Authentication
Authorization
Integrity and Confidentiality
Security Policy
A set of rules that define the security subjects, security objects, and relationships(security operations) among them.
CA(Certificate Authority)
The third party that does certification(the binding) and issuing certificate
Trust Domain
A logical, administrative structure where a single, consistent local security policy holds
1. GRID COMPUTING
Grid Security
Sandeep Kumar Poonia
Head of Dept. CS/IT, Jagan Nath University, Jaipur
B.E., M. Tech., UGC-NET
LM-IAENG, LM-IACSIT,LM-CSTA, LM-AIRCC, LM-SCIEI, AM-UACEE
10/27/2013
Sandeep Kumar Poonia
1
2. The three classic security concerns of information
security deal principally with data, and are:
1. Confidentiality: Data is only available to those
who are authorized;
2. Integrity: Data is not changed except by
controlled processes;
3. Availability: Data is available when required.
10/27/2013
Sandeep Kumar Poonia
2
3. Additional concerns deal more with people and their
actions:
1. Authentication: Ensuring that users are who they say
they are;
2. Authorization: Making a decision about who may
access data or a service;
3. Assurance: Being confident that the security system
functions correctly;
4. Non-repudiation: Ensuring that a user cannot deny
an action;
5. Auditability: Tracking what a user did to data or a
service.
10/27/2013
Sandeep Kumar Poonia
3
4. Other security concerns relate to:
1. Trust: People can justifiably rely on computerbased
systems
to
perform
critical
functions
securely, and on systems to process, store and
communicate sensitive information securely;
2. Reliability: The system does what you want, when
you want it to;
3. Privacy: Within certain limits, no one should know
who you are or what you do.
10/27/2013
Sandeep Kumar Poonia
4
5. CRYPTOGRAPHY
can be used to address four goals:
1. Message
confidentiality:
Only
an
authorized
recipient is able to extract the contents of a
message from its encrypted form;
2. Message integrity: The recipient should be able to
determine if the message has been altered during
transmission;
3. Sender authentication: The recipient can identify
the sender, and verify that the purported sender
did send the message;
4. Sender non-repudiation: The sender cannot deny
sending the message.
10/27/2013
Sandeep Kumar Poonia
5
6. Security Requirements
• Authentication solution for verifying identities
among a user, the processes, and the resources
during the computation
• Support for Local Heterogeneity
– Various authentication/authorization mechanism, polices
• Several Constraints to meet
– Single sign-on & delegation
– Protection of Credentials
– Interoperability with local security solutions: Inter-domain
access mechanism
– Uniform certification infrastructure
– Support for secure group communication
– Support for multiple implementations
7. Security Requirements Delegation
• The context initiator gives the context acceptor
the ability to initiate additional security contexts
as an agent of the context initiator
– Remote creation of a proxy credential
– Allows remote process to authenticate on behalf of the user
• Delegation in Globus
–
–
–
–
New key pair generated remotely on server
Proxy certificate and public key sent to client
Clients signs proxy certificate with its private key and returns it
Server puts proxy in /tmp
8. Terminology
Authentication
Authorization
Integrity and Confidentiality
Security Policy
– A set of rules that define the security subjects, security
objects, and relationships(security operations) among
them.
CA(Certificate Authority)
– The third party that does certification(the binding) and issuing
certificate
Trust Domain
– A logical, administrative structure where a single, consistent local
security policy holds
9. Security Policy in Grid
Multiple trust domains
– Inter-domain interactions + mapping of inter-domain
operations into local security policy
Operations within a single trust domain are subject to local
security policy only
Mapping from global subjects to local subjects
– Authenticated global subject is considered authenticated
locally
Mutual authentication between entities in different trust
domains
Local access control decisions by local system
administrators
The execution of programs without additional user
interaction during the computation
Processes running on behalf of the same subject within the
same trust domain may share a single set of credentials
10. Globus Overview
• Globus (Argonne National Lab)
– software toolkit that makes it easier to build
computational grids and grid-based applications
– Protocols and APIs
– Resource Management (GRAM)
– Information Service (MDS)
– Data Transfer (GridFTP)
– Security (GSI)
Proxies and delegation
for secure single sign-on
Proxies and Delegration
PKI
(CAs and
Certificates)
SSL /
TTL
for Authentication
and message protection
(Secured connection)
11. Certificate & CA
Subject Name
Public Key
CA’s Public Key
CA Name
CA Name : CA
Signature of CA
Certificate
Subject Name : CA
Signature of CA
User Certificate
Issued by CA
• A X.509 certificate binds a public key to a name
• Used to identify and authenticate the user or service
• By checking the signature, one can determine that
a public key
belongs to a given user
• The CA signs its own certificate
• distributed across the network
CA’s Certificate
12. Mutual Authentication
(How to identify each other ?)
① Connection established
User A
CA
Certificate
A
User B
② A sends B its certificate
④ B sends A a plaintext
⑤ A encrypt the plaintext using CA
and sends it to B
CB
Certificate
B
③ 1) check validity of CA
based on digital signature of C
2) extract the public key of A
⑥ B decrypt the encrypted message
If this matches with the original message,
B can trust A now
13. GSI in Action
“Create Processes at A and B that
Communicate & Access Files at C”
User
Single sign-on via “grid-id”
& generation of proxy cred.User Proxy
Proxy
Or: retrieval of proxy cred. credential
from online repository
Remote process
creation
requests*
GSI-enabled Authorize
Ditto GSI-enabled
Site A
GRAM server Map to local id
GRAM server Site B
(Kerberos)
(Unix)
Create process
Generate credentials
Computer
Computer
Process
Process Local id
Communication*
Local id
Kerberos
ticket
Restricted
proxy
* With mutual
authentication
Remote file
access request*
Restricted
proxy
GSI-enabled
Site C
FTP server
(Kerberos)
Authorize
Map to local
Storage
id
system
Access file
14. User Proxy Creation
① The User gains access to the computer
C’UP
CU
② Temporary Credential created
The User
③ User Proxy Credential is created
CUP
User Proxy
CUP = Sign(U) { C’UP , Start-Time, End-Time}
④ A User Proxy is created
CUP
15. Resource Allocation
Mutual Authentication
based on CUP and CRM
User Proxy
CUP
Resource Manager
① The UP request Resource Allocation
CRM
Sign(UP) { Allocation Specification }
② 1) Authentication(validate UP
③ PROCESS-HANDLE returned
Process
Manager
& check the expiration)
2) Authorization by local polic
(may need mapping betwee
Globus users credential
and local user ID
or maynot)
3) Allocate Resource
Resource
PROCESS-HANDLE = Sign(RM) { host-identifier, process-identifier}
16. Process to Process Authentication
① Temporal Process
Credential created
User Proxy
CUP
C’P
Sign(PM) { C’P : Process-Credential }
③ Process Credential
Request
CP
② C’P Passed to PM
④ 1) examine the request
2) generate CP and return
it to PM
CP = Sign(UP) {C’P}
CP
Process
Manager
CPM
Process
Resource
⑤ CP Passed
to the Process
17. Resource Allocation request from a Process
User Proxy
Sign(P) { Operation, Operation Arguments }
① The process issues
a request for the resource B
Process
CP
CUP
③ return the result
Sign(UP) { Execution-Result }
② 1) authenticate the request
2) executes the request
Process
Manager
Resource
Process
CP
CPM
Resource B
18. Mapping between Globus Subject
& Resource Subject (1)
Globus
Subject
Global Name
Mapping
Resource
Subject
Local Name
for local access to some resource
CUP
Globus Credential
User ID
CP
Password
Resource Credential
Using Grid Map table