Security in grid computing
This presentation is the property of its rightful owner.
Sponsored Links
1 / 37

Security in Grid Computing PowerPoint PPT Presentation


  • 79 Views
  • Uploaded on
  • Presentation posted in: General

Security in Grid Computing. AZIZOL ABDULLAH DEPARTMENT OF COMMUNICATION TECHNOLOGY AND NETWORK. Grid Example. Security Issues. Each company could be regarded as a domain Each domain will have its own security policy

Download Presentation

Security in Grid Computing

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Security in grid computing

Security in Grid Computing

AZIZOL ABDULLAH

DEPARTMENT OF COMMUNICATION TECHNOLOGY AND NETWORK


Grid example

Grid Example


Security issues

Security Issues

  • Each company could be regarded as a domain

  • Each domain will have its own security policy

  • The primary goal of Grid environment is to encourage domain-to-domain interactions to share the resources


Security issues how to share the resources

Security Issues: How to share the resources?

  • To encourage the controlled sharing of resources:

    • The security overhead should be minimized so that the sharing is appealing

    • The security mechanism applied should be scalable

    • Domains should not lose control over their own resources


Security issues what is trust

Security Issues: What is Trust ?

  • Trust is to model the human social behavior

    • When I use a credit card to pay the bill, the bank trust me that I will pay back the money later

    • When I use the e-banking service to perform a transaction, I trust the bank that it will perform the transaction for me


Definition of trust

Definition of Trust

  • Trust is the firm belief in the competence of an entity to behave as expected such that this firm belief is a dynamic value associated with the entity and is subject to the entity’s behavior and applies only within a specific context at a given time


Trust

Trust

  • Trust value is a continuous and dynamic value in the range of [0,1]

  • 1 means very trustworthy

  • 0 means very untrustworthy

  • It is built on past experience

  • It is context based (under different context may have different trust value)


Reputation

Reputation

  • When making trust-based decisions, entities can rely on others for information regarding to a specific entity.

  • The information regarding to a specific entity x is defined as the reputation of entity x.


Definition of reputation

Definition of Reputation

  • The reputation of an entity is an expectation of its behavior based on other entities’ observations or information about the entity’s past behavior within a specific context at a given time.


Security issues1

Security Issues

Traditional systems:

  • Protect a system from its users

  • Protect data of one user from compromise

    In Grid systems:

  • Protect applications and data from system where computation executes

  • Stronger authentication needed (for users and code)

  • Protect local execution from remote systems

  • Different admin domains/security policies


Authentication

Authentication

  • Process of verifying identity of a participant to an operation or request

  • Principal: entity whose identity is verified

    • local user OR user logged into remote system

  • Traditional systems: authenticate client to protect server

  • Grid systems: mutual authentication required

    • Ensure that resources and data not provided by an attacker


Authentication methods password based authentication

Authentication Methods:Password-based Authentication

  • Send unencrypted passwords:

    only suitable when messages can’t be read by untrusted processes while on network

  • Instead: Prove knowledge of a password:

    • Don’t send password over network

    • Use password as an encryption key

    • Encrypt a known but non-repeating value

    • Send encrypted value to party verifying authentication

    • Both parties must know password or trust a third-party to distribute it


Authentication systems kerberos

Authentication Systems:Kerberos

  • Authentication and key distribution protocol

    • Used with symmetric encryption systems (both sides must share same key)

    • Better performance than systems using public key or asymmetric cryptography

  • Well-suited to frequent authentication

  • Centrally administered

  • Requires trusted, on-line certification authority: Key Distribution Center (KDC)


Using kerberos to authenticate a client and a server

Using Kerberos to authenticate a client and a server

  • Each client and server register their keys in advance with Kerberos authentication server

  • Client wants to communicate with service provider: sends client and service provider names to Kerberos authentication server

  • Kerberos server randomly generates a session key that will be used for symmetric encryption between client and server

  • Kerberos server sends session key to client as well as a ticket that contains client’s name and session key, all encrypted with server’s key


Kerberos authentication cont

Kerberos Authentication (cont.)

  • Client caches encrypted session key and ticket, which are valid for some period

    • Reduces number of authentication requests to server

  • Client forwards ticket to service provider AND sends server a timestamp encrypted using the session key

  • Server decrypts ticket and extracts session key

  • Server uses session key to decrypt timestamp and checks that timestamp is recent

  • If client needs to authenticate server, server encrypts the timestamp with the session key and sends it back to client


Authentication systems secure sockets layer ssl

Authentication Systems: Secure Sockets Layer (SSL)

  • Widely-deployed: every web browser!

  • Client authenticates identity of the server

  • Send a session key from client to server to set up an encrypted communication

  • Server has a certificate that contains its public key

  • If client has a certificate, can authenticate itself to the server


Using ssl to authenticate a server

Using SSL to authenticate a server

  • Client web browser with SSL contacts web server with SSL

  • Server sends public-key certificate to client

  • Client uses public key of a trusted Certificate Authority (CA) to verify server’s certificate is valid

  • Client verifies that hostname embedded in certificate is hostname of intended server

  • Client extracts server’s public key from certificate

  • Client uses server’s public key to encrypt a session key for a symmetric cryptosystem

  • Client sends encrypted session key to server

  • Server uses its private key to decrypt session key

  • Client and server communicate using symmetric cryptosystem with session key


Certificates and certification authorities ca

Certificates and Certification Authorities (CA)

  • Certification mechanism provides binding between encryption key and authenticated identity

  • Certification authority (CA) is a third party that certifies or validates the binding

  • CA issues a certificate and signs it

  • Certificate is a data object that contains:

    • Distinguished name of a principal

    • In asymmetric cryptographic systems: the public key of the principal

    • Optional attributes: authorizations, group memeberships, email addresses, alternate names


Certification cont

Certification (cont.)

  • X.509 certificates:most widely used format

    • Web browsers

    • Secure email services

    • Public-key-based electronic payment systems

  • Validating the binding

    • Verifier must know the CA’s public key

    • Uses CA’s public key to validate CA’s signature

  • Hierarchy of CAs: each CA certified by higher-level CA except for root CA(s)

  • Applications and servers must know public key of trusted root CAs


Data origin authentication

Data Origin Authentication

  • Provides assurance that a particular message, data item or executable originated with a particular principal

    • Determines whether program was modified or sent by attacker


Delegation of identity

Delegation of Identity

  • Process that grants one principal the authority to act as another individual

  • Assume another’s identity to perform certain functions

  • E.g., in Globus: use the gridmap file on a particular resource to map authenticated user onto another’s account, with corresponding privileges


Authorization

Authorization

  • Process that determines whether a particular operation is allowed

  • Traditionally: based on authenticated identity of requester and local information

    • Access Control Lists (ACLs)

  • Grids: determine whether access to resource is allowed

    • Might have access control lists associated with resources, principals or authorized programs

    • User-provided code must also be authenticated


Distributed authorization

Distributed Authorization

  • E.g., Distributed Computing Environment

  • Systems still being developed

  • Distributed maintenance of authorization information:

    • Group membership

    • Access control lists

  • Need to verify the authenticity of authorization (and assurance) information

  • One approach: Embed these attributes in certificates

    • Signed by trusted third-party

    • “Privilege attribute certificates”


Distributed authorization cont

Distributed Authorization (cont.)

  • Restricted proxy: authorization certificate that grants authority to perform operation on behalf of grantor

    • Restricted for access to particular objects

    • Only when specified restrictions are satisfied

  • Alternative: separate authorization server

  • Party providing a service checks with server whether a named principal is authorized


Delegation of authority

Delegation of Authority

  • User or process that is authorized to perform an operation can grant authroity to perform the operation to another process

  • More restricted than identity delegation

  • In Grids:

    • Used for tasks that run remotely on grid that must read or write data stored across the network

    • E.g., resource manager allocates a node to a job and delegates to job’s initator authority to use that node


Integrity and confidentiality

Integrity and Confidentiality

  • Protect data during transmission on network

    • Anyone connected to an open network may observe, insert or possibly remove messages

  • Cryptography

    • Encryption: scrambles data in a way that varies based on a secret encryption key

    • Decryption: unscramble data using corresponding decryption key

    • Ciphertext: scrambled data

    • Plaintext: original or unscrambled data


Encrypted messages provide integrity and confidentiality

Encrypted messages provide integrity and confidentiality

  • Protect data

    • data encrypted before transmission and decrypted afterward

  • Checksums protect data integrity

    • Attach a checksum to data before enryption

    • After decryption, receiver verifies checksum

    • Detect modifications of data by someone who doesn’t know encryption key


Symmetric cryptosystems

Symmetric Cryptosystems

  • Examples:DES (data encryption standard), triple-DES, idea, blowfish, RC4, RC5

  • Uses same key for encryption & decryption

  • Both parties must share same key

  • With static keys:

    • User needs different key for every other user or service provider

    • Service provider maintains key for every user

  • Or, use mutually-trusted intermediary to generate and distribute session key to both parties

    • E.g., Kerberos Key Distribution Center


Symmetric encryption key distribution using kerberos

Symmetric Encryption Key Distribution Using Kerberos

  • Each client and server register their keys with Kerberos authentication server in advance

  • Client wants to communicate with service provider: sends client and service provider names to Kerberos authentication server

  • Kerberos server randomly generates a session key that will be used for symmetric encryption between client and server

  • Kerberos server sends session key to client as well as a ticket that contains client’s name and session key, all encrypted with server’s key


Key distribution using kerberos cont

Key Distribution Using Kerberos (cont.)

  • Client caches encrypted session key and ticket, which are valid for some period

    • Reduces number of authentication requests to server

  • Client forwards ticket to service provider AND sends server a timestamp encrypted using the session key

  • Server decrypts ticket and extracts session key

  • Server uses session key to decrypt timestamp, checks that it is recent

  • If client needs to authenticate server, server encrypts the timestamp with the session key and sends to client


Asymmetric cryptography

Asymmetric Cryptography

  • Also Public Key cryptography (PKI)

  • E.g., RSA or DSA (digital signature algorithm)

  • Uses a pair of keys for encryption and decryption

    • Knowledge of one key does not reveal the other

  • Public key: published and available to anyone

  • Private key: secret, known to only one party

  • Advantage: can disseminate public key freely

  • Disadvantage: significantly worse performance than symmetric encryption

    • Because of performance, rarely used in isolation

    • Used in combination with symmetric encryption


Using asymmetric encryption to exchange a symmetric key

Using Asymmetric Encryption to Exchange a Symmetric Key

  • Sender generates a symmetric session key and an associated checksum

  • Sender encrypts key and checksum using recipient’s public key and sends them to recipient

  • Recipient decrypts key and checksum using its private key

  • Recipient verifies checksum is correct and extracts session key

  • Communication proceeds using symmetric encryption with the session key


Using asymmetric encryption to exchange symmetric key cont

Using Asymmetric Encryption to Exchange Symmetric Key (cont.)

  • Pay asymmetric performance penalty at startup but not on every block transferred

  • Relies on each party knowing public keys or relying on trusted third party (CA) to verify public keys

  • Otherwise, attacker could replace public key with different public key that has a private key known by attacker


Encryption with pgp pretty good privacy

Encryption with PGP (Pretty Good Privacy)

  • Provides integrity, authentication and confidentiality for email and data files

  • Sender:

    • Computes a message digest (similar to a checksum)

    • Encrypts original message using symmetric cryptography with a message key

    • Encrypts the message digest with asymmetric cryptography using the private key of the sender

      • Provides a digital signature (integrity)

    • Encrypts the message key with asymmetric cryptography using recipient’s public key


Pgp pretty good privacy cont

PGP (Pretty Good Privacy) (cont.)

  • Recipient:

    • Decrypts message digest using public key of sender

    • Decrypts message key using its own private key

    • Uses message key to decrypt original message

    • Verifies the correctness of message using digest


Digital signatures

Digital Signatures

  • Does not require encryption of original message

  • Message digest

    • Computationally infeasible for another message to produce the same digest

    • Encrypted

    • Attached to message

    • Can detect if message was altered during transmission

  • Provides a digital signature


Summary

Summary

  • Security Issues : Trust and Reputation

  • Authentication

    • Password-based

    • Kerberos authentication

    • SSL authentication

    • Certification authorities

  • Authorization

  • Integrity and Confidentiality

    • Symmetric and asymmetric cryptography

    • PGP (Pretty Good Privacy)

    • SSL


  • Login