Information Technology Reference
In-Depth Information
signed by the principal making the statement and then counter-signed by a principal
of the signer's choosing. CRISIS employs two basic types of certificates:
identity
certificates
(authentication and authorization) and
transfer certificates
(delegation).
CRISIS consists of a series of remote nodes (local systems). A
security manager
and
resource providers
run in each node. There are three kinds of resource providers
each with its own set of reference monitors:
process managers
, that are responsible
for executing jobs on requested nodes,
WebFS Servers
, that implement a cache coher-
ent global file system, and
certification authorities
, that take requests for creating
identity certificates.
In CRISIS all programs execute in the context of a
security domain
. A security
domain is formed by the association of a login shell in a remote node with a set of
certificates transmitted by the principal's home node/domain. Security managers are
responsible for mediating access to all local resources and for mapping the above-
mentioned credentials to security domains. In addition each principal in CRISIS can
create roles that are principals granted a subset of his privileges (delegation).
3.6
GRID Security Architectures' Evaluation
In the current subsection we present a comparative evaluation of the Security Archi-
tectures presented above, in terms of addressing the security requirements posed in
section 2 (Table 1). It should be noted that the aforementioned evaluation is of an
empirical nature and does not involve certain metrics.
Table 1.
GRID Security Architectures' Evaluation
Legion
Security
Architecture
Globe
Security
Architecture
Security
Requirement
GSI
CRISIS
Confidentiality
High
High
Medium
High
Integrity
High
High
Medium
High
Privacy
High
Medium
Medium
Medium
Identification
High
High
High
High
Authentication
High
High
High
High
Single logon
High
Low
Low
Low
Authorization
Medium
High
High
High
Delegation
Medium
Medium
Medium
High
Assurance
Low
Low
High
Medium
Autonomy
High
High
High
Medium
Policy exchange
Low
Low
Low
Low
Firewall traversal
Low
Low
Low
Low
Secure logging
Low
Low
Low
Low
Manageability
Low
Low
Medium
Medium
One would note that only four of the five Security Architectures described are evalu-
ated in the above Table. This is due to the fact that Open GRID Services Architecture
and, thus, the corresponding Security Architecture, are currently in the phase of speci-
fications. For this reason, an evaluation effort would be unwise. Such an evaluation
will be possible only for specific implementations of the OGSA.
