prevent these applications from

performing bad actions stealing valuable data gaining unauthorized accesses

Reputation combined with security to increase trust Transporters’ reputation measured based on their compliancy with

global and local security policies defined for Grid resources


GridTrust Services GridTrust Services Securing the Supply ChainSecuring the Supply Chain

Policy and Profile Manager

Service

VO

Management

Service

Reputation

Management

Service

Security-Aware

Resource

Broker ServiceUCON

Service


VO Management ServiceVO Management Service

• The VO manager is responsible for setting up, operating and terminating the VO

• The VO membership manager service is responsible for managing the different members of the VO and their users

• The workflow management service is responsible for transforming job requests into workflows that are then managed

• The global VO policies apply to all VO members and describe their correct behaviour during the lifetime of the VO

GRID Service

Middleware Layer


Reputation Management ServiceReputation Management Service

• Collect, distribute and aggregate feedbacks about Collect, distribute and aggregate feedbacks about entities' behaviour in a particular context in order to entities' behaviour in a particular context in order to produce a rating about the entitiesproduce a rating about the entities Entities could be either users, resources / services, service

providers or VOs

• The reputation service is based on ideas of utility The reputation service is based on ideas of utility computingcomputing

• It can be used in both centralised and distributed It can be used in both centralised and distributed settings settings

• Using reputation with securityUsing reputation with security Maintaining users’ reputation according to their usage of

resources

GRID Service

Middleware Layer


Usage Control ServiceUsage Control Service

• Enforcement of Usage Control policies at both VO level and Enforcement of Usage Control policies at both VO level and computational (node) levelcomputational (node) level Building Policy Decision Points (PDPs) and Policy Enforcement

Points (PEPs) for POLPA and XACML languages

• Monitor the actions executed on behalf of the grid users and Monitor the actions executed on behalf of the grid users and enforce a UCON security policyenforce a UCON security policy

VO level Global VO policies

Service level The policy describes behaviour of the user in the local service invocation

Computational level The policy consists of a highly detailed description of the correct

behaviour of the application being executed Only the applications whose behaviour is consistent with the security

policy are executed on the computational resource

GRID Service

Middleware Layer

GRID Foundation Middleware

Layer


Secure–Aware Resource Broker Secure–Aware Resource Broker ServiceService

• Integrate access control with resource/service Integrate access control with resource/service schedulingscheduling

• Both resource owners and users define their Both resource owners and users define their resource access and usage policiesresource access and usage policiesThe resource broker schedules a user request only

within the set of resources whose policies match the user credentials (and vice-versa)

• Support of UCON at VO levelSupport of UCON at VO level

• Scalability and efficiencyScalability and efficiency

GRID Service

Middleware Layer


Layer


Policy and Profile Manager ServicePolicy and Profile Manager Service

• The policy manager is responsible for managing policies at the global (VO level) and local levels (node level)

• The profile manager is responsible for managing profiles. Profiles allow users to specify personal default values

GRID Service

Middleware Layer


Layer


ConclusionsConclusions

• Grid-based supply chains can be secured by Grid-based supply chains can be secured by associating them with trust and security associating them with trust and security management services management services

• The solution proposed, called GridTrust Security The solution proposed, called GridTrust Security Framework (GSF), incorporates these services in Framework (GSF), incorporates these services in a manner that is a manner that is Interoperable: we are re-using an existing Grid

infrastructure (Globus middleware) Our system components are interoperable with other Globus-

based components Security-aware: the proposed design tackles security

issues potentially arising in any Grid-based system The security requirements were elicited using a requirements-

engineering methodology that has been tailored for Grid systems


More InformationMore Information

• Visit us atVisit us at

http://www.gridtrust.eu

Thanks!

Documents

Securing Grid-Based Supply Chains