Information Technology Reference
In-Depth Information
•
Privacy
. Privacy is the ability to keep infor-
mation from being disclosed to determined
actors. Privacy can be important in many
Grid applications, for instance in medi-
cal and health Grids (Herveg, Crazzolara,
Middleton, Marvin, & Poullet, 2004). It
is also very important in mobile devices
with limited memory and whose access is
through wireless networks.
•
Non-repudiation
. Non-repudiation refers
to the inability to falsely deny the perfor-
mance of some action. It is especially im-
portant in e-commerce involving money
transactions and mobile environments.
With the advent of Enterprise Grid this re-
quirement becomes very important.
•
Credentials
. Interdomain access requires a
uniform way of expressing the identities of
users or resources, and must thus employ
a standard for the encoding of credentials.
In many scenarios, a job initiated by a user
may take longer than the life span of the
user's initially delegated credential. In
those cases, the user needs the ability to be
notified prior to expiration of the creden-
tials, or the ability to refresh those creden-
tials such that the job can be completed.
•
Exportability
. Code is required to be ex-
portable and executable in multinational
testbeds. As a result, bulk encryption can-
not be required.
•
Secure group communication
.
Authenticated communications for dynam-
ic groups is required since the composition
of a process group may change dynami-
cally during execution.
•
Multiple implementations
. It should be
possible to enforce security requirements
with distinct security technologies and
mechanisms.
•
Interoperability
. In the context of mobile
Grids, interoperability means that services
within a single VO must be able to com-
municate across heterogeneous domains.
Interoperability guarantees that services
located in different administrative domains
are able to interact at multiple levels.
•
Interoperability with local security solu-
tions
. Access to local resources is normally
enforced by local security policies and
mechanisms. Interoperability between sites
and domains with different local policies is
necessary in a mobile Grid environment. In
order to accommodate interdomain access,
one or several entities in a domain may
act as agents of external entities for local
resources.
•
Integration
. In order to allow the use of
existing services and resources, integration
requirements call for the establishment of
an extensible architecture with standard in-
terfaces. Security integration is facilitated
by the use of existing security mechanisms.
Uniform credentials and certification in-
frastructure
. A common way of expressing
identity, e.g. by a standard such as X.509,
is necessary for interdomain access.
•
Policy exchange
. Allow service requestors
and providers to exchange dynamically se-
curity (among other) policy information to
establish a negotiated security context be-
tween them.
•
Secure logging
. Provide all services, in-
cluding security services themselves, with
facilities for time-stamping and securely
logging any kind of operational informa-
tion or event in the course of time - secure-
ly meaning here reliably and accurately,
i.e. so that such collection is neither inter-
ruptible nor alterable by adverse agents.
•
Assurance
. Provide means to qualify the
security assurance level that can be expect-
ed of a hosting environment.
•
Manageability
. Explicitly recognize the
need for manageability of security func-
tionality within the OGSA security model.
For example, identity management, policy
Search WWH ::
Custom Search