Information Technology Reference
In-Depth Information
CONCLUSION
ACKNOWLEDGMENT
While a bulk of this article has been devoted to the
importance of protecting information that might
reveal weaknesses in a site's security infrastruc-
ture, this should not be taken as an endorsement
of the “security by obfuscation” philosophy. We
recognize that there is no substitute for hard se-
curity - regular fixing and patching of software,
intelligent system monitoring, and strong security
polices and practices are essential for a truly secure
platform. However, practical security consider-
ations demand that administrators account for the
fact that not all vulnerabilities may be known at
a given time. There may also be delays between
the discovery and the patching of a vulnerability.
Thus, it is prudent to minimize the amount of
information available to a malicious entity and
limit the extent of a compromise. While it is
necessary to make certain kinds of information
public for the success of open grid computing, it
is also in the resource provider's best interest to
understand the risks involved in doing so. Since
grid architectures tend to be as generic as pos-
sible, some of the published information may be
extraneous. The site must find a balance between
how much information it seeks to publish about
itself, and how much information it wishes to
protect. It may also want to limit the consumers
of this information to a controlled set of persons.
We believe that this article would serve as a
useful tool for sites that wish to identify these chan-
nels of information, so that they can determine the
appropriate level of protection they wish to apply
to their published data. We also hope to motivate
further study and discussion on the protection of
site information across various grid infrastructure
and middleware providers.
Supported by the U.S. Department of Energy under
Contract No. DE-AC02-05CH11231.
REFERENCES
Acunetix.
Google Hacking
. from http://www.acu-
netix.com/websitesecurity/google-hacking.htm.
Canal, P., Constanta, P., Green, C., & Mack, J.
(2007).
GRATIA, a resource accounting system
for OSG
. CHEP'07, Victoria, British Columbia,
Canada. Sep 2007. Enabling Grids for E-Science.
from http://www.eu-egee.org/.
Field, L. (2008).
Generic Information Provider
.
EGEE Middleware Support Group. from http://
twiki.cern.ch/twiki/bin/view/EGEE/GIP.
Global Grid Forum. (2003).
Usage Record - XML
Format
. Globus Toolkit. from http://globus.org.
Glue Working Group. (2007).
GLUE Schema
Specification version 1.3 Draft 3
. Gridsite. from
http://www.gridsite.org/.
Inca: User Level Grid Monitoring. from http://
inca.sdsc.edu/drupal/.
Legrand, I. (2007).
MonALISA: An Agent Based,
Dynamic Service System to Monitor, Control and
Optimize Distributed Systems
. CHEP'07, Victoria,
British Columbia, Canada. Sep 2007. MonALISA
Repository for Alice. from http://pcalimonitor.
cern.ch/map.jsp.
Open Science Grid Consortium. from http://www.
opensciencegrid.org/.
OSG Grid Operations Center. from http://www.
grid.iu.edu/.
OSG Resource and Service Validation Project.
from http://rsv.grid.iu.edu/documentation/.
Search WWH ::
Custom Search