Slashdot Mirror

← Back to Stories (view on slashdot.org)

GGF and Grid Security

Posted by Hemos on from the watching-the-machines-that-watch-us dept.

An anonymous reader writes "Things are changing fast in the grid community. Our communication networks connect millions of systems and billions of individuals on the planet. These myriad systems, and the data they contain, present juicy targets for those who want to steal, damage, corrupt, or otherwise gain unlawful access to those systems."

7 of 82 comments (clear)

  1. physical security by Anonymous Coward · · Score: 1, Interesting

    didn't an ISP in NY or something have a room compromised, and 3 T1/T3 cards or something stolen?

  2. What is the grid community? by Bobdoer · · Score: 3, Interesting

    What exactly are they, and why is breaking into their systems any worse that breaking into a normal system?

    --
    EVERYDAY IS CATURDAY
  3. Security challenges with grid computing by drkhwk82 · · Score: 5, Interesting

    First there are resource allocation problems. The OS has to provide a sandbox with strict limits on all resources: memory, filesystem, and networking, as well as CPU time. It's fine with me if the "background compute demon" takes 25% of my processor but I don't want to take more than 10% of my memory.

    Then there's the security issue.

    But I see another problem which is even harder to solve: the tragedy of the commons. Consider a university campus, and suppose that anyone on campus can submit jobs to the Campus Grid. You come in the next morning and see that there are 10000 jobs in your grid queue, and 9800 of them are encoding random people's MP3's.

    The problem is that if you give free resources to a large anonymous community, it takes only a few of those people to suck up all the resources. So you need some way of identifying everyone who submits a job, and some way of charging for the jobs.

    1. Re:Security challenges with grid computing by acshelp · · Score: 2, Interesting

      sounds like a job for the Slashdot Karma System. Mod up interesting projects and give them prescenence over less modded ones. Hilarity ensues

  4. HIPPA security by StacyWebb · · Score: 2, Interesting

    The government has actually taken a proactive role in network security with the implementation of the HIPPA act. This has been a blessing in disguise for network admins who have stessed security on their local grids. This act put into law guidelines for securing electronic transmission patient information. Going more indepth with how the information is actually retained within the system (not just the output). For the network admins this act also gave them the flexibility for instating secuity measures that the management may have deemed not revelant earlier.

    --
    A bunch of Tech Stuff
  5. Re:Social Engineering? by JimboOmega · · Score: 5, Interesting

    Well, there's two ways to look at this:

    I have found that almost every place I've worked, bypassing security is a joke. I mean, think about it. How many times have people "swiped you in", or what have you, when you forgot your badge? Even without really knowing you? And if you should have a fake badge that just "isn't working", you're in like Flynn. For me, the only exception was where they kept actual classified data. It would take some amount of serious spying (e.g., returning on multiple days, shoulder surfing, maybe even key swiping) to get in. But the fact is, most people just won't assume that you're doing something evil. So... easy! Far easier than trying to crack the software and such, if you ask me. And that's as an introverted geek. (on the flip side, I'm also "unassuming"; I don't look like I have a hidden agenda.

    Of course, the other side is that, hey, why don't we use computers to see what remains unseen by people? They're better at spotting "suspicious" behavior anyway. And if people actually were willing to accept that the computer IS right and the policy that so-and-so can't get in without a badge must be enforced... you could have a very secure system.

    For instance, take protecting classified data. If you're generic spy X, you're gonna want to sit down, and just start copying all that stuff on to the nearest media you can find. That kind of behavior is almost always not what a regular person would do...
    There are all sorts of patterns which can register as suspicious. Most security systems are smart enough to note these things, and alert people who, I would assume, should always be the second check on such a system, because some people are just eccentric.

    (I at one point was designing a security control system, and my boss was always asking me to add such things. It's amazing, but pretty obvious. If somebody needs to get a new password every other day, something is probably wrong. If somebody brand new is supposed to be given full access to every system in the place (happened! Managers just found it easier to check every box!), something is wrong).

    Anyway, that's just my $.02

  6. Plan 9 by Anonymous Coward · · Score: 1, Interesting

    Plan 9 is a great OS to use for gridding and provides extensive security.