Grid Security: Problems and Potential Solutions

This paper was provided as technical input to the gap analysis of the UK escience programme, March 2003. The paper outlines generic requirements for security in grid systems and the problems that are often cited with current grid software. It is argued that these issues can be resolved by the federation of both users and resources. This concept of federation extends beyond user identity systems to include organisational responsibilities and policy bindings. The paper also outlines application specific security issues and makes recommendations on how they could be addressed in the programme. 1. Requirements and Issues Grid security requirements can be divided into project specific and generic. Generic requirements include some that apply to existing systems, but are stretched by scalability and administration complexity, and some that are new to highly distributed systems, such as remote delegation and distributed authorisation. This discussion is mostly about generic requirements. This is a wide topic; the grid security architecture[1] provides the rationale for the original grid requirements, a recent review of security issues in large distributed systems[2] indicates that there are many issues still to be considered. The purpose of this section is to set the context for current problems, and how they might be resolved, so the following is a brief summary of generic requirements, from the point of view of the main stakeholders: users and resource providers. Users are either individual end users, or individuals responsible for projects that may be ‘virtual’ (span several organisations). Typical requirements are: • speed – to introduce new users or groups into a system quickly. • flexibility about the privileges provided to a group or individual. • privacy – to constrain the flow and use of private data in a system, including data used for authentication. • security – to be able to set up a grid with agreed security features (e.g. only allow data to flow to certain processing sites). • delegated action – to allow the system to carry out a range of functions for the user when the user is not present.