Information Technology Reference
In-Depth Information
Intrusion
Detection
Intrusion
Detection
Secure
Conversations
Secure
Conversations
Credential and
Identity Translation
(Single Logon)
Credential and
Identity Translation
(Single Logon)
Access Control
Enforcement
Access Control
Enforcement
Audit & Non-
repudiation
Audit & Non-
repudiation
Anti-Virus
Management
Anti-Virus
Management
Policy
Management
(authentication,
privacy,
federation etc.)
Policy
Management
(authentication,
privacy,
federation etc.)
Service/End-point
Policy
Service/End-point
Policy
Mapping
Rules
Mapping
Rules
Authorization
Policy
Authorization
Policy
Privacy
Policy
Privacy
Policy
Policy Expression & Exchange
Policy Expression & Exchange
User
Management
User
Management
Bindings Security
(transport, protocol, message security)
Bindings Security
(transport, protocol, message security)
Key
Management
Key
Management
Fig. 1.
Components of the GRID Security Model [4]
Certificates constitute a central concept in GSI authentication as every entity on the
GRID (e.g. user, process, resource) is identified by an X.509 certificate. Each certifi-
cate includes a key pair and must be signed by a Certification Authority (CA) in order
to verify and validate the binding between the entity and the key pair.
GSI uses the Transport Layer Security (TLS) protocol for mutual authentication,
although the use of Secure Socket Layer (SSL) is also possible. In both cases GSI
must convert the global identity of involved parties in order to be recognizable to each
local naming structure that a remote site may use, like login name or Kerberos. By
default GSI does not establish encrypted communication, although the provision of
that feature is very simple if confidentiality is required.
An entity may delegate a subset of its rights to another entity by creating a tempo-
rary identity called a proxy. The proxy holds a temporary certificate signed by the
user or a previous proxy in order to achieve authentication to remote sites. This situa-
tion creates a chain of signatures terminating with the CA, which issued the initial
certificate. The duration of the proxy's life is limited in order to control the use of
resources.
GSI architecture enables the “single sign-on” procedure for each user on the GRID
and allows entities to access remote resources on behalf of the user. Additionally, this
architecture does not require changing the local security infrastructure and policy in
each site that the GRID spans.
3.3
The Legion Security Architecture
3.3.1 The Legion System
The Legion project, developed at the University of Virginia, is an attempt to provide
GRID services that create the illusion of a virtual machine. This virtual machine ad-
dresses key GRID issues such as scalability, programming ease, fault tolerance, secu-
rity and site autonomy. The realization of the virtual machine illusion is achieved
through the implementation of a middleware level right above the current local oper-
