Security issues in on-demand grid and cluster computing

Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06) Pub Date : 2006-05-16 DOI:10.1109/CCGRID.2006.164

Matthew Smith, M. Engel, T. Friese, Bernd Freisleben, G. Koenig, W. Yurcik

{"title":"Security issues in on-demand grid and cluster computing","authors":"Matthew Smith, M. Engel, T. Friese, Bernd Freisleben, G. Koenig, W. Yurcik","doi":"10.1109/CCGRID.2006.164","DOIUrl":null,"url":null,"abstract":"In this paper, security issues in on-demand grid and cluster computing are analyzed, a corresponding threat model is presented and the challenges with respect to authentication, authorization, delegation and single sign-on, secure communication, auditing, safety, and confidentiality are discussed. Three different levels of on-demand computing are identified, based on the number of resource providers, solution producers and users, and the trust relationships between them. It is argued that the threats associated with the first two levels can be handled by employing operating system virtualization technologies based on Xen, whereas the threats of the third level require the use of hardware security modules proposed in the context of the Trusted Computing Platform Alliance (TCPA). The presented security mechanisms increase the resilience of the service hosting environment against both malicious attacks and erroneous code. Thus, our proposal paves the way for large scale hosting of grid or Web services in commercial scenarios","PeriodicalId":419226,"journal":{"name":"Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCGRID.2006.164","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 30

Abstract

In this paper, security issues in on-demand grid and cluster computing are analyzed, a corresponding threat model is presented and the challenges with respect to authentication, authorization, delegation and single sign-on, secure communication, auditing, safety, and confidentiality are discussed. Three different levels of on-demand computing are identified, based on the number of resource providers, solution producers and users, and the trust relationships between them. It is argued that the threats associated with the first two levels can be handled by employing operating system virtualization technologies based on Xen, whereas the threats of the third level require the use of hardware security modules proposed in the context of the Trusted Computing Platform Alliance (TCPA). The presented security mechanisms increase the resilience of the service hosting environment against both malicious attacks and erroneous code. Thus, our proposal paves the way for large scale hosting of grid or Web services in commercial scenarios

查看原文本刊更多论文

按需网格和集群计算中的安全问题

本文分析了按需网格和集群计算中的安全问题，提出了相应的威胁模型，并讨论了在身份验证、授权、授权和单点登录、安全通信、审计、安全和机密性方面面临的挑战。根据资源提供者、解决方案生产者和用户的数量以及它们之间的信任关系，确定了按需计算的三个不同级别。本文认为，与前两个级别相关的威胁可以通过采用基于Xen的操作系统虚拟化技术来处理，而第三个级别的威胁需要使用可信计算平台联盟(TCPA)背景下提出的硬件安全模块。所提出的安全机制增加了服务托管环境抵御恶意攻击和错误代码的弹性。因此，我们的建议为在商业场景中大规模托管网格或Web服务铺平了道路

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06)

自引率

0.00%

发文量