Grid Security Policy Monitoring System (GridSPMS): Towards Monitoring the Security Dimension in Grids

Grid computing systems are complex and dynamic environments requiring appropriate automated management mechanisms, which would enable stable and reliable operation of the whole grid ecosystem. Moreover, the recent novel concept of mobile grid computing – a combination of grid systems with mobile devices – also requires new ways of monitoring the emerging security aspects, associated with the ever-increasing role of network connections in mobile grids. Existing grid monitoring systems, albeit suitable for traditional, localised grid systems, seem to be ignoring the security dimension and do not offer appropriate support for enforcing security policies within a distributed grid system enhanced with mobile devices. Accordingly, in this paper we present the Grid Security Policy Monitoring System (GridSPMS) – a novel grid monitoring framework, which extends the traditional support for data monitoring (i.e., tools, protocols, etc.) with mechanisms for collecting run-time data within grids, focussing on the security dimension. By doing so, GridSPMS aims at monitoring the activity within a grid system and detect situations, where security policies have been potentially violated and, therefore, appropriate response actions have to be taken in this respect. Accordingly, GridSPMS has the potential to address security threats existing in the domain of mobile grid computing, and enable grid administrators with support for timely detection of and response to security-related incidents

Experiences in teaching grid computing to advanced level students

The development of teaching materials for future software engineers is critical to the long term success of the grid. At present however there is considerable turmoil in the grid community both within the standards and the technology base underpinning these standards. In this context, it is especially challenging to develop teaching materials that have some sort of lifetime beyond the next wave of grid middleware and standards. In addition, the current way in which grid security is supported and delivered has two key problems. Firstly in the case of the UK e-Science community, scalability issues arise from a central certificate authority. Secondly, the current security mechanisms used by the grid community are not line grained enough. In this paper we outline how these issues are being addressed through the development of a grid computing module supported by an advanced authorisation infrastructure at the University of Glasgow

Comparison of advanced authorisation infrastructures for grid computing

The widespread use of grid technology and distributed compute power, with all its inherent benefits, will only be established if the use of that technology can be guaranteed efficient and secure. The predominant method for currently enforcing security is through the use of public key infrastructures (PKI) to support authentication and the use of access control lists (ACL) to support authorisation. These systems alone do not provide enough fine-grained control over the restriction of user rights, necessary in a dynamic grid environment. This paper compares the implementation and experiences of using the current standard for grid authorisation with Globus - the grid security infrastructure (GSI) - with the role-based access control (RBAC) authorisation infrastructure PERMIS. The suitability of these security infrastructures for integration with regard to existing grid technology is presented based upon experiences within the JISC-funded DyVOSE project

DRIVER Technology Watch Report

This report is part of the Discovery Workpackage (WP4) and is the third report out of four deliverables. The objective of this report is to give an overview of the latest technical developments in the world of digital repositories, digital libraries and beyond, in order to serve as theoretical and practical input for the technical DRIVER developments, especially those focused on enhanced publications. This report consists of two main parts, one part focuses on interoperability standards for enhanced publications, the other part consists of three subchapters, which give a landscape picture of current and surfacing technologies and communities crucial to DRIVER. These three subchapters contain the GRID, CRIS and LTP communities and technologies. Every chapter contains a theoretical explanation, followed by case studies and the outcomes and opportunities for DRIVER in this field

Towards a cyberinfrastructure for enhanced scientific

Scientific and technological collaboration is more and more coming to be seen as critically dependent upon effective access to, and sharing of digital research data, and of the information tools that facilitate data being structured for efficient storage, search, retrieval, display and higher level analysis. A February 2003 report to the U.S. NSF Directorate of Computer and Information System Engineering urged that funding be provided for a major enhancement of computer and network technologies, thereby creating a cyberinfrastructure whose facilities would support and transform the conduct of scientific and engineering research. The argument of this paper is that engineering breakthroughs alone will not be enough to achieve such an outcome; success in realizing the cyberinfrastructure’s potential, if it is achieved, will more likely to be the resultant of a nexus of interrelated social, legal and technical transformations. The socio-institutional elements of a new infrastructure supporting collaboration that is to say, its supposedly “softer” parts -- are every bit as complicated as the hardware and computer software, and, indeed, may prove much harder to devise and implement. The roots of this latter class of challenges facing “e- Science” will be seen to lie in the micro- and meso-level incentive structures created by the existing legal and administrative regimes. Although a number of these same conditions and circumstances appear to be equally significant obstacles to commercial provision of Grid services in interorganizational contexts, the domain of publicly supported scientific collaboration is held to be the more hospitable environment in which to experiment with a variety of new approaches to solving these problems. The paper concludes by proposing several “solution modalities,” including some that also could be made applicable for fields of information-intensive collaboration in business and finance that must regularly transcends organizational boundaries.

Towards a cyberinfrastructure for enhanced scientific

A new generation of information and communication infrastructures, including advanced Internet computing and Grid technologies, promises to enable more direct and shared access to more widely distributed computing resources than was previously possible. Scientific and technological collaboration, consequently, is more and more coming to be seen as critically dependent upon effective access to, and sharing of digital research data, and of the information tools that facilitate data being structured for efficient storage, search, retrieval, display and higher level analysis. A recent (February 2003) report to the U.S. NSF Directorate of Computer and Information System Engineering urged that funding be provided for a major enhancement of computer and network technologies, thereby creating a cyberinfrastructure whose facilities would support and transform the conduct of scientific and engineering research. The articulation of this programmatic vision reflects a widely shared expectation that solving the technical engineering problems associated with the advanced hardware and software systems of the cyberinfrastructure will yield revolutionary payoffs by empowering individual researchers and increasing the scale, scope and flexibility of collective research enterprises. The argument of this paper, however, is that engineering breakthroughs alone will not be enough to achieve such an outcome; success in realizing the cyberinfrastructure’s potential, if it is achieved, will more likely to be the resultant of a nexus of interrelated social, legal and technical transformations. The socio-institutional elements of a new infrastructure supporting collaboration – that is to say, its supposedly “softer” parts -- are every bit as complicated as the hardware and computer software, and, indeed, may prove much harder to devise and implement. The roots of this latter class of challenges facing “e-Science” will be seen to lie in the micro- and meso-level incentive structures created by the existing legal and administrative regimes. Although a number of these same conditions and circumstances appear to be equally significant obstacles to commercial provision of Grid services in interorganizational contexts, the domain of publicly supported scientific collaboration is held to be the more hospitable environment in which to experiment with a variety of new approaches to solving these problems. The paper concludes by proposing several “solution modalities,” including some that also could be made applicable for fields of information-intensive collaboration in business and finance that must regularly transcends organizational boundaries.