HIPernet: a decentralized security infrastructure for large scale grid environments

Abstract

Security in grid environments appeals for fundamental primitives like the secure establishment of dynamic and isolated virtual trust domains. The security mechanisms currently used are generally based on a public key infrastructure global to the grid environment, and a mix of global and local access control policies used to make an authorization decision. Such approaches do not scale well with the number of participating domains and entities. In this paper, we propose a decentralized approach for securing grid environments that better cope with their inherently distributed nature. The combination of network and operating system visualization (supernets) with the host identity protocol (HIP) and simple public key infrastructure (SPKI) delegation/authorization certificates allows to create virtual trust domains onto multiple shared computer nodes connected by an untrusted network. We analyze how this approach adapts the vast diversity of trust relationships in the real world and has a better scalability with respect to the number of entities involved.