A.S. Konoplev, M.O. Kalinin
Distributed computing is an approach to solve labor-intensive computing tasks using multiple computers combined into virtual calculating environment. A typical example of distributed computing system is a Grid system in which a "virtual supercomputer" is presented by a cluster of computing systems.
One of security problems in such systems is lack of assured protection of computing and information resources. User data processing in distributed computing systems occurs at multiple host-remote environments, and it requires efficient methods to protect user data from security impact factors of host systems. There are information security policies which are applied to Grid systems for that purpose. Policies include the access regulations in the form «subject-object-permissions». However, due to the high heterogeneity of these systems, there is no unified mathematical apparatus that allows us to specify and check the security requirements for all members of the distributed computing process.
Solution proposed in the paper suggests verification of the security policies that allows us to control security of distributed computing systems, and thereby to be ensured in the higher level of reliability and security of such systems. Verification of information security policies is performed by comparing the security requirements and the current state of the system. To take into account the predefined access relations in Grid systems, as well as their high dynamics, the paper proposes a Petri nets-based approach to organize distribution of user job requests between Grid nodes in accordance with the security requirements of information security policies.