Abstract
Grid applications must be able to cope with large variations in deployment: from intra-domain to multiple domains, going over private, to virtually-private, to public networks. As a consequence, the security should not be tied up in the application code, but rather easily configurable in a flexible, and abstract manner. Moreover, any large scale Grid application using hundreds or thousands of nodes will have to cope with migration of computations, for the sake of load balancing, change in resource availability, or just node failures.
To cope with those issues, this article proposes a high-level and declarative security framework for object-oriented Grid applications. In a rather abstract manner, it allows to define a hierarchical policy based on various entities (domain, host, JVM, activity, communication, ...) in a way that is compatible with a given deployment. The framework also accounts for open and collaborative applications, multiple principles with dynamic negotiation of security attributes and mobility of computations. This application-level security relies on a Public Key infrastructure (PKI).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Caromel, D., Klauser, W., Vayssière, J.: Towards Seamless Computing and Metacomputing in Java. Concurrency Practice and Experience 10, 1043–1061 (1998)
Baude, F., Caromel, D., Mestre, L., Huet, F., Vayssière, J.: Interactive and descriptor-based deployment of object-oriented grid applications. In: Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing, Edinburgh, Scotland, pp. 93–102. IEEE Computer Society, Los Alamitos (2002)
Grimshaw, A., Wulf, W., et al.: The Legion Vision of aWorld-wide Virtual Computer. Communications of the ACMÂ 40 (1997)
Foster, I., Kesselman, C.: The Globus project: a status report. Future Generation Computer Systems 15, 607–621 (1999)
Foster, I.T., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: ACM Conference on Computer and Communications Security, pp. 83–92 (1998)
Wesley, A. (ed.):.NET Framework Security. Addison Wesley Professional, Reading (2002)
Puliafito, A., Tomarchio, O.: Security Mechanisms for the MAP Agent System. In: 8th Euromicro Workshop on Parallel and Distributed Processing, PDP 2000 (2000)
Karnik, N.M., Tripathi, A.R.: Security in the Ajanta Mobile Agent System. Software, Practice and Experience 31, 301–329 (2001)
Karjoth, G., Lange, D., Oshima, M.: A Security Model for Aglets. IEEE Internet Computing 1, 68–77 (1997)
Baumann, J., Hohl, F., Rothermel, K.: Mole - Concepts of a Mobile Agent System. Technical Report TR-1997-15, University of Stuttgart, Institute of Parallel and Distributed High-Performance Systems, Distributed Systems (1997)
Sun Microsystems: Remote methode invocation (2000), http://java.sun.com/products/jdk/rmi
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Attali, I., Caromel, D., Contes, A. (2003). Hierarchical and Declarative Security for Grid Applications. In: Pinkston, T.M., Prasanna, V.K. (eds) High Performance Computing - HiPC 2003. HiPC 2003. Lecture Notes in Computer Science, vol 2913. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24596-4_39
Download citation
DOI: https://doi.org/10.1007/978-3-540-24596-4_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20626-2
Online ISBN: 978-3-540-24596-4
eBook Packages: Springer Book Archive