350 rub
Journal Highly available systems №2 for 2012 г.
Article in number:
Verification of information security requirements in distributed computing systems
Authors:
A.S. Konoplev, M.O. Kalinin
Abstract:
Distributed computing is an approach to solve labor-intensive computing tasks using multiple computers combined into virtual calculating environment. A typical example of distributed computing system is a Grid system in which a "virtual supercomputer" is presented by a cluster of computing systems. One of security problems in such systems is lack of assured protection of computing and information resources. User data processing in distributed computing systems occurs at multiple host-remote environments, and it requires efficient methods to protect user data from security impact factors of host systems. There are information security policies which are applied to Grid systems for that purpose. Policies include the access regulations in the form «subject-object-permissions». However, due to the high heterogeneity of these systems, there is no unified mathematical apparatus that allows us to specify and check the security requirements for all members of the distributed computing process. Solution proposed in the paper suggests verification of the security policies that allows us to control security of distributed computing systems, and thereby to be ensured in the higher level of reliability and security of such systems. Verification of information security policies is performed by comparing the security requirements and the current state of the system. To take into account the predefined access relations in Grid systems, as well as their high dynamics, the paper proposes a Petri nets-based approach to organize distribution of user job requests between Grid nodes in accordance with the security requirements of information security policies.
Pages: 63-67
References
  1. Foster I.,Kesselman C. The Grid: Blueprint for a New Computing Infrastructure (2nd Edition). Morgan Kaufmann. 2004.
  2. The Globus Security Team. Globus Toolkit Version 4 Grid Security Infrastructure:  A Standards Perspective / The Globus Security Team, 2005. Интернет-ресурс: globus.org/toolkit/docs/4.0/security/GT4-GSI-Overview.pdf.
  3. Интернет-ресурс: www.unicore.eu.
  4. Sciaba A.,Burke S., Campana S., Lanciotti E., Litmaath M., Lorenzo P.M., Miccio V., Nater C., Santinelli R. Glite 3.2 User Guide - CERN. 2011. 142 p.
  5. Buyya R., Venugopal S. The Gridbus Toolkit for Service Oriented Grid and Utility Computing: An Overview and Status Report // 1st IEEE international workshop on Grid Economics and Business Models. Seoul. Korea. April 23. 2004. IEEE. 2004.
  6. Интернет-ресурс: boinc.berkeley.edu.
  7. Калинин М.О., Коноплев А.С., Марков Я.А. Контроль выполнения политик информационной безопасности в grid-системах // Материалы конф. «Информационная безопасность регионов России» (ИБРР-2011). СПб.: СПОИСУ. 2011.