Trust Relationships in Grid

CHEP 07Mine Altunay

Organizational Structures

Traditional organizations• brick and mortar• well-defined hierarchy• up-down info flow• face-face time• everyone knows their placeand responsibility

Grid communities• virtual• flat organization• side-side info flow• willing collaboration • limited face-face time

Trust: Essential ingredient in Grids

• Collaboration based on trust• Trust is relationship between two parties such that one partybelieves the other one does what s/he promises to do• Three key factors of a trust relationship: • when

• time the parties should perform, clear start-end dates• how

• under the conditions parties perform • what

• actions they perform

How Grid participants cultivate trust

• Ad-hoc , immature

process• Use established

contacts• Meet face-face• Phone your friends

up • Manual processing

Current

• Automated

processes to build, grow and monitor trust relationships

• Trust relationship lifecycle

• Cultivate transitive trust relationships

Our Goal

Formalizing trust relationship

TrustA(B, Action, Period, Cond) = Level of Assurance

A’s trust in B to perform action under the condition cond during the time period is equal to the level of assurance LoA, where LoA Є (low, high, medium)

• Unidirectional, non-reflexive – A trust B ≠ B trusts A

• Transitive function– A trusts B, B trusts C A trusts C

Benefits of Formalization

• Categorize trust relationships based on levels of assurance

• Monitor relationships• Reach agreements between two parties

– Well-defined expectations

• Promote collaborations

Trust Relationship Lifecycle

Definition

Categorization

Agreement

Publication

Monitoring

Termination

Restoration

Definition

• name the parties• define actions• define the conditions

Categorization

• determine level of assurance

Agreement

• reach an agreement over the trust relationship• establish non-repudiation and traceability

Publication

• publish the agreement to all involved parties• use for monitoring

Monitoring

• enforce the agreement• sample behavior • detect non-compliant behavior• store info for future trust relationships

Termination

• end the trust relationship

Restoration

• restore the terminated trust relationship

Transitive Trust

VO #1

Site#1

VO#2

Site#3

Site#2

VO #1 Member

Transitive re

lationships

Transitive relationship

Transitive trust relationships

• Builds a web of trust• Reduces one-one relationships• Broadens available resources • Eases collaboration

OSG

VO

Site

register

regi

ster

register

Ad-hoc

VOSite

Complete trust life-cycle-- Automated trust establishment-- Service-level agreements-- Agreed upon access rights-- Agreed usage policy-- Monitoring of trust-- enforcements (breach of agreements)

Trusting in Grid

Trust: Essential Ingredient in Grids

• when the time parties should perform• how under the conditions they perform • what actions they perform

The Current

meet face-face Phone your friends up

Formalizing Trust relationshipTrustA(B, Action, Period, Cond) = Level of Assurance

A’s trust in B to perform action under the

condition cond during the time period is equal

To the level of assurance LoA, where LoA Є

(low, high, medium)

• reach an agreement • establish non-repudiation and traceability

Definition

Categorization

Agreement

Publication

Monitoring

Termination

Restoration• name the parties• define actions• define conditions

• determine level of assurance

• publish the agreement to all involved parties• use for monitoring

• sample behavior • detect non-compliance• store info for future

• end the trust relationship

• restore the terminated relationship

Trust Life-Cycle

One-One Trust Relationships

Benefits of Trust Formalization

Categorize trust relationships based on

levels of assurance

Reach agreements between two parties

Well-defined expectations

Monitor relationships

Enforcement of the agreements

-- Unidirectional, non-reflexive

A trust B ≠ B trusts A

-- Transitive function

A trusts B, B trusts C A trusts C

One-onetrust

VO #1

Site#1

VO#2

Site#3

Site#2

VO #1 memberTransitiv

e trust re

lationships

Transitive trust relationship

One-onetrust

One-onetrust

On

e-on

etru

st

One-onetrust

VO Site

Complete trust life-cycle• Automated trust establishment• Service-level agreements• Agreed upon access rights• Agreed usage policy• Monitoring of trust• Enforcements (breach of agreements)

register OSGVO

Site

regi

ster

register

Ad-hocmissing link

Our Goal

• Build web of trust• Reduces one-one relationships• Broadens available resources • Eases collaboration

Why essential ?

What is it?

Trust is a relationship between two parties such that one party believes the other one does what s/he promises to do

• hierarchical• brick and mortar• up-down info flow• face-face time

• flat organization• virtual• side-side info flow• willing collaboration

Grid depends on collaborationsCollaborations depends on trustThus, grid depends on trust

Grid community:

vs.

Traditional Organization

How to fo

rmalize

it ?

How to accomplish it ?

Our Goal

Our Goal

The OSG process for establishing trust: registration agreements, agreed usage policies (AUP)

OSG