Cluster Computing and the Grid, IEEE International Symposium on (2006)
May 16, 2006 to May 19, 2006
Matthew Smith , University of Marburg, Germany
Michael Engel , University of Marburg, Germany
Thomas Friese , University of Marburg, Germany
Bernd Freisleben , University of Marburg, Germany
Gregory A. Koenig , University of Illinois, Urbana-Champaign, USA
William Yurcik , University of Illinois, Urbana-Champaign, USA
In this paper, security issues in on-demand Grid and cluster computing are analyzed, a corresponding threat model is presented and the challenges with respect to authentication, authorization, delegation and single sign-on, secure communication, auditing, safety, and confidentiality are discussed. Three different levels of on-demand computing are identified, based on the number of resource providers, solution producers and users, and the trust relationships between them. It is argued that the threats associated with the first two levels can be handled by employing operating system virtualization technologies based on Xen, whereas the threats of the third level require the use of hardware security modules proposed in the context of the Trusted Computing Platform Alliance (TCPA). The presented security mechanisms increase the resilience of the service hosting environment against both malicious attacks and erroneous code. Thus, our proposal paves the way for large scale hosting of Grid or web services in commercial scenarios.
T. Friese, M. Smith, W. Yurcik, B. Freisleben, M. Engel and G. A. Koenig, "Security Issues in On-Demand Grid and Cluster Computing," Cluster Computing and the Grid, IEEE International Symposium on(CCGRID), Singapore, 2006, pp. 24.