Documente Academic
Documente Profesional
Documente Cultură
P.SUDHEER,
Y07IT105, II/IVB.Tech,
E-mail:prattipati8@yahoo.co.in
Ph no:9989153955
TO
Quest 09
JNTUCE,HYDERABAD
ABSTRACT:
ABSTRACT
INTRODUCTION
MIDDLEWARE
VIRTUAL ORGANISATION
FUNDAMENTALS IN GRID
SECURITY
PHYSICAL
GRIDFRIEWALL
OPERATING
SYSTEM
HOST INTRUSION
DECTION
POTENTIAL GRID SECURITY RISKS
P
CONCLUSION
REFERENCE
INTRODUCTION:Security requirements risk. To properly secure your grid
are fundamental to the grid design. The environment, there are many different tools
basic security components within the Globus and technologies available. This chapter will
Toolkit provide the mechanisms for examine some of those technologies and the
authentication,authorization, and different components provided within the
confidentiality of communication between Grid Security Infrastructure (GSI) of the
grid computers.Without this functionality, Globus Toolkit.
the integrity and confidentiality of the
WHAT IS A GRID COMPUTING?
dataocessed within the grid would be at
PARALLEL CPU:
VIRTUAL ORGANIZATION: Two or more bullet that can take any application and run
organizations that share resources become it a 1000 times faster withoutthe need for
VO.The policies governing access to those buying any more machines or software. Not
resource vary according to the actual every application issuitable or enabled for
organizations involved,creating an running on a grid. Some kinds of
environmemnt of providers and applications simplycannot be parallelized.
consumers.resources are made available by For others, it can take a large amount of
owners withconstraints on when,where and work to modifythem to achieve faster
what can be done on them.Resources throughput. The configuration of a grid can
consumers may also place constraints on greatly affect the performance, reliability,
properties of the resources they are prepared and security of an organization’s computing
to work with.For example ,a consumer may infrastructure. For all of these reasons, it is
important for the users to understand
accept resource over a secure channel only.
how far the grid has evolved today and
WHAT CAN GRID COMPUTING which features are coming tomorrow or in
CANNOT DO: the distant future.
A word of caution should be given to the
overly enthusiastic. The grid is not a silver
:SECURITY IN GRID COMPUTING: as to whether or not any requested access or
GRID SECURITY POLOCIES AND build a CA, but unfortunately none of the
PROCEDURE: policies. In this section, we will examine
CA AUTHORITY some of the basic policies and expectations
A PKI must be operated in accordance with
that a CA would normally be responsible
defined policies. The deployment of a PKI
for. For any type of 76 Introduction to Grid
system in an organization requires the
Computing with Globus production CA
development of security policies and
duties, it is suggested that you examine a
processes for that organization. The demo
commercial vendor To providetheseservices
CA that is provided within the Globus
for you
Toolkit provides the software in order to
.
CONTROL REVIEW: affect the overall security of the
When building any new environment or
environment and any other areas of change.
mplementing a new software application, it
This can help provide guidance on the
is always a good idea to perform a security
overall use of security controls or how you
health check. A security health check will
are managing security within your
help determine how these new changes will
environment. A review of your security
controls can help you better understand how will provide an in-depth review of the site
security works for your passwords, security controls in place and the related
administration, toolsets, auditing, and processes used within the organization.
monitoring within your environment. This
Apart from the different GSI components environment,this is no different. The use of
and technologies, there are many other firewalls within a grid design helps restrict
does not guarantee that there are not any Theft of private key: Unauthorized use of a
security risks. Within this section, we will private key associated with a
validcertificate.
examine somen possible vulnerabilities to
watch out for during your security design. Compromise of root CA private key: Using
a CA key to sign fraudulentcertificates or
This is by no means a laundry list for all
destroying a private key.
security vulnerabilities or a cookbook for
Automatic Trust Decisions: Automated
building a srcure infrastructure.
trust decisions can also automate fraud.
PKI vulnerabilitiesJust because you have Grid server vulnerabilities
built a PKI environment does not mean that
Any server or workstation that participates
your networkis completely secure. There are
in the grid is a potential vulnerability to an
still many vulnerabilities to be aware of. It
external or internal hacker. Knowing this, it
isnecessary to always keep an open mind
is very important to protect and isolate any
grid computer from any network or Any modification of the gridmap file.
resources that do not need explicit access to Latest operating system FixPacks. Any
the grid. Good physical security will limit application FixPacks.
the exposure of anybody walking up to the
server and accessing the console. APPLICATIONS AND LIMITATIONS
OF GRID COMPUTING:
Protect any directories of the /.globus
directory. Distributed data management
• Compute resources for simulations
Theft of the digital certificate and private
• Coupling distributed data with simulation
key (along with the private key Virtual resources and virtual organizations
for collaboration:
phrase).
reliability.
VIRTUAL ORGANIZATION THROUGH GEOGRAPHICALLY.
PRESENT AND FUTURE provide guidance for theGrid user, the Grid
GENERATION OF GRIDS: application developer, and the Grid resource
Today, grid systems are still at the early provider. While a given scenario can
stages of providing a reliable, well provide practical guidance for design and
performing, and automatically recoverable deployment, additional insightis gained by
virtual data sharing and storage. We will see recognizing the general, rapidly-emerging
products that take on this task in a grid issuessuch as the need for restricted
setting, federating data of all kinds, and delegation (giving onlysubset of your rights
achieving better performance, integration to something that will act on yourbehalf)
with scheduling, reliability, and capacity. that can be seen running through many of
Autonomic computing has the goal to make the scenarios.
the administrator’s job easier by automating
the various complicated tasks involved in
managing a grid. These include identifying
problems in real time and quickly initiating
corrective actions before they seriously
impair the grid.
REFERENCES:
TEXTBOOKS:
By IBM.com/redbooks
WEBSITES: