Improving Grid User's Privacy with glite Pseudonymity Service

Similar documents
SLCS and VASH Service Interoperability of Shibboleth and glite

EUROPEAN MIDDLEWARE INITIATIVE

Enabling Grids for E-sciencE. EGEE security pitch. Olle Mulmo. EGEE Chief Security Architect KTH, Sweden. INFSO-RI

LCG User Registration & VO management

THEBES: THE GRID MIDDLEWARE PROJECT Project Overview, Status Report and Roadmap

g-eclipse A Framework for Accessing Grid Infrastructures Nicholas Loulloudes Trainer, University of Cyprus (loulloudes.n_at_cs.ucy.ac.

glite Grid Services Overview

Grids and Security. Ian Neilson Grid Deployment Group CERN. TF-CSIRT London 27 Jan

MyProxy Server Installation

Federated Authentication with Web Services Clients

Argus: The Simplified Policy Language

AMGA metadata catalogue system

Bob Jones. EGEE and glite are registered trademarks. egee EGEE-III INFSO-RI

Failover procedure for Grid core services

ShibVomGSite: A Framework for Providing Username and Password Support to GridSite with Attribute based Authorization using Shibboleth and VOMS

Access the power of Grid with Eclipse

EGEE (JRA4) Loukik Kudarimoti DANTE. RIPE 51, Amsterdam, October 12 th, 2005 Enabling Grids for E-sciencE.

Grid Services Security Vulnerability and Risk Analysis

Grid Authentication and Authorisation Issues. Ákos Frohner at CERN

EGI-InSPIRE. GridCertLib Shibboleth authentication for X.509 certificates and Grid proxies. Sergio Maffioletti

Pan-European Grid einfrastructure for LHC Experiments at CERN - SCL's Activities in EGEE

Host Website from Home Anonymously

30 Nov Dec Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy

AAI in EGI Current status

STATUS UPDATE ON THE INTEGRATION OF SEE-GRID INTO G- SDAM AND FURTHER IMPLEMENTATION SPECIFIC TOPICS

Report for the GGF 16 BoF for Grid Developers and Deployers Leveraging Shibboleth

EGEE and Interoperation

Grid services. Enabling Grids for E-sciencE. Dusan Vudragovic Scientific Computing Laboratory Institute of Physics Belgrade, Serbia

Grid Scheduling Architectures with Globus

Anonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012

Argus Vulnerability Assessment *1

E G E E - I I. Document identifier: Date: 10/08/06. Document status: Document link:

Introduction to Grid Security

Identifiers, Privacy and Trust in the Internet of Services

Monitoring tools in EGEE

An Introduction to Digital Identity

UNICORE Globus: Interoperability of Grid Infrastructures

Privacy-Enhancing Technologies & Applications to ehealth. Dr. Anja Lehmann IBM Research Zurich

10 Active Directory Misconfigurations That Lead to Total Compromise Austin, TX 201 W 5th St.

Eclipse Technology Project: g-eclipse

glite Java Authorisation Framework (gjaf) and Authorisation Policy coordination

Cooperative ITS Corridor Joint Deployment

An authorization Framework for Grid Security using GT4

Advanced Job Submission on the Grid

The EGEE-III Project Towards Sustainable e-infrastructures

Grid Security Infrastructure

Juliusz Pukacki OGF25 - Grid technologies in e-health Catania, 2-6 March 2009

Defining Anonymity in Networked Communication, version 1

Identity Management Systems An Overview. IST Event 2004 /

The SweGrid Accounting System

OCSP Client Tool V2.2 User Guide

DIRAC distributed secure framework

Security Service Challenge & Security Monitoring

The LGI Pilot job portal. EGI Technical Forum 20 September 2011 Jan Just Keijser Willem van Engen Mark Somers

A Simplified Access to Grid Resources for Virtual Research Communities

Security in distributed metadata catalogues

DIRAC Distributed Secure Framework

Setup Desktop Grids and Bridges. Tutorial. Robert Lovas, MTA SZTAKI

Using the MyProxy Online Credential Repository

HealthGrids: In Search for Sustainable Solutions

SOA Software Policy Manager Agent v6.1 for WebSphere Application Server Installation Guide

VOMS Support, MyProxy Tool and Globus Online Tool in GSISSH-Term Siew Hoon Leong (Cerlane) 23rd October 2013 EGI Webinar

Overview of WMS/LB API

Development of new security infrastructure design principles for distributed computing systems based on open protocols

OWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example

Troubleshooting Grid authentication from the client side

EGI-InSPIRE. Security Drill Group: Security Service Challenges. Oscar Koeroo. Together with: 09/23/11 1 EGI-InSPIRE RI

European Framework for C-ITS Security 6 th of March 2018 Gerhard Menzel European Commission

Privacy and Identity Management for Life. Lifelong Privacy

PrinterOn Server Install Guide

SOA Software Policy Manager Agent v6.1 for tc Server Application Server Installation Guide

glite Middleware Usage

0x1A Great Papers in Computer Security

The glite middleware. Presented by John White EGEE-II JRA1 Dep. Manager On behalf of JRA1 Enabling Grids for E-sciencE

LCG-2 and glite Architecture and components

Interconnect EGEE and CNGRID e-infrastructures

Towards measuring anonymity

Best practices and recommendations for attribute translation from federated authentication to X.509 credentials

Grid Computing Middleware. Definitions & functions Middleware components Globus glite

Introduction to SciTokens

Travelling securely on the Grid to the origin of the Universe

U-Prove Technology Overview

Lecture Notes 14 : Public-Key Infrastructure

A SIMPLE INTRODUCTION TO TOR

R-GMA (Relational Grid Monitoring Architecture) for monitoring applications

Pseudonym Based Security Architecture for Wireless Mesh Network

A Tale of Two Open Source Cryptography Projects. Bouncy Castle EJBCA

Eclipse Technology Project: g-eclipse

Bookkeeping and submission tools prototype. L. Tomassetti on behalf of distributed computing group

eduroam Managed IdP Product Presentation

Implementing GRID interoperability

Hardware Tokens in META Centre

Equitrac Integrated for Konica Minolta

3rd UNICORE Summit, Rennes, Using SAML-based VOMS for Authorization within Web Services-based UNICORE Grids

Authorization Strategies for Virtualized Environments in Grid Computing Systems

Parallel Computing in EGI

EMI Deployment Planning. C. Aiftimiei D. Dongiovanni INFN

Enabling Grids for E-sciencE. A centralized administration of the Grid infrastructure using Cfengine. Tomáš Kouba Varna, NEC2009.

Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010

Gridbus Portlets -- USER GUIDE -- GRIDBUS PORTLETS 1 1. GETTING STARTED 2 2. AUTHENTICATION 3 3. WORKING WITH PROJECTS 4

Transcription:

Improving Grid User's Privacy with glite Pseudonymity Service Henri Mikkonen, Joni Hahkala and John White 5 th EGEE User Forum 12-16 April 2010 Uppsala, Sweden www.eu-egee.org EGEE and glite are registered trademarks

Introduction The user activity in the Grid can be hidden from the other Grid users and network observers......but the resource administrators are able to figure out the used resources and applications. Information creep is of serious concern to applications in areas of highly competitive research, such as biomedicine The following requirement was already described in the EGEE Global Security Architecture document (DJRA 3.1)...an outsider should not be able to deduce a particular user's activities, such as how much of the resources the user consumes or what applications are run... Solution: users should be able to hide their real identity behind a pseudo-anonymous identity

Terminology [Pfitzmann2009] A pseudonym refers to an identifier of a subject (holder) other than one of the subject's real names A subject itself is pseudonymous if a pseudonym is used as identifier instead of its real names For the linking between a pseudonym and its holder, three kinds of pseudonyms are defined: Public pseudonym: publicly known from the very beginning Initially non-public pseudonym: the linking may be known by certain parties, but is not public at least initially Initially unlinked pseudonym: the linking is not initially known to anybody with the possible exception of the holder himself

Use Case A user initializes a pseudonymous Grid identity (proxy) with his real Grid credentials The pseudonymous proxy has an anonymized DN and a set of user's real VO attributes The user utilizes the pseudonymous proxy for submitting a job to the Grid

Use Case A user initializes a pseudonymous Grid identity (proxy) with his real Grid credentials The pseudonymous proxy has an anonymized DN and a set of user's real VO attributes The user utilizes the pseudonymous proxy for submitting a job to the Grid After the original pseudonymous proxy is expired, the user must initialize a new one with his real credentials The pseudonymous proxy has a new anonymized DN, but the similar set of user's real VO attributes The user can access the results for the job submitted with the original pseudonymous proxy

System Overview

Sequence

Server-Side Requirements Apache Tomcat container with glite Trustmanager The VOMS proxy is used for user authentication & authorization An RDBMS instance for storing the relationships between real and pseudonymous identities Any system supported by Hibernate can be used VOMS-server and VOMS-Admin 2.5+ as the Attribute Authority The support of multiple certificates for each user is required The pseudonymity service must be given a VO admin role An Online CA instance supporting the CMC or CMP protocols Interoperability with an open source CA software called EJBCA is tested via the CMP protocol

Client-Side Requirements The client tool is a standalone Java software Java 5 is required, interoperability tested with SUN Java No other binary dependencies voms-proxy-init is required for initializing VOMS proxies

Grid Middleware Requirements Enabling Grids for E-sciencE The middleware security must be based on PKI certificates Pseudonymous credentials are modeled as X.509 certificates The middleware policy must not require the use of same subject DN from the users Pseudonyms should be short-lived, ideally one-time, identities with unique identifiers Otherwise vulnerability for data correlation attacks would rise Both authentication and authorization must be based on the attributes instead of the DNs

Conclusions glite Pseudonymity Service can be used for obtaining initially non-public pseudonymous identity for Grids The relationships between the real and pseudonymous identities can be revealed by authorized parties eg. in the cases of misuse The users can hide their identity from the outsiders, including resource administrators However, other VO members with similar attributes can access the same data in the Grid The work is scheduled to continue in the European Middleware Initiative (EMI)

References A. Pfitzmann and M. Hansen, A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management, version 0.32, December 2009. http://dud.inf.tu-dresden.de/anon_terminology.shtml J. Hahkala, H. Mikkonen, M. Silander and J. White, Requirements and Initial Design of a Grid Pseudonymity System, in Proceedings of HPCS 2008, Nicosia, Cyprus, June 2008. http://www.scs- europe.net/conf/ecms2008/ecms2008%20cd/hpcs2008%20pdf/hpcs08w1-6.pdf J. Hahkala, H. Mikkonen, M. Silander and J. White, A Pseudonymity System for Grids, in Journal of Computers, Volume 4, Issue 5, May 2009. http://www.academypublisher.com/jcp/vol04/no05/jcp0405415422.pdf

Thank you for your attention! Any questions? Contact: firstname.lastname@cern.ch

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback