Title: VO: Centralised or Decentralised Federation
1VO Centralised or Decentralised Federation
- Philippe Massonet et al
- CETIC
- TG6, 19-20/03/2009
2Trust in Dynamic Virtual Organisations
- Since VOs are based on sharing information and
knowledge, there must be a high amount of trust
among the partners. Especially since each partner
contribute with their core competencies
- Threats
- Bad service (contract not respected)
- Attacks loss of information
- Attacks disruption of service
- Vulnerability to attacks (low level of security
at one of the partners) -
Collaboration
2
Services
1
5
4
3
How do you maintain Trust and Security
properties in dynamic VO? Need for Trust and
security mechanisms
3Secure VO Lifecycle Management
- VO set of users that pool resources in order to
achieve common goals - Rules governing the
sharing of the resources - Trust and security policies are derived following
the goals of the VO and rules for sharing
resources
monitoring Enforcing policies Maintenance of
reputation
establishment of security policies, following
governing rules
discovery of potential trustworthy partners
termination of trust relationships maintenance of
reputation
membership and policy adaptation
4Security at Different Levels in Grid
NGG Architecture
GRID Application Layer
GRID Service Middleware Layer
GRID Foundation Middleware Layer
Network Operating System
5Trust and Security Issues in Service based Grids
Is the selected IP secure?
Can I trust the SR and SP?
Service Provider (SP)
Service Requestor (SR)
VO
Res.
Res.
Is SP using my resources with malicious intent?
Service Request
6General Architecture
Globus
PPMService
SRBService
Service Providers
VBEService
VO
C-UCONService
VO Manager
Enforcer
TRSService
7From Access Control to Usage Control
Usage Decision still valid ?
Can you revoke access ?
Pre decision
Before usage
Time
8Usage Control Services
- Monitor the actions executed on behalf of the
grid users and enforce a UCON security policy - Computational level (C-UCON)
- The policy consists of a highly detailed
description of the correct behaviour of the
application being executed - Only the applications whose behaviour is
consistent with the security policy are executed
on the computational resource - VO level (Enforcer)
- Policy evaluation point that support UCON
policies - The usage control service will be integrated into
the Globus middleware
GRID Service Middleware Layer
GRID Foundation Middleware Layer WP3/WP4
9Secure Resource Broker Service
- Integrate access control with resource/service
scheduling - Both resource owners and VO define their resource
access and usage policies - ?The resource broker schedules a user request
only within the set of resources whose policies
match the user credentials (and vice-versa) - Scalability and efficiency
- It will be integrated into the Globus middleware
GRID Service Middleware Layer
GRID Foundation Middleware Layer WP3/WP4
10Trust and Reputation Service
- Collect, distribute and aggregate feedbacks about
entities' behaviour in a particular context in
order to produce a rating about the entities - ? Entities could be either users, resources/
services, service providers or VOs - The reputation service is based on ideas of
utility computing - Can be used in both centralised and distributed
settings - The reputation service will be also integrated
into the Globus middleware
GRID Service Middleware Layer WP2/WP4
11VBE Virtual Breeding Environment Service
- It manages the Virtual Breeding Environment
composed of users and service providers (user,
service provider registration, certificate
management, etc.)
12PPM Profile and Policy Management Service
- The policy and profile management service is a
database service that keeps information about
security policies of all the entities of the
system. - Support several types of query
- Service ID, Type, Name, attribute (OS, Memory,
CPU type, Library, Certificate)
13VO Library
- To be used by the VO Manager to use and interface
with GridTrust services - Offers a full set of functionalities to manage VO
life cycle (Creation, Termination,) - Manage access at communication and authentication
level from applications to GridTrust Services. - Hides complexity of certificates management
between users and GridTrust CA
14GridTrust Framework - Components
service providers
PKI
- GridTrust Services
- TRS
- VBE
- SRB
- PPM
C-UCON
users
VO Library
ENFORCER
15Secure VO Lifecycle Formation
VBE Manager
PKI
16Secure VO Lifecycle VO Operation
Policy Service1 Service2
Virtual Breeding Environment
VO
TRS
ENFORCER
VO user
Service2
Application
Service1
Service3
17VO and Federation
- VO Federation
- Loosely coupled
- GridTrust VO
- Federation of domains
- But
- Centralised access control
- Single certification authority
- Need for Decentralised?
- VO management
- Access control