Professional Documents
Culture Documents
Workflow
Security in Grid Computing
Lecture 1
Introduction
• Grid system is a seamless, integrated computational and collaborative
environment and a high level view of activities within the Grid.
• Grids, composed of large-scale, geographically distributed platforms
working together.
• The resource requesters (users or systems) interact with the Grid resource
broker for solving problems, which in turn performs resource discovery,
scheduling, and processing application jobs on the distributed Grid
resources.
• A core part of the grid system is Resource Broker.
• Resource Broker has a significant role in discovering the resources before
implementing other grid resource management schemes.
• It performs various processes like discovering, scheduling, allocating and
evaluating.
Grid resource broker
• Generally, the node submits a job and the grid finds appropriate
resources, in principle anywhere, to complete it.
• A user at a node provides a search query containing a set of keywords
corresponding to the resource being searched for (ontological description
of the resources).
• A resource discovery protocol is then used to forward the search query to
other nodes and search for the resource on those nodes.
• When a resource is located at a node, a success message is sent to the
node that originated the search query.
Resource Discovery Process
Specific steps :
• A node, searching for resources, submits a request containing an
ontological description of a target resource.
• In order to perform the request distribution over the network,
communication and routing protocols are need to be employed.
• Each node receiving the request compares the incoming request
against its ontology, by applying some criteria for matching.
• The matching evaluation depends on the expressiveness of the ontological
description and on the desired level of accuracy.
• Replying to the requesting node, each node returns a list of candidate resource
descriptions, together with their respective matching values.
• Initiated node selects the relevant resources descriptions based on received
candidate descriptions and on their matching values.
Resource Discovery Approaches
Centralized Approach
• The resource discovery approaches in grid environments fall into one of the
following categories.
• Centralized approach one or a limited number of central servers index(es) the
resource information of an entire grid.
• The resource information about all other nodes and instances is located at a
central point, that can be reached by all service or resource requester
instances in the environment.
• All the resource providers periodically update and register their dynamic or
static information in the central repository.
• The central information service is the only entity in the system which can
process the queries, initiated by resource requesters, for matching to the
resources available.
Centralized Approach
• Each grid node includes some resources to share.
• The node publishes its resource information toward the central
server.
• Also, once the resource information of the grid node is changed,
for instance when its resource is allocated to a requesting
application, the new information of the resource will be sent by
the node directly to the central server.
Centralized Approach
Hierarchical Approach
• In the hierarchical (tree) approach, the resource information is partially
distributed to multiple locations in hierarchical fashion.
• In the hierarchical tree, grid nodes publish their resource information to
their parent nodes located in upper level.
• Also, each grid node handles the queries related to its descendants.
• In some cases, grid nodes do not maintain the metadata of all their
descendants because of security considerations or memory-space
limitations.
• The hierarchical approach is prevalent in many current resource
management systems such as Globus Toolkit, gLite, etc.
Hierarchical Approach
Hierarchical Approach
For Authentication
• X.509 certificates involves the use of CA which issues certificate to Grid
users (Grid nodes).
• Each grid user (grid node) should trust the CA (which issued the
certificate).
• X.509 Certificate contains information about the CA as well as the grid
node.
• Key information of X.509 certificate: Subject’s name, Public Key, Name
of CA, Encryption algorithms etc.
• Certificates are also signed by the CA.
Security In Grid: The X.509 Certificate
• After a client and server has used Kerberos to prove their identity,
they can also encrypt all of their communications to assure privacy
and data integrity as they go about their business.
Security In Grid : Kerberos
How it works
• Client requests an authentication ticket (TGT) from the Key
Distribution Center (KDC)
• The KDC verifies the credentials and sends back an encrypted TGT and
session key
• The TGT is encrypted using the Ticket Granting Service (TGS) secret
key
• The client stores the TGT and when it expires the local session
manager will request another TGT (this process is transparent to the
user)
Security In Grid : Kerberos PSN= Unique identifier of
a service instance.
• GSI provides secure communications for all the higher-level grid services
• Secure Authentication and Authorization
• The job would not be permitted to execute if the user has no access on
that resource.
• Authentication ensures you are whom you claim to be (ID card, fingerprint,
passport, username/password)
• Authorization controls what you are permitted to do (Run a job, read or write
a file)
37
Grid Security Infrastructure - GSI
• User authenticates once – then can perform many tasks
• The primary motivations behind the GSI are:
• The need for secure communication (authenticated and perhaps
confidential) between elements of a computational Grid.
• The need to support security across organizational boundaries, thus
prohibiting a centrally-managed security system.
• The need to support "single sign-on" for users of the Grid, including
delegation of credentials for computations that involve multiple
resources and/or site Single Sign-on
Grid Security Infrastructure - GSI
• The Grid Security Infrastructure (GSI) implementation of PKI supports
dynamic trust chain creation through the Community Authorization Service
(CAS). – For details see (Paper 1)
• This is based on the policy that two peers bearing proxy certificates signed
by the same user will inherently trust each other.
• Kerberos based implementation has significant shortcomings as it requires
synchronous communication with the ticket granting server in order to setup
communication between a client and server.
• If the ticket granting server goes offline or has a security breach then there is
no way the system can operate.
• In case of X.509 based implementation, a CA can certify the credentials
offline.
• Having said that, a majority of implementations do rely on centralised trust
enforcement entities such as a CA or a ticket granting authority.
Other Grid Security Approaches
• Reliability: Reliability is one of the fundamental goals of any
distributed system.
• Usually hardware reliability is achieved through redundancy of
equipment.
• In grid, the underlying software technology offers more than
hardware based reliability.
• The grid management software resubmits a job to alternate
machines in case of failures or in some case a critical job’s multiple
instances are executed over different machines.
Other Grid Security Approaches
• Failure Management: In the grid environment the intra-node or
inter-node resources may fail.
• Therefore the information services have to robust in case of
resource failures or even
• for the failure of information service components.
• The term robust in this case states that in case any component
fails this act should not prevent to obtain information about other
• components of the system.
• The end user should have information even in case of partial or
inconsistent information.
Other Grid Security Approaches
How to ensure robustness of information services?
• First, the information services should be as decentralized and distributed
as much as possible and the information providers should be in the
proximity of the entities they describe.
• This will increase the likelihood of obtaining information about the available
resources
• Secondly, the components of information services should be developed
under the consideration that failure is not an exception rather a rule.
• It means not only making sure that in case of failure the failed services or
resources should not interfere or halt other functions but also the timely
information regarding the failure should be made available.
Users in VO-A and VO-B have access to
partially overlapping resources. While VO-
B is split by network failure, it should
operate as two disjoint fragments. Source:
Czajkowski et al (1998).
Grid Security is a Crucial
Why?
• Problems being solved might be sensitive
• Resources are typically valuable
44
Resource Discovery and
Workflow
Security in Grid Computing
Lecture 3
Grid Workflow
46
Grid Work Flow : Definition