Slashdot Mirror

← Back to Stories (view on slashdot.org)

GGF and Grid Security

Posted by Hemos on from the watching-the-machines-that-watch-us dept.

An anonymous reader writes "Things are changing fast in the grid community. Our communication networks connect millions of systems and billions of individuals on the planet. These myriad systems, and the data they contain, present juicy targets for those who want to steal, damage, corrupt, or otherwise gain unlawful access to those systems."

43 of 82 comments (clear)

  1. It has been some time........ by MrIrwin · · Score: 4, Insightful
    That banking systems have been computerized, and quite a few years that they make extensive use of communications.

    There are ways to protect sensitive data, such as using VPN's rather than the internet for e.g. Doctors accessing hospital records, grid computing etc. Doing everything on the open internet is neither necessary nor desirable.

    I think our software deployment capability exceeds our network architecture design capability.

    --

    And if you thought that was boring you obviously havn't read my Journal ;-)

    1. Re:It has been some time........ by millahtime · · Score: 3, Informative

      The Military has also been doing it for some time. To communicate with subcontractors, to communicate with it's other sites. They are another big organization that has been doing it for many years.

      --
      Evolution or ID?
    2. Re:It has been some time........ by AllanLembo · · Score: 2, Funny

      ...such as using VPN's rather than the internet...

      Would that not be a just a PN?

    3. Re:It has been some time........ by MrIrwin · · Score: 1

      Yes. But the "V" means you get most of the flexibility and cost advantages of the internet whilst being able to control the access points.

      --

      And if you thought that was boring you obviously havn't read my Journal ;-)

  2. Social Engineering? by baudilus · · Score: 5, Insightful

    The most secure system int he world won't protect you if your employees aren't trained on how to prevent social engineers from bypassing their security systems anyway. Why spend countless hours trying to hack passwords when you can pretend to be an employee and ask for the info outright? Just take a look at The Art of Deception by Kevin Mitnick. What a great book...

    1. Re:Social Engineering? by akarnid · · Score: 1

      I do agree about this. Social engineering is WAY easier than actual cracking, but it requires a certain degree in sociopathy, which many people don't have. The skill of fast-talking.

    2. Re:Social Engineering? by JimboOmega · · Score: 5, Interesting

      Well, there's two ways to look at this:

      I have found that almost every place I've worked, bypassing security is a joke. I mean, think about it. How many times have people "swiped you in", or what have you, when you forgot your badge? Even without really knowing you? And if you should have a fake badge that just "isn't working", you're in like Flynn. For me, the only exception was where they kept actual classified data. It would take some amount of serious spying (e.g., returning on multiple days, shoulder surfing, maybe even key swiping) to get in. But the fact is, most people just won't assume that you're doing something evil. So... easy! Far easier than trying to crack the software and such, if you ask me. And that's as an introverted geek. (on the flip side, I'm also "unassuming"; I don't look like I have a hidden agenda.

      Of course, the other side is that, hey, why don't we use computers to see what remains unseen by people? They're better at spotting "suspicious" behavior anyway. And if people actually were willing to accept that the computer IS right and the policy that so-and-so can't get in without a badge must be enforced... you could have a very secure system.

      For instance, take protecting classified data. If you're generic spy X, you're gonna want to sit down, and just start copying all that stuff on to the nearest media you can find. That kind of behavior is almost always not what a regular person would do...
      There are all sorts of patterns which can register as suspicious. Most security systems are smart enough to note these things, and alert people who, I would assume, should always be the second check on such a system, because some people are just eccentric.

      (I at one point was designing a security control system, and my boss was always asking me to add such things. It's amazing, but pretty obvious. If somebody needs to get a new password every other day, something is probably wrong. If somebody brand new is supposed to be given full access to every system in the place (happened! Managers just found it easier to check every box!), something is wrong).

      Anyway, that's just my $.02

    3. Re:Social Engineering? by Marxist+Hacker+42 · · Score: 1

      For instance, take protecting classified data. If you're generic spy X, you're gonna want to sit down, and just start copying all that stuff on to the nearest media you can find. That kind of behavior is almost always not what a regular person would do...

      Which is why non-generic spy Y or cyborg spy Z have photographic memories- so that they can look just like a normal person while copying any data they come across in the course of a normal job based search into whatever storage media they already have inside their head is. (Human brain makes good recording media for a trained professional- but so does an SD card in a sinus cavity hooked up to a CCD in a fake eyeball).

      --
      SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  3. physical security by Anonymous Coward · · Score: 1, Interesting

    didn't an ISP in NY or something have a room compromised, and 3 T1/T3 cards or something stolen?

    1. Re:physical security by The+Ultimate+Fartkno · · Score: 1



      If by "compromised" you mean "broken the hell into and sacked like they were Vikings," then yes.

      http://slashdot.org/article.pl?sid=04/05/03/2257 24 4&mode=nested&tid=126&tid=137&tid=187&tid= 95

  4. What is the grid community? by Bobdoer · · Score: 3, Interesting

    What exactly are they, and why is breaking into their systems any worse that breaking into a normal system?

    --
    EVERYDAY IS CATURDAY
    1. Re:What is the grid community? by driverEight · · Score: 1
      What exactly are they,

      Distributed groups of computers working together.

      and why is breaking into their systems any worse that breaking into a normal system?

      They have lots and lots of resources. In the same way a T1 connected Xeon server is a more attractive target than my pII with 56k dialup grid systems are much more attractive targets than almost anything else out there.

      --

      It's not the size of your .sig that matters, it's how you use it.

    2. Re:What is the grid community? by Fred_A · · Score: 1

      The GRID community is long dead. Deal with it.

      Time to move on.

      --

      May contain traces of nut.
      Made from the freshest electrons.
  5. billions of individuals on the planet by hobbes75 · · Score: 1

    yea... how many have relevant infrastructure...

  6. Security challenges with grid computing by drkhwk82 · · Score: 5, Interesting

    First there are resource allocation problems. The OS has to provide a sandbox with strict limits on all resources: memory, filesystem, and networking, as well as CPU time. It's fine with me if the "background compute demon" takes 25% of my processor but I don't want to take more than 10% of my memory.

    Then there's the security issue.

    But I see another problem which is even harder to solve: the tragedy of the commons. Consider a university campus, and suppose that anyone on campus can submit jobs to the Campus Grid. You come in the next morning and see that there are 10000 jobs in your grid queue, and 9800 of them are encoding random people's MP3's.

    The problem is that if you give free resources to a large anonymous community, it takes only a few of those people to suck up all the resources. So you need some way of identifying everyone who submits a job, and some way of charging for the jobs.

    1. Re:Security challenges with grid computing by acshelp · · Score: 2, Interesting

      sounds like a job for the Slashdot Karma System. Mod up interesting projects and give them prescenence over less modded ones. Hilarity ensues

    2. Re:Security challenges with grid computing by Xpilot · · Score: 2, Informative

      The problem is that if you give free resources to a large anonymous community, it takes only a few of those people to suck up all the resources.

      That's why the people who are developing big grid projects are not giving free resources to anonymous users. These grids are the combined resources of all all the colloborators, and have controlled access to the resource pool.

      --
      "Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it." -- Linus Torvalds
  7. HIPPA security by StacyWebb · · Score: 2, Interesting

    The government has actually taken a proactive role in network security with the implementation of the HIPPA act. This has been a blessing in disguise for network admins who have stessed security on their local grids. This act put into law guidelines for securing electronic transmission patient information. Going more indepth with how the information is actually retained within the system (not just the output). For the network admins this act also gave them the flexibility for instating secuity measures that the management may have deemed not revelant earlier.

    --
    A bunch of Tech Stuff
  8. Jane... by Cyclopedian · · Score: 2, Insightful

    In such a vast network of billions upon billions of bits, all interconnected, would we see an AI emerge such as Jane in Orson Scott Card's Ender Series?

    I wonder what that AI would do upon emerging? Lurk around in silence? Help or harm the human race? Would it develop its own set of laws?

    Or maybe it'll end up being another ELIZA chatbot.

    "What about clueless make you want beer drown?"

    -Cyc

    --
    /.'s 10 Millionth
    1. Re:Jane... by Planesdragon · · Score: 4, Insightful

      In such a vast network of billions upon billions of bits, all interconnected, would we see an AI emerge such as Jane in Orson Scott Card's Ender Series?

      No.

      What we would need for accidental AI evolution is a sufficiently large system with not only billions and billions of bits, but the ability for each individual node in that system to modify the nodes around it.

      The internet will actually be useful for EVERYTHING far before it ever sprouts an AI.

    2. Re:Jane... by Noxx · · Score: 1

      If the past decade or so of web experience is any teacher, the first thing Jane would do is ask for your credit card number.

      --
      Study everything, you'll find something you can use - Jason Bourne
    3. Re:Jane... by iggymanz · · Score: 1

      oh, you mean like the various MS worms?

    4. Re:Jane... by wongaboo · · Score: 1

      Warning: geeky nitpicking follows.

      A fascinating idea of course but to be clear Card had a definite notion of soul. The network did not become aware by itself but the Buggers actually took a conscious from the ether and placed in the network in the same way they did with new queens. They did this in hope of contacting ender through the game he played in the battle school and eventually the conscious evolved to utilize the ancible to create a large galactic AI. Card did not see grid computing (on a planetary scale) equaling AI.

      To nitpick even farther you allude to a definition of AI (a human like intelligence) that is less and less embraced by those who work in the field. An AI is simply a learning computer. In a very real sense primitive AI's are currently present doing tasks like flying planes and competing against humans in games. The thing to remember is the AI remains a computer and we would expect it to behave like any computer with the exception that it will undergo a process of self-improvement based on experience. Any human like qualities (as Jane had) are only likely to be programmed in (or taught) to ease human user interface with a complex machine.

      End geeky nitpick

      For what is worth an emergent AI is not the only way to get to Jane. The user agent concept has come a long way from Clippy. I do not expect we will have to wait for aliens and a galaxy wide computing network to get AI agents that prepare our data for us and do some of the work online that we currently do manually.

      --
      cogito ergo oro
  9. Mod parent up - there is no "grid computing" by Animats · · Score: 3, Insightful
    Is there a "grid community"? So far, "grid computing" seems to be mostly hype by people desperate to develop a new revenue stream. There are few, if any, real buyers of "grid computing" service.

    When you look at case studies of commercial "grid computing", what they're really talking about are dedicated clusters of machines. This is just clustering.

    If "grid computing" were saleable, ISPs would be offering off-peak compute time on their server farms, and people would be buying it. They're not.

    It's time sharing, people. And time sharing is dead.

    1. Re:Mod parent up - there is no "grid computing" by rpeppe · · Score: 2, Informative
      I agree there's loads of hype around grid computing, but I think there are some interesting problems there. It's not really the same as dedicated clustering, because often (usually?) the cluster is not dedicated. A "grid network" often consists of a scattered set of heterogeneous machines over multiple networks, controlled by many people.

      The real task is to transform that sprawling, unreliable beast into something that provides some sort of useful, dependable resource. Machines will be switched off, programs will crash or hang unexpectedly, people will write malicious apps, and through all of that, there is still the possibility of getting some useful work done.

      In my personal view, the real failing of the "Grid Computing community" is to try to solve too many problems at once. But what the heck, it gets lots of papers published.

      If "grid computing" were saleable, ISPs would be offering off-peak compute time on their server farms, and people would be buying it. They're not.

      Most people don't have problems that are suitable for grid compute-farm processing, particularly over WANs. Most companies that do have such problems wouldn't want to make the data that's being processed available to arbitrary client nodes. Neither of these things mean that grid computing is dead.

    2. Re:Mod parent up - there is no "grid computing" by Gromius · · Score: 1

      The grid community is more or less just high energy physicists (I am one but not involved directly in GRID). Due to our setup, (lots of different universities in different countries working on central experiment) it means that our systems are spread across the the world. We needed some way to transfer the data around to different machines so we helped develop/create the internet. Now the next logical step for us is to develop a means to take advantage of all those machines which belong to use accross the world and fully utilise their computing power. Enter the GRID. It is worth to note that only somebody who has our set up (lots of invidually university owned systems trying to accomplise the same task) would find the grid much use.

      Commerically the grid is useless at the moment but this doesnt stop companies hyping it to make a quick buck. Also we cost hundreds of millions of dollars of tax payers money so our PR dept. really likes to point out the benfits of HEP. Currently this is the internet/web but you can only hype one thing so long. Hence when they heard the grid (in a very simplified picture) was kinda like the interent markII, they jumped on it like a rabid hyena, shouting its supposed benfits mankind from the rooftops in an atempt to justfiy what we cost the public.

      We (the physicists) dont care about the revenue benfits, all we want to do is have our analysises faster. Thats why there is no securicity, as its build by academics for academic use (and we sorta trust each other). We did exactly the same thing with the internet, no security as was mainly supposed to provide a means to transfer large amounts of data amoung a trusted group.

      My thoughts

    3. Re:Mod parent up - there is no "grid computing" by gbnewby · · Score: 1
      First, I'm a co-chair of a working group in the Global Grid Forum. Also, I'll be speaking about Grid (In-)security at this summer's 2600 conference. At the outset, you are right to be skeptical of the power of Grid computing, and the extent to which it's different from other existing models (clustering, time sharing, distributed).

      "Grid" as a concept is mostly just a buzzword. Oracle10g is a good example.

      But Grid as a standard (under development by the GGF, OASIS and others) is something a lot more specific. What that emerging standards-compliant Grid offers is:

      1. End-to-end encryption, based on certificates and public key
      2. Virtual organizations, in which there is a closed "community" of systems and their users who can participate in a particular Grid (somewhat VPN-like)
      3. Event-driven framework, instead of client/server or push/pull models -- this is a major win for some applications

      The Globus toolkit is one messed up pile of confused & confusing software (yes, I'm running 2.4 and 3.0 and develop for it). But it will change a lot for the better over this upcoming year, if it keeps to schedule, to build on Web services (Tomcat, etc.) rather than re-inventing WS+Grid. Adding the points 1-3 above to WS will work a whole lot better, I think/hope, than re-creating most of WS in the Grid services (GS) Globus toolkit.

      Bottom line: The vision/plan of standards-compliant Grid computing does offer some real advantages and promise. It's not for every application, every user and every organization, any more than, say, cluster or distributed computing is. But today's Globus and other Grid standards are in pretty early stages, and only barely useful for real tasks (i.e., see how the Teragrid fell victim to fairly mundane attack).

    4. Re:Mod parent up - there is no "grid computing" by rpeppe · · Score: 1

      Could tell me what is the point of "web services"? To a naive outsider, they look amazingly complex (XML Schema, anyone?) for what they give you. I'm sure I must have overlooked some vital aspect of the whole WS thing, because for the life of me I can't work out what all the fuss is about. To me, they seem like a strange thing to base a whole infrastructure around.

    5. Re:Mod parent up - there is no "grid computing" by gbnewby · · Score: 1

      Yours is a great question! Here's an article that basically says there is no simple definition.

      The simplest I can make it is that Web services, as compared to "standard" Web pages, adds interoperability. This means that programs can actually operate with each other over the Internet. There are some other ways this can happen (distributed computing; cluster/parallel software like MPI), but Web services probably offers a more general-purpose framework. The trade-off is that WS are complex, and even deciding what the necessary components are can be tough!

      One of the key desirable features for WS (but not a definition/requirement) is the ability to maintain state across connections. This is actually built into GS, which is an advantage I didn't mention (though notification frameworks might imply statefulness, I suppose).

      I'm not trying to be an advocate, particularly, just pointing out what "real" problems are addressed by GS.

    6. Re:Mod parent up - there is no "grid computing" by rpeppe · · Score: 1
      Interesting article, thanks. My favourite quote from it:

      ...low technical barriers to entry...

      I had to laugh. Web services are so ludicrously complex that unless you use loads of existing (complex and platform-specific) software, the technical barriers to entry are remarkably high! I've implemented some web services stuff from scratch, and it's really not easy at all. The WSDL standard drags in many other standards.

      Just for a laugh, I started to try to enumerate the standards referred to, directly and indirectly, from the WSDL. I ran out of time after getting two levels deep, but already the referred-to standards totalled 4.8MB (approx. 103000 lines)! And this is a "low technical barrier to entry"?!

      This enormous complexity is simply not necessary to make a decent, general-purpose framework for program accessibility and interoperability. As an example, the Styx protocol is general purpose protocol that actually does considerably more than web services, but it is completely documented in under 42K (just over 1000 lines). It references only one other standard (UTF-8), (one that I didn't include in the above count for WSDL, even though it was referred to there). You can knock up a client or a server from scratch in a couple of days. It's light-weight enough that it can be implemented on tiny devices, such as the Lego brick.

      Hence my initial question. What is it with all the web services stuff?

      I'd be crying if I wasn't busy being sick.

  10. Can someone explain to me ... by auburnate · · Score: 1, Offtopic

    How, in this day and age, does Cisco leave sensitive information like their network OS source code on a computer/grid that is accessible from the outside internet?

  11. What use is security when you have an open invite? by Anonymous Coward · · Score: 3, Insightful

    There can't be real security if people openly allow access to data on their devices.
    Poor GUI design, insecure appliction defaults and lack of awareness by users all contribute to poor security.

    For example just do a search for boot.ini or inbox.dbx on any p2p program to get an idea of just how many open boxes are out there.

  12. The answer. by gregarican · · Score: 1

    Because this is the same company that sold hardware comprising the backbone of the Internet but was full of H.323, BGP, SNMP, and TCP flaws. Such flawed implementations led to dozens of different exploits being circulated. But they were able to stay ahead of the 8 ball and release patches JIT every time around.

  13. Plan 9 by Anonymous Coward · · Score: 1, Interesting

    Plan 9 is a great OS to use for gridding and provides extensive security.

    1. Re:Plan 9 by rpeppe · · Score: 1

      Actually in my (admittedly biased) opinion, Inferno is better than plan 9 for this, as it can run under existing systems (e.g. Linux & Windows), and the authentication model is peer-to-peer (no auth server bottleneck). I do use Plan 9 on my desktop, but one can use Inferno with little effort to leverage the power of existing networks of computers which one would perhaps be unwilling to switch over to running Plan 9.

  14. Looks like I was right... by Ratfactor · · Score: 4, Funny

    All this time I've been saying that the GGF (AuthZ-WG, OGSA-SEC [WS-SEC], CAOPS-WG [CP/CPS with CA], OGSA-AUTHZ [PERMIS, CAS, VOMS...], SA3-RG, ARRG-RG [X.509, SAML...]) needs to address OGSA, OGSI, and WSRF problems with PKI-based security!

    Yup, you know it!

    1. Re:Looks like I was right... by Xugumad · · Score: 1

      What scares me is that I can't tell if you've just streamed the acronyms out of the article, or, like me, you actually have to work with this stuff...

  15. Re:Grid computing will never be secure by rpeppe · · Score: 1
    You don't need a VPN to have a secure grid system. For a start, a computational grid need not allow the grid coordinator to run anything on the nodes of the grid.

    It seems to be a commonly held misconception that making your node part of a computational grid implies making all of its resources available in the absence of "physical" layers of security (e.g. VPN, virtual memory protection). This is not true - in the "client pull" model, a node on the grid can choose exactly what it cares to run - and if this is a selection from a small set of trusted programs which operate within certain limits, regardless of parameters, then the client is still secure.

    As Bruce Schneier might say, there's no absolute level at which you can judge a system "secure". It's all about establishing a level of security that is acceptable to you.

    For one example, the grid compute-farm s/w I wrote allows you to do this.

  16. there is no *commercial* grid computing. yet. by Cska+Sofia · · Score: 1

    Grid infrastructure is not just about compute time. It will also attempt to deal with the predicted "data deluge" in the various sciences (chiefly high energy physics, but genetics are also a big producer of data). Storage requirements will increase much faster than the media technology, meaning that new distributed systems will have to be developed to store and access this in a useful way.

    Anyway, you can't expect this to leap straight from research papers into commercially viable systems right away. Remember that the Internet started off as a solution in a very specialised field (defence) before commerce started making use of it. Also like the Internet, the main benefits of a global Grid will only become apparent once some significant interoperable installations have been made.

    The reason there are few buyers for grid computing services is because it's not ready yet. It is being designed for tomorrow's problems, and, when the time is right, it will certainly have plenty of interested parties.

  17. Blatant plug... by BillGodfrey · · Score: 1

    My primer on distriuted computing includes a shed load of tips for dealing with parasites, spoiler attacks and innocent errors.

  18. The General and the Scientist by ear1grey · · Score: 1

    In the case of the military, it is possible to enforce security due to the inherent hierarchical nature of the relationships being modeled: witness the structure of X500 and subsequently LDAP based directory services which are derived from X500.

    The situation is somewhat more complex with globalized Grid Computing because of the lack of a universally trusted authority. If the ideal of a ubiquitous "on tap" computing resource is to be realised then a model which unifies hierarchical and peer based trust models is needed.

    The original post identifies a high level introduction to some of the consortium and forum based research in this area (which everyone is encouraged to contribute to). "It has", as you say, "been some time", however, it's going take significantly more time before the scientists view of grid computing (as opposed to the marketing hype) can be realised.

    --
    boakes.org
  19. Attack of the clones. by ear1grey · · Score: 1

    To answer your first question: the grid community exists through several forums and consortiums.

    Now, question 2: The machines in today's grid testbeds are typically just cloned machines so if they get compromised they're easy enough to purge.

    The risks are many. Should such a powerful system become compromised at a high enough level (through a social or technical attack), then the potential for a brute force attack on other cryptographically secured systems is high.

    Also, due to the "webs of trust" that have to exist between machines within these grids, breaking into a grid which exists across multiple organisations may provide strategic attack points from within those organisatiosn firewalls.

    Add to this the fact that the early adopters of grid computing are likely to include pharmecutical corporations, oil companies & the defence industry and it may be apparent that the cost of breaking into such a system may be higher than if John Doe's machine gets owned.

    --
    boakes.org
  20. Re:MOD PARENT UP Re:Starts with "ad",ends with "me by bendelo · · Score: 1

    Don't worry - I meta-moderated appropriately.