Grid Computing Security hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 1

Similar documents
Grid Computing. MCSN - N. Tonellotto - Distributed Enabling Platforms

Grids and Security. Ian Neilson Grid Deployment Group CERN. TF-CSIRT London 27 Jan

30 Nov Dec Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy

Grid Computing Middleware. Definitions & functions Middleware components Globus glite

Grid Architectural Models

Grid-CERT Services. Modification of traditional and additional new CERT Services for Grids

High Performance Computing Course Notes Grid Computing I

Using the MyProxy Online Credential Repository

Globus GTK and Grid Services

The University of Oxford campus grid, expansion and integrating new partners. Dr. David Wallom Technical Manager

EGEE and Interoperation

Introduction to GT3. Introduction to GT3. What is a Grid? A Story of Evolution. The Globus Project

Deploying the TeraGrid PKI

Credentials Management for Authentication in a Grid-Based E-Learning Platform

UNICORE Globus: Interoperability of Grid Infrastructures

Layered Architecture

Credential Management in the Grid Security Infrastructure. GlobusWorld Security Workshop January 16, 2003

Introduction to SciTokens

THE GLOBUS PROJECT. White Paper. GridFTP. Universal Data Transfer for the Grid

Grid Computing Fall 2005 Lecture 5: Grid Architecture and Globus. Gabrielle Allen

By Ian Foster. Zhifeng Yun

GLOBUS TOOLKIT SECURITY

Travelling securely on the Grid to the origin of the Universe

Grid Computing Security

UNIT IV PROGRAMMING MODEL. Open source grid middleware packages - Globus Toolkit (GT4) Architecture, Configuration - Usage of Globus

Advanced School in High Performance and GRID Computing November Introduction to Grid computing.

A VO-friendly, Community-based Authorization Framework

The LHC Computing Grid

EUROPEAN MIDDLEWARE INITIATIVE

Data Movement and Storage. 04/07/09 1

Globus Toolkit Firewall Requirements. Abstract

Grid Middleware and Globus Toolkit Architecture

Introduction to Grid Computing

IEPSAS-Kosice: experiences in running LCG site

Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003

Leveraging the InCommon Federation to access the NSF TeraGrid

Federated Services for Scientists Thursday, December 9, p.m. EST

Gatlet - a Grid Portal Framework

Grid Computing a new tool for science

On the employment of LCG GRID middleware

Authorization Strategies for Virtualized Environments in Grid Computing Systems

A Roadmap for Integration of Grid Security with One-Time Passwords

Using MATLAB on the TeraGrid. Nate Woody, CAC John Kotwicki, MathWorks Susan Mehringer, CAC

Implementing GRID interoperability

Application Firewalls

Managing Grid Credentials

Federated access to Grid resources

GSI Online Credential Retrieval Requirements. Jim Basney

Most Common Security Threats (cont.)

Tutorial 1: Introduction to Globus Toolkit. John Watt, National e-science Centre

S.No QUESTIONS COMPETENCE LEVEL UNIT -1 PART A 1. Illustrate the evolutionary trend towards parallel distributed and cloud computing.

An Introduction to the Grid

glite Grid Services Overview

Grid Programming: Concepts and Challenges. Michael Rokitka CSE510B 10/2007

Usability, Security and Privacy

Enabling Grids for E-sciencE. EGEE security pitch. Olle Mulmo. EGEE Chief Security Architect KTH, Sweden. INFSO-RI

Risk and Security Management for Distributed Supercomputing with Grids

Grid Authentication and Authorisation Issues. Ákos Frohner at CERN

Introduction to Grid Technology

Grid Computing Fall 2005 Lecture 16: Grid Security. Gabrielle Allen

Distributed Data Management with Storage Resource Broker in the UK

globus online Globus Nexus Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory

Grid Security Infrastructure

MQ Jumping... Or, move to the front of the queue, pass go and collect 200

The Globus Toolkit Lecture of the course of Complements of Enabling Platforms

The DNS. Application Proxies. Circuit Gateways. Personal and Distributed Firewalls The Problems with Firewalls

Grid Computing Security: A Survey

Problems for Resource Brokering in Large and Dynamic Grid Environments

ISTITUTO NAZIONALE DI FISICA NUCLEARE

Trusted Intermediaries

AIT 682: Network and Systems Security

Interoperable job submission and management with GridSAM, JMEA, and UNICORE

J. Basney, NCSA Category: Experimental October 10, MyProxy Protocol

Day 1 : August (Thursday) An overview of Globus Toolkit 2.4

IBM Tivoli Directory Server

The Grid: Processing the Data from the World s Largest Scientific Machine

Interfacing Operational Grid Security to Site Security. Eileen Berman Fermi National Accelerator Laboratory

Grid Security: The Globus Perspective

Symantec VIP Quick Start Guide. Helping your users. Version 1.0. Author Maren Peasley Symantec. All rights reserved.

Classification and Characterization of Core Grid Protocols for Global Grid Computing

GROWL Scripts and Web Services

Grid Computing. Grid Computing 2

Globus Online: File Transfer Made Easy!

Security in distributed metadata catalogues

Introduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.

Moving Application Security into the Network

AIT 682: Network and Systems Security

Cloud Computing. Up until now

Grid Challenges and Experience

UGP and the UC Grid Portals

CILogon Project

Domain Isolation Planning Guide for IT Managers

COMPUTE CANADA GLOBUS PORTAL

Ivane Javakhishvili Tbilisi State University High Energy Physics Institute HEPI TSU

Grid Scheduling Architectures with Globus

Last time. User Authentication. Security Policies and Models. Beyond passwords Biometrics

Security Considerations for Cloud Readiness

g-eclipse A Framework for Accessing Grid Infrastructures Nicholas Loulloudes Trainer, University of Cyprus (loulloudes.n_at_cs.ucy.ac.

CyberP3i Course Module Series

GSI-based Security for Web Services

Transcription:

Grid Computing Security 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 1

What to expect from this talk Collection of bits about GC I thought you might find interesting Mixed bag: Systems engineering considerations Exploration without bounds 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 2

What to expect from this talk Shed some light on these questions: What is Grid Computing about? Why is it interesting to computer security folk? What is the status quo in Grid Computing, security-wise? 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 3

Fahrplan Introduction to Grid Computing Assorted Interesting Grid Issues Globus Toolkit & Issues Possible playgrounds 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 4

What is Grid Computing? Grid Computing is Kind of Distributed Computing 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 5

.* Computing Distributed Computing Grid Computing Parallel Computing 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 6

What is Grid Computing? Grid Computing is Kind of Distributed Computing Direction of development in systems engineering Yet Another Virtualization Effort Pragmatic Virtualization 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 7

The problem of Grid Computing Pre-existing infrastructure Hardware Software Organizations Policies (Dynamically) Tie together resources 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 8

Purpose of Unit Hardware Software Connectivity Trust Heterogeneity 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 9

COs rule (literally) Important principle: COs always retain full control of their resouces (resource owners always retain full control of that resource) 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 10

Virtual Organizations VOs Virtual Organizations, COs Conventional Organizations VOs: Created through overlay on COs 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 11

Virtual Organizations Properties Lifetime: Arbitrary Highly dynamic User-driven 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 12

Purpose of VOs Reconciliation across COs: different technologies different policies Providing environment for cooperation across CO-boundaries 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 13

Old wine in larger bottles Some problems are 30+ years old First occurred in larger multi-user computing environments Often see scaled up versions of these old problems in GC 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 14

Short Summary: GC Features Pragmatic Virtualization Use what s there Share what s there Obey existing policies 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 15

Applications Grid Computing applications are today found in: Science Life sciences Physics Medical environments Hospitals Business 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 16

Grid Scenario I: LHC Computing Grid Large Hadron Collider Computing Grid Hosted mainly at CERN in Geneve Uses Globus Toolkit Version 2 Condor glite More middleware developed in DataGrid project http://lcg.web.cern.ch/lcg/activities/middleware.html 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 17

LHC Computing Grid When it begins operations in 2007, it will produce roughly 15 Petabytes (15 million Gigabytes) of data annually, which thousands of scientists around the world will access and analyse. The mission of the LHC Computing Project (LCG) is to build and maintain a data storage and analysis infrastructure for the entire high energy physics community that will use the LHC. 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 18

Grid Scenario II: seti@home Large number of desktop PCs Different infrastructure, software, connectivity Resources shared in a rather unidirectional way Participants don t know each other, no reason for trust 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 19

Grid Scenario III: Sun Grid Commercial service Users can rent time and storage in Sun Grid 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 20

Grid Scenario IV: MediGRID German Biosciences Research project Processing and sharing of biomedical data Protection requirements for some of the data regulated by law 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 21

Threats to Grid Systems Threat as in goal of an attacker Random compromise (e.g. for botnets) Gateway to more interesting targets Access to restricted databases Research databases Sensitive information, e.g. MediGRID Harvesting computing power Access to interesting devices 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 22

Attack vectors for Grid Systems Middleware software Custom software Identity/Authorization infrastructure Underlying software OS SSL implementation ssh implementation 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 23

Security Issues in Grid Computing Yes. Conceptual issues Issues in existing Architecture Implementation Unsolved security-relevant problems 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 24

Conventional: MAC for Access Control network boundary traversal Resource access DAC for user file access Grid Computing: DAC for User file access Resource access Network boundary traversal 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 25

There are often firewalls and NATs between them, which are blocking packets. We believe it's going to be critical to the future of grid, not that you remove those things but that you make them another managed component of the grid that can be dynamically configured and reconfigured based on application needs. If I need to get two jobs talking to each other, but there's a firewall between them, I should be able to negotiate with that firewall to allow those two jobs to talk with each other, perhaps only for a limited period of time. Steven Tuecke http://www-128.ibm.com/developerworks/grid/library/grtuecke/ 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 26

Authorization Done via Identification per default: Store lists of $user is allowed to do $action and $user is not allowed to do $action rules Establish the identity of a requester Derive from identity + list of rules whether requested action is authorized 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 27

Authorization and Identification Shifts problem to identification. Trouble. Identification is a hard problem, esp. with only machines involved Makes Identification without Authorization an interesting research topic 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 28

The Firewalling Mentality Put a wall around the network. Inside: Good. Outside: Bad. 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 29

The Firewalling Mentality Grid Computing ideal and Firewalling Mentality clash But can t we use DMZs? 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 30

DMZs to the Rescue Just put the particle accelerator in the DMZ? 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 31

Firewalling and DMZs Modelling around this with DMZs: not really Share resource with some Put it in the DMZ? Dynamic sharing and DAC remember? 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 32

Open Problems in GC security Authorization Users vs. Hosts: Minimize required level of trust 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 33

Globus Toolkit Globus Toolkit (GT) provides Grid middleware e.g. GRAM, GSI, GridFTP Foundation for actual Grid applications Widely used 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 34

Written mainly in Java C/C++ Globus Toolkit APIs for other languages available, e.g. pyglobus Earlier versions: more C/C++, newer versions: more Java Latest version seemingly not that common 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 35

Some Globus Toolkit Users TeraGrid LHCGrid (Large Hadron Collider Grid) Fraunhofer Resource Grid NASA Energy Grid 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 36

GT and the GSI Globus Security Infrastructure Collection of security-related protocols and services within the GT CAS MyProxy SimpleCA 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 37

Identification in Globus X.509 end-entity certificates X.509 proxy certificates (RFC 3820) Single sign-on Delegation Identity mapping X.509 vs Kerberos vs UNIX accounts 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 38

CAS Community Authorization Service Problem domain: Distributed policy definition and enforcement Implementation in Java 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 39

Local site policy FunkyVO is granted full file access to /share/funkyvo/* /share/lhcraw/* FunkyVO policy User Bert is granted read access to /share/funkyvo/bert/* /share/lhcraw/* Option 1: Store both policies locally Option 2: Store site policy locally, VO policy somewhere else 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 40

Local site policy FunkyVO policy FunkyVO is granted full User file Bert access is granted to read access to /share/funkyvo/* /share/funkyvo/bert/* /share/lhcraw/* /share/lhcraw/* Local site policy FunkyVO policy FunkyVO is granted full User file Bert access is granted to read access to /share/funkyvo/* /share/funkyvo/bert/* /share/lhcraw/* /share/lhcraw/* Local site policy FunkyVO policy FunkyVO is granted full User file Bert access is granted to read access to /share/funkyvo/* /share/funkyvo/bert/* /share/lhcraw/* /share/lhcraw/* Local site policy FunkyVO policy FunkyVO is granted full User file Bert access is granted to read access to /share/funkyvo/* /share/funkyvo/bert/* /share/lhcraw/* /share/lhcraw/* 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 41

Local site policy FunkyVO is granted full file access to /share/funkyvo/* /share/lhcraw/* Local site policy FunkyVO is granted full file access to /share/funkyvo/* /share/lhcraw/* Local site policy FunkyVO is granted full file access to /share/funkyvo/* /share/lhcraw/* FunkyVO policy User Bert is granted read access to /share/funkyvo/bert/* /share/lhcraw/* CAS server Local site policy FunkyVO is granted full file access to /share/funkyvo/* /share/lhcraw/* 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 42

CAS User authenticates to CAS server CAS server sends signed capabilities to user User generates new keypair and proxy cert with capabilities embedded User authenticates to resource User presents the proxycert+capabilities to resource Resource authorizes the required action or rejects it 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 43

Find the CAS server CAS server is a SPF Even more of a juicy target: Get information on structure of VO Participating hosts Participating people Existing resources Create your own VO access rules Get information on valid proxy certs 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 44

gridftp Extension of FTP to support striped and remote-controlled transfer Part of Globus Implementation in Globus based on wuftpd 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 45

gridftpd CVE-2004-0185 wuftpd char *skey_challenge(char *name, struct passwd *pwd, int pwok) { } ftpd.c from wuftpd static char buf[128];... if (pwd == NULL skeychallenge(&skey, pwd->pw_name, sbuf)) sprintf(buf, "Password required for %s.", name); else sprintf(buf, "%s %s for %s.", sbuf, pwok? "allowed" : "required", name); return (buf); 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 46

gridftpd char *skey_challenge(char *name, struct passwd *pwd, int pwok) { static char buf[128]; char sbuf[40]; struct skey skey; ftpd.c from gsi-wuftpd (gridftp), GT 4.0.2 /* Display s/key challenge where appropriate. */ } if (pwd == NULL skeychallenge(&skey, pwd->pw_name, sbuf)) sprintf(buf, "Password required for %s.", name); else sprintf(buf, "%s %s for %s.", sbuf, pwok? "allowed" : "required", name); return (buf); 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 47

Code Quality Examples MyProxy Sloppy malloc return code handling GRAM More solid code 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 48

Things to do in long winter nights Proper code audit of Grid middleware Architecture review of Grid middleware Architecture & implementation review of Grid applications Puzzling over unsolved fundamental problems Investigate implications of serviceoriented architecture fancy 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 49

? 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 50

References The Grid 2. Blueprint for a new Computing Infrastructure, Foster et al http://www.globus.org/ Hacking the Grid, talk given at 5 th Hope by Greg Newby 20.10.2006 hack.lu 2006 :: Security in Grid Computing :: Lisa Thalheim 51

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback