Tree Based Approach for Secure Group Communication in Grid Environment

1. Tree Based Approach for Secure Group Communication in Grid Environment Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)

2. Agenda • Objective • Grid Security Issues • Dynamic VO in Grid • Group Communication in Grid • Tree Based Group Diffie Hellman Protocol • Interval based Rekeying • Domain to domain Communication • Establishment of Trust • Results • Conclusion • Future Work • References

3. Objective • To use Tree Based Group Diffie Hellman Protocol to generate and update the group key dynamically. • To compare the performance of individual and interval based rekeying approachs. • Securing domain to domain communication by establishing trust relationship among entities. • Simulating the protocol using GridSim toolkit.

4. Grid Security Issues The activities that need to be secured in a grid environment are: • Naming and authentication • Secure communication – TLS/SSL • Trust, policy, and authorization • Access control.

5. Dynamic VO in the Grid • Virtual organizations (VOs) are collections of diverse and distributed individuals that seek to share and use diverse resources in a coordinated fashion. • Users can join into several VOs, while resource providers also partition their resources to several Vos.

6. Security Challenges • Dynamic VO establishment • A VO is organized for some goal and disorganized after the goal is achieved. • Users can join into or leave VOs. • Resource providers can join into or leave VOs. • Dynamic policy management • Resource providers dynamically change their resources policies. • VO managers manage VO users’ rights dynamically. • Interoperability with different host environments

7. Group Communication in grid

8. 0 K0 = Group Key 1 2 3 4 5 6 M3 M6 7 8 11 12 M1 M2 M4 M5 Tree-based Group Diffie-Hellman (TGDH) 0 • A binary key tree is formed. Each node v represents a secret (private) key Kv and a blinded (public) key BKv. • BKv = αKv mod p, where α and p are public parameters. • Every member holds the secret keys along the key path • Assume each member knows the all blinded keys in the key tree. 1 3 7

9. TGDH: Node Relationships Kv = (BK2v+1)K2v+2 = (αK2v+1)K2v+2 mod p The secret key of a non-leaf node v can be generated by: v Kv = (BK2v+2)K2v+1 = (αK2v+2)K2v+1 mod p BK2v+2 2v+1 2v+2 Kv = αK2v+1K2v+2 mod p BK2v+1 The secret key of a leaf node is randomly selected by the corresponding member.

10. 0 1 2 3 4 5 6 M3 M6 7 8 11 12 M1 M2 M4 M5 TGDH: Group Key Generation 0 E.g., M1 generates the group key via: 1 2 4 3 8 7 • K7, BK8 K3 • K3, BK4 K1 • K1, BK2 K0 (Group Key)

11. TGDH: Rekeying • Rekeying (renewing the keys of the nodes) is performed at every single join/leave event to ensure backward and forward confidentiality. • A special member called sponsor is elected to be responsible for broadcasting updated blinded keys.

12. 1 3 4 6 M3 11 7 8 13 14 M4(S) M1 M2 M6 M7 TGDH: Single Join Case 0 0 M8 joins • M8 broadcasts its individual blinded key BK12 on joining. • M4 becomes the sponsor. It rekeys K5, K2 and K0 and broadcasts the blinded keys. • Now everyone can compute the new group key. 2 2 5 5 M4 12 M8

13. 1 3 4 5 6 M3 M4(S) 7 8 13 14 M1 M2 M6 M7 TGDH: Single Leave Case 0 0 • M4 becomes the sponsor. It rekeys the secret keys K2 and K0 and broadcasts the blinded keys. • M1, M2 and M3 compute K0 given BK2. • M6 and M7 compute K2 and then K0 given BK5. M5 leaves 2 2 5 5 12 12 11 M4 M5

14. Tree T3 Tree T*3 <0,0> <0,0> <1,0> <1,1> <1,0> <1,1> <2,0> <2,1> <2,1> <2,2> <2,0> <2,0> <2,1> <2,3> M4 M6 M2 M3 M5 M3 sponsor sponsor <3,0> <3,1> <3,6> <3,7> M6 sponsor M5 M1 M2 sponsor Partition

15. Merge

16. Interval-Based Rekeying Algorithms • Interval-based rekeying is proposed such that rekeying is performed on a batch of join and leave requests at regular rekey intervals. • Interval-based rekeying improves system performance. • Queue-batch algorithm is used for interval based rekeying.

17. 6 13 14 3 M10(S) 27 28 M1(S) M8 M9 T’ Queue-batch Algorithm Example of Queue-merge Phase 0 0 • T’ is attached to node 6. • M10, the sponsor, will broadcast BK6. • M1 rekeys K1. M6 rekeys K2. • M1 broadcasts BK1. M6 broadcasts BK2. M8, M9, M10 join M2, M7 leave 1 1 2 2 T’ 6 3 3 4 5 6 6 13 14 M3 M7 7 8 8 11 12 M10(S) M6 27 28 M1 M2 23 24 M8 M9 M4 M5

18. Cryptographic Properties • Group key Secrecy • Forward Secrecy • Backward Secrecy • Key Independence

19. Domain1 d1 Admin 1 4 Domain2 d2 5 Domain3 d3 3 2 Admin Admin VO1 Group2 Domain to Domain Communication

20. Establishment of Trust Trust Evaluation Entity A’s opinion about entity B’s trustworthiness Combining Trust Comparing Trust If bA > bB; dA < dB and uA < uB, then opinion OA is over a threshold presented by OB.

21. Implementation Details Initialize the GridSim Package Initialize the GridSim Package Create grid entities- users and resources Create grid entities- users and resources Build the Network topology (mesh) Build the Network topology (mesh) Form the group Form the group Entity joins to different domain Entity joins to different domain yes No Evaluate trust Evaluate trust Joins the entity to group Joins the entity to group Join the entity to group Join the entity to group Perform rekeying Perform rekeying

22. Comparison of Join Cost for individual rekeying and interval based rekeying Leave = 0 Leave = 5 Leave = 10

23. Comparison of Communication Cost for individual rekeying and interval based rekeying Leave = 10

27. Conclusion • TGDH is used for securing group communication in grid. • Here each member contribute an equal share to the common group session key. This will enhance the security and avoid the problems with centralized trust and single point failure. • In order to reduce rekeying complexity, interval based approach is carried out. • Simulations are done using GridSim toolkit. • Domain to domain communication is enhanced by establishing a trust relationship.

28. Future work • The group key management protocol can be further enhanced by coupling the session based group key with permanent private components of the group members to improve security. • Groups can be formed within a virtual organization based on trust relationships, separate keys can be generated for each group and these keys can be managed hierarchically based on trust. • The proposed system can be tested in a real grid environment using globus.

29. References [1] Y. Kim, A. Perrig, and G. Tsudik. Tree-Based Group Key Agreement. ACM Trans. on Information and System Security, 7(1):60–96, Feb 2004. [2] Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups by Patrick P. C. Lee, John C. S. Lui, and David K. Y. Yau , , Vol. 14, No. 2, April 2006 [3] Grid Security Services Simulator (G3S) – A Simulation Tool for the Design and Analysis of Grid Security Solutions, Syed Naqvi, Michel Riguidel Proceedings of the First International Conference on e-Science and Grid Computing (e-Science’05) 2005 IEEE [4] http://www.gridbus.org/gridsim [5] Ching Lin, Vijay Varadharajan and Yan Wang, Vineet Pruthi, “Enhancing Grid Security with Trust Management”, Proceedings of the 2004 IEEE International Conference on Services Computing (SCC’04). [6] Marty Humphrey, Mary R. Thompson, and Keith R. Jackson, Security for Grids, Proceedings of the IEEE, Vol. 93, No. 3, March 2005

30. THANK YOU