Grid Security: Lessons for Peer-to-Peer Systems
Grid Security: Lessons for Peer-to-Peer Systems
The vision of the Grid is to provide a computational infrastructure supporting flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources [1]. Interest in the Grid has increased as major science programmes look to Grid technology to provide for their computing needs. This has led to substantial investment in the Grid by vendors and governments, notably through the UK e-Science programme and similar programmes in other nations, and more recently at European level. As a result, far more people are joining the effort to develop Grid infrastructure and applications. The Grid by its nature involves access to computer systems and data outside one's own company or institution. Security is therefore a major element in any Grid infrastructure, as it is necessary to ensure that only authorised access is permitted. However, early developments of the Grid were strongly motivated by the performance benefits of sharing resources, and Grid security models were designed not to interfere with this. We show by comparison with mainstream e-Commerce experience that early Grid security models exhibit several weaknesses [2]. The early development of the Grid also largely failed to take account of operational realities such as network administrator responsibilities and network devices such as firewalls. Early Grid systems were simply not operable outside academic institutions and closed research networks, and we contend that the most common strategy for making them work "in the real world" represents a short-term fix that is likely to produce conflict between users and application developers on the one hand, and those responsible for network administration and security on the other. We believe that the peer-to-peer community is also likely to face similar conflicts between its decentralised management approach and the day-to-day concerns of those entrusted to maintain our security. IT Innovation is playing a leading role in the UK E-Science Programme and the exploitation of Grids for industrial and commercial purposes in the European Framework programmes. We have found it necessary to propose and begin development of radical solutions to some of these problems, including "proxy-free" delegation models and semantically-aware firewalls.
Upstill, C
43e54278-486b-40e4-9ca1-c63aa8afae19
Surridge, M
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
2003
Upstill, C
43e54278-486b-40e4-9ca1-c63aa8afae19
Surridge, M
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Upstill, C and Surridge, M
(2003)
Grid Security: Lessons for Peer-to-Peer Systems.
3rd IEEE Conference on P2P Computing, Linkoping, Sweden.
01 - 03 Sep 2003.
Record type:
Conference or Workshop Item
(Paper)
Abstract
The vision of the Grid is to provide a computational infrastructure supporting flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources [1]. Interest in the Grid has increased as major science programmes look to Grid technology to provide for their computing needs. This has led to substantial investment in the Grid by vendors and governments, notably through the UK e-Science programme and similar programmes in other nations, and more recently at European level. As a result, far more people are joining the effort to develop Grid infrastructure and applications. The Grid by its nature involves access to computer systems and data outside one's own company or institution. Security is therefore a major element in any Grid infrastructure, as it is necessary to ensure that only authorised access is permitted. However, early developments of the Grid were strongly motivated by the performance benefits of sharing resources, and Grid security models were designed not to interfere with this. We show by comparison with mainstream e-Commerce experience that early Grid security models exhibit several weaknesses [2]. The early development of the Grid also largely failed to take account of operational realities such as network administrator responsibilities and network devices such as firewalls. Early Grid systems were simply not operable outside academic institutions and closed research networks, and we contend that the most common strategy for making them work "in the real world" represents a short-term fix that is likely to produce conflict between users and application developers on the one hand, and those responsible for network administration and security on the other. We believe that the peer-to-peer community is also likely to face similar conflicts between its decentralised management approach and the day-to-day concerns of those entrusted to maintain our security. IT Innovation is playing a leading role in the UK E-Science Programme and the exploitation of Grids for industrial and commercial purposes in the European Framework programmes. We have found it necessary to propose and begin development of radical solutions to some of these problems, including "proxy-free" delegation models and semantically-aware firewalls.
Text
grid_security_ieee_p2p.pdf
- Other
More information
Published date: 2003
Additional Information:
Event Dates: 1-3 September 2003
Venue - Dates:
3rd IEEE Conference on P2P Computing, Linkoping, Sweden, 2003-09-01 - 2003-09-03
Organisations:
Electronics & Computer Science, IT Innovation
Identifiers
Local EPrints ID: 258888
URI: http://eprints.soton.ac.uk/id/eprint/258888
PURE UUID: 5b7b47ef-51f6-48a0-9ced-762a2e37bed8
Catalogue record
Date deposited: 25 Feb 2004
Last modified: 26 Aug 2024 01:32
Export record
Contributors
Author:
C Upstill
Author:
M Surridge
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics