7,793 research outputs found
A Mediated Definite Delegation Model allowing for Certified Grid Job Submission
Grid computing infrastructures need to provide traceability and accounting of
their users" activity and protection against misuse and privilege escalation. A
central aspect of multi-user Grid job environments is the necessary delegation
of privileges in the course of a job submission. With respect to these generic
requirements this document describes an improved handling of multi-user Grid
jobs in the ALICE ("A Large Ion Collider Experiment") Grid Services. A security
analysis of the ALICE Grid job model is presented with derived security
objectives, followed by a discussion of existing approaches of unrestricted
delegation based on X.509 proxy certificates and the Grid middleware gLExec.
Unrestricted delegation has severe security consequences and limitations, most
importantly allowing for identity theft and forgery of delegated assignments.
These limitations are discussed and formulated, both in general and with
respect to an adoption in line with multi-user Grid jobs. Based on the
architecture of the ALICE Grid Services, a new general model of mediated
definite delegation is developed and formulated, allowing a broker to assign
context-sensitive user privileges to agents. The model provides strong
accountability and long- term traceability. A prototype implementation allowing
for certified Grid jobs is presented including a potential interaction with
gLExec. The achieved improvements regarding system security, malicious job
exploitation, identity protection, and accountability are emphasized, followed
by a discussion of non- repudiation in the face of malicious Grid jobs
Recommended from our members
GRIDCC - Providing a real-time grid for distributed instrumentation
The GRIDCC project is extending the use of Grid computing to include access to and control of distributed instrumentation.
Access to the instruments will be via an interface to a Virtual Instrument Grid Service (VIGS). VIGS is a new concept and its design and implementation, together
with middleware that can provide the appropriate Quality of Service (QoS), is a key part of the GRIDCC development plan. An overall architecture for GRIDCC has been
defined and some of the application areas, which include distributed power systems, remote control of an accelerator and the remote monitoring of a large particle physics
experiment, are briefly discussed.E
Towards A Well-Secured Electronic Health Record in the Health Cloud
The major concerns for most cloud implementers particularly in the health care industry have remained data security
and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and
benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys
have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the
various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the
diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on
identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to
electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to
health data privacy and security of eHR in health care cloud
HOMEBOTS: Intelligent Decentralized Services for Energy Management
The deregulation of the European energy market, combined with emerging advanced capabilities of information technology, provides strategic opportunities for new knowledge-oriented services on the power grid. HOMEBOTS is the namewe have coined for one of these innovative services: decentralized power load management at the customer side, automatically carried out by a `society' of interactive household, industrial and utility equipment. They act as independent intelligent agents that communicate and negotiate in a computational market economy. The knowledge and competence aspects of this application are discussed, using an improved \ud
version of task analysis according to the COMMONKADS knowledge methodology. Illustrated by simulation results, we indicate how customer knowledge can be mobilized to achieve joint goals of cost and energy savings. General implications for knowledge creation and its management are discussed
The Kinetic Basis of Self-Organized Pattern Formation
In his seminal paper on morphogenesis (1952), Alan Turing demonstrated that
different spatio-temporal patterns can arise due to instability of the
homogeneous state in reaction-diffusion systems, but at least two species are
necessary to produce even the simplest stationary patterns. This paper is aimed
to propose a novel model of the analog (continuous state) kinetic automaton and
to show that stationary and dynamic patterns can arise in one-component
networks of kinetic automata. Possible applicability of kinetic networks to
modeling of real-world phenomena is also discussed.Comment: 8 pages, submitted to the 14th International Conference on the
Synthesis and Simulation of Living Systems (Alife 14) on 23.03.2014, accepted
09.05.201
- …