Browsing by Author "Lorch, Markus"
Now showing 1 - 3 of 3
Results Per Page
Sort Options
- Grid Community Characteristics and their Relation to Grid SecurityLorch, Markus; Kafura, Dennis G. (Department of Computer Science, Virginia Polytechnic Institute & State University, 2003)The size, dynamics, composition and similar characteristics of Grid Communities constitute important data for Grid security requirements gathering and analysis. Collaborative Grid Communities are especially important as they constitute an important part of grid usage modes and demonstrate the need for more advanced Grid security solutions very clearly. This document reports the results of a survey conducted in the Fall of 2002 among members of the Grid community as to understand the needs of grid user and grid application developer communities today, provide information on and typical modes-of-use, and elicit requirements for future grid security systems.
- PRIMA - Privilege Management and Authorization in Grid Computing EnvironmentsLorch, Markus (Virginia Tech, 2004-04-16)Computational grids and other heterogeneous, large-scale distributed systems require more powerful and more flexible authorization mechanisms to realize fine-grained access-control of resources. Computational grids are increasingly used for collaborative problem-solving and advanced science and engineering applications. Usage scenarios for advanced grids require support for small, dynamic working groups, direct delegation of access privileges among users, procedures for establishing trust relationships without requiring organizational level agreements, precise management by individuals of their privileges, and retention of authority by resource providers. Existing systems fail to provide the necessary flexibility and granularity to support these scenarios. The reasons include the overhead imposed by required administrator intervention, coarse granularity that only allows for all-or-nothing access control decisions, and the inability to implement finer-grained access control without requiring trusted application code. PRIMA, the model and system developed in this research, focuses on management and enforcement of fine-grained privileges. The PRIMA model introduces novel approaches that can be used in place of, or in combination with existing access control mechanisms. PRIMA enables the users of a system to manage access to their own assets directly without the need for, and costs of intervention by technical personnel. System administrators benefit from more flexible and fine-grained definition of access privileges and policies. A novel access control decision and enforcement model with support for legacy applications has been developed. The model uses on-demand account leasing and implements expressive enforcement mechanisms built on existing low-overhead security primitives of the operating systems. The combination of the PRIMA components constitutes a comprehensive security model that facilitates highly dynamic authorization scenarios and increases security through least privilege access to resources. In summary, PRIMA mechanisms enable the use of fine-grained access rights, reduce administrative costs to resource providers, enable ad-hoc and dynamic collaboration scenarios, and provide improved security service to long-lived grid communities.
- The Virginia Tech Computational Grid: A Research AgendaRibbens, Calvin J.; Kafura, Dennis G.; Karnik, Amit; Lorch, Markus (Department of Computer Science, Virginia Polytechnic Institute & State University, 2002)An important goal of grid computing is to apply the rapidly expanding power of distributed computing resources to large-scale multidisciplinary scientic problem solving. Developing a usable computational grid for Virginia Tech is desirable from many perspectives. It leverages distinctive strengths of the university, can help meet the research computing needs of users with the highest demands, and will generate many challenging computer science research questions. By deploying a campus-wide grid and demonstrating its effectiveness for real applications, the Grid Computing Research Group hopes to gain valuable experience and contribute to the grid computing community. This report describes the needs and advantages which characterize the Virginia Tech context with respect to grid computing, and summarizes several current research projects which will meet those needs.