Countering security threats in service-oriented on-demand grid computing using sandboxing and trusted computing techniques

Authors:
Matthew Smith;Thomas Friese;Michael Engel;Bernd Freisleben
Affiliations:
Department of Mathematics and Computer Science, University of Marburg, Marburg, Germany;Department of Mathematics and Computer Science, University of Marburg, Marburg, Germany;Department of Mathematics and Computer Science, University of Marburg, Marburg, Germany;Department of Mathematics and Computer Science, University of Marburg, Marburg, Germany
Venue:
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Year:
2006

Citing 14
Cited 11

Role-Based Access Control With X.509 Attribute Certificates

IEEE Internet Computing
An Online Credential Repository for the Grid: MyProxy

HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
A Community Authorization Service for Group Collaboration

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
From Sandbox to Playground: Dynamic Virtual Environments in the Grid

GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
Towards a Service-Oriented Ad Hoc Grid

ISPDC '04 Proceedings of the Third International Symposium on Parallel and Distributed Computing/Third International Workshop on Algorithms, Models and Tools for Parallel Computing on Heterogeneous Networks
Hot service deployment in an ad hoc grid environment

Proceedings of the 2nd international conference on Service oriented computing
Security Issues in On-Demand Grid and Cluster Computing

CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Clusters and security: distributed security for distributed systems

CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid - Volume 01
A first step toward detecting SSH identity theft in HPC cluster environments: discriminating masqueraders based on command behavior

CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid - Volume 01
Intra-engine service security for grids based on WSRF

CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid (CCGrid'05) - Volume 2 - Volume 02
Xen and the art of repeated research

ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Improving host security with system call policies

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Deploying virtual machines as sandboxes for the grid

WORLDS'05 Proceedings of the 2nd conference on Real, Large Distributed Systems - Volume 2

Xen and the Art of Cluster Scheduling

VTDC '06 Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing
Securing stateful grid servers through virtual server rotation

HPDC '08 Proceedings of the 17th international symposium on High performance distributed computing
Building a demilitarized zone with data encryption for grid environments

Proceedings of the first international conference on Networks for grid applications
Towards Trust Services for Language-Based Virtual Machines for Grid Computing

Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Building Trusted Sub-domain for the Grid with Trusted Computing

Information Security and Cryptology
Towards platform-independent trusted computing

Proceedings of the 2009 ACM workshop on Scalable trusted computing
Trusted computing: special aspects and challenges

SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Secure virtualization for cloud computing

Journal of Network and Computer Applications
Specification and Standardization of a Java Trusted Computing API

Software—Practice & Experience
Lightweight distributed heterogeneous attested android clouds

TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Enhancing grid security using trusted virtualization

ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, an analysis of security threats within service-oriented on-demand Grid computing environments is presented. The analysis is based on identifying three levels of trust relationships and three types of Grid applications in on-demand computing; the trust relationships involve interactions among resource providers, middleware producers, solution producers, and users. The paper presents solutions for addressing the threats inherent to these three increasingly demanding levels. The solutions involve applying sandbox-based approaches using virtual machine technology and jailing mechanisms to ensure trust for the first two levels of on-demand Grid computing, as well as Trusted Computing Platform Alliance (TCPA) technology for the third level of on-demand Grid computing. A brief taxonomy of the presented solutions is introduced.