Security for Grid Services

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations." The dynamic and multi-institutional nature of these environments introduces challenging security issues that demand new technical approaches. In particular, one must deal with diverse local mechanisms, support dynamic creation of services, and enable dynamic creation of trust domains. We describe how these issues are addressed in two generations of the Globus Toolkit. First, we review the Globus Toolkit version 2 (GT2) approach; then, we describe new approaches developed to support the Globus Toolkit version 3 (GT3) implementation of the Open Grid Services Architecture, an initiative that is recasting Grid concepts within a service oriented framework based on Web services. GT3's security implementation uses Web services security mechanisms for credential exchange and other purposes, and introduces a tight least-privilege model that avoids the need for any privileged network service.Comment: 10 pages; 4 figure

Role-Based Access Control for the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI)

Grid has emerged recently as an integration infrastructure for the sharing and coordinated use of diverse resources in dynamic, distributed virtual organizations (VOs). A Data Grid is an architecture for the access, exchange, and sharing of data in the Grid environment. In this dissertation, role-based access control (RBAC) systems for heterogeneous data resources in Data Grid systems are proposed. The Open Grid Services Architecture - Data Access and Integration (OGSA-DAI) is a widely used framework for the integration of heterogeneous data resources in Grid systems. However, in the OGSA-DAI system, access control causes substantial administration overhead for resource providers in VOs because each of them has to manage the authorization information for individual Grid users. Its identity-based access control mechanisms are severely inefficient and too complicated to manage because the direct mapping between users and privileges is transitory. To solve this problem, (1) the Community Authorization Service (CAS), provided by the Globus toolkit, and (2) the Shibboleth, an attribute authorization service, are used to support RBAC in the OGSA-DAI system. The Globus Toolkit is widely used software for building Grid systems. Access control policies need to be specified and managed across multiple VOs. For this purpose, the Core and Hierarchical RBAC profile of the eXtensible Access Control Markup Language (XACML) is used; and for distributed administration of those policies, the Object, Metadata and Artifacts Registry (OMAR) is used. OMAR is based on the e-business eXtensible Markup Language (ebXML) registry specifications developed to achieve interoperable registries and repositories. The RBAC systems allow quick and easy deployments, privacy protection, and the centralized and distributed management of privileges. They support scalable, interoperable and fine-grain access control services; dynamic delegation of rights; and user-role assignments. They also reduce the administration overheads for resource providers because they need to maintain only the mapping information from VO roles to local database roles. Resource providers maintain the ultimate authority over their resources. Moreover, unnecessary mapping and connections can be avoided by denying invalid requests at the VO level. Performance analysis shows that our RBAC systems add only a small overhead to the existing security infrastructure of OGSA-DAI

An Authorisation Scenario for S-OGSA

The Semantic Grid initiative aims to exploit knowledge in the Grid to increase the automation, interoperability and flexibility of Grid middleware and applications. To bring a principled approach to developing Semantic Grid Systems, and to outline their core capabilities and behaviors, we have devised a reference Semantic Grid Architecture called S-OGSA. We present the implementation of an S-OGSA observant semantically-enabled Grid authorization scenario, which demonstrates two aspects: 1) the roles of different middleware components, be them semantic or non-semantic, and 2) the utility of explicit semantics for undertaking an essential activity in the Grid: resource access control

Formalisation and Implementation of the XACML Access Control Mechanism

We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control model for the specifica- tion and enforcement of access control policies. To clarify all ambiguous and intricate aspects of XACML, we provide it with a more manageable alternative syntax and with a solid semantic ground. This lays the basis for developing tools and methodologies which allow software engineers to easily and precisely regulate access to resources using policies. To demonstrate feasibility and effectiveness of our approach, we provide a software tool, supporting the specification and evaluation of policies and access requests, whose implementation fully relies on our formal development

Assured information sharing for ad-hoc collaboration

Collaborative information sharing tends to be highly dynamic and often ad hoc among organizations. The dynamic natures and sharing patterns in ad-hoc collaboration impose a need for a comprehensive and flexible approach to reflecting and coping with the unique access control requirements associated with the environment. This dissertation outlines a Role-based Access Management for Ad-hoc Resource Shar- ing framework (RAMARS) to enable secure and selective information sharing in the het- erogeneous ad-hoc collaborative environment. Our framework incorporates a role-based approach to addressing originator control, delegation and dissemination control. A special trust-aware feature is incorporated to deal with dynamic user and trust management, and a novel resource modeling scheme is proposed to support fine-grained selective sharing of composite data. As a policy-driven approach, we formally specify the necessary pol- icy components in our framework and develop access control policies using standardized eXtensible Access Control Markup Language (XACML). The feasibility of our approach is evaluated in two emerging collaborative information sharing infrastructures: peer-to- peer networking (P2P) and Grid computing. As a potential application domain, RAMARS framework is further extended and adopted in secure healthcare services, with a unified patient-centric access control scheme being proposed to enable selective and authorized sharing of Electronic Health Records (EHRs), accommodating various privacy protection requirements at different levels of granularity

EMI REGISTRY MANUAL

EMI REGISTRY MANUA

Dynamic Trust Federation in Grids

Grids are becoming economically viable and productive tools. Grids provide a way of utilizing a vast array of linked resources such as computing systems, databases and services online within Virtual Organizations (VO). However, today’s Grid architectures are not capable of supporting dynamic, agile federation across multiple administrative domains and the main barrier, which hinders dynamic federation over short time scales is security. Federating security and trust is one of the most significant architectural issues in Grids. Existing relevant standards and specifications can be used to federate security services, but do not directly address the dynamic extension of business trust relationships into the digital domain. In this paper we describe an experiment in which we highlight those challenging architectural issues and we will further describe how the approach that combines dynamic trust federation and dynamic authorization mechanism can address dynamic security trust federation in Grids. The experiment made with the prototype described in this paper is used in the NextGRID project for the definition of requirements for next generation Grid architectures adapted to business application need

Architecture Layer Based Grid Computing Security Study

With increasing grid computing application in more and more industries and sectors, grid security has grown into the most critical as well as important aspect in overall application architecture. This article, from architecture layer security dimension, studies security issue in grid computing environments, indicating architecture layer based security solutions in current grid computing and proposing grid security recommendations as well, which will contribute to further defining and analyzing security strategy in grid computing and function as a guideline to the development of grid computing technology. Keywords: grid security infrastructure; security strategy; grid computin

Semantic security: specification and enforcement of semantic policies for security-driven collaborations

Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo)

Authorization Strategies for Grid Security: Attribute-Based Multipolicy Access Control (ABMAC) Model

The emergence of Grid computing technology is being followed by three main security concerns: the independence of the domains where the resource providers (RPs) are situated; the need for supporting different security policies andthe non-necessity of the science gateways for user authentication. Great effort has been involved in order to solve these concerns through the appearance of different access control models, like Identity-Based Authorization Control (IBAC) and Role-Based Authorization Control (RBAC), which based their access request decisionson user identity, that is, on user authentication. However, these models proved asinflexible, non-scalable and unmanageable in a distributed environment.Accordingly, a novel approach, known as Atrribute-Based MultipolicyAuthorization Control (ABMAC) model has appeared. ABMAC, which is beingdescribed in this paper, uses the attributes of the Grid entities for user authorization,based on the concepts of service-oriented architecture (SOA) and the eXtensibleMarkup Language (XML) standards - eXtensible Access Control Markup Language(XACML) and Security Assertion Markup Language (SAML). Moreover, ABMAChas been partly implemented in the Globus Toolkit 4 (GT4) Authorization Framework, and consequently it is expected to be outstanding contributor to Gridsecurity