Information Technology Reference
In-Depth Information
Mobile computing is pervading our society
and our lifestyles with a high momentum. Mobile
computing with networked information systems
help increase productivity and operational ef-
ficiency. This however, comes at a price. Mobile
computing with networked information systems
increases the risks for sensitive information sup-
porting critical functions in the organization which
are open to attack (Talukder & Yavagal, 2006).
At first glance, it seems that the marriage of
mobile wireless consumer devices with high-
performance Grid computing would be an unlikely
match. After all, Grid computing to date has utilised
multiprocessors and PCs as the computing nodes
within its mesh. Consumer computing devices
such as laptops and PDAs are typically restricted
by reduced CPU, memory, secondary storage, and
bandwidth capabilities. However, therein lies the
challenge. The availability of wirelessly connected
mobile devices has grown considerably within
recent years, creating an enormous collective
untapped potential for resource utilisation. To wit,
recent market research shows that in 2008, 269
million mobile phone and 36 million smartphone
(Gartner, 2009) were sold worldwide, and that in
2006, 17 million PDAs (Gartner, 2007) were sold
worldwide. Although these individual computing
devices may be resource-limited in isolation, as
an aggregated sum, they have the potential to play
a vital role within Grid computing (Phan, Huang,
Ruiz, & Bagrodia, 2005).
Mobile Grid, in relevance to both Grid and
Mobile Computing, is a full inheritor of Grid with
the additional feature of supporting mobile users
and resources in a seamless, transparent, secure
and efficient way (Litke, Skoutas, & Varvarigou,
2004). Grids and mobile Grids can be the ideal
solution for many large scale applications being
of dynamic nature and requiring transparency
for users.
Security has been a central issue in grid com-
puting from the outset, and has been regarded as
the most significant challenge for grid comput-
ing (Humphrey, Thompson, & Jackson, 2005).
The characteristics of computational grids lead
to security problems that are not addressed by
existing security technologies for distributed
systems (Foster, Kesselman, Tsudik, & Tuecke,
1998; Welch et al., 2003). Security over the mobile
platform is more critical due to the open nature of
wireless networks. In addition, security is more
difficult to implement into a mobile platform due
to the limitations of resources in these devices
(Bradford, Grizzell, Jay, & Jenkins, 2007).
The reasons that led us to focus on this topic
are several: Firstly, the lack of adequate develop-
ment methods for this kind of systems since the
majority of existing Grid applications have been
built without a systematic development process
and are based on ad-hoc developments (Dail et
al., 2004; Kolonay & Sobolewski, 2004), sug-
gests the need for adapted development method-
ologies (Giorgini, Mouratidis, & Zannone, 2007;
Graham, 2006; Jacobson, Booch, & Rumbaugh,
1999; Open Group, 2009). Secondly, due to the
fact that the resources in a Grid are expensive,
dynamic, heterogeneous, geographically located
and under the control of multiple administrative
domains (Bhanwar & Bawa, 2008), and the tasks
accomplished and the information exchanged are
confidential and sensitive, the security of these
systems is hard to achieve. And thirdly, because
of the appearance of a new technology where se-
curity is fundamental together with the advances
that mobile computation has experienced in recent
years that have increased the difficulty of incor-
porating mobile devices into a Grid environment
(Guan, Zaluska, & Roure, 2005; Jameel, Kalim,
Sajjad, Lee, & Jeon, 2005; Kumar & Qureshi,
2008; Kwok-Yan, Xi-Bin, Siu-Leung, Gu, & Jia-
Guang, 2004; Sajjad et al., 2005).
In this paper, we will apply the activity of
security requirements analysis for obtaining a set
of security requirements on a mobile grid environ-
ment for a case study of media domain where the
mobile devices participate as actives resources.
Using misuse cases and security use cases we
obtain a vision about the threats and risks of the
Search WWH ::




Custom Search