Leon Gommans

Web services and grid security vulnerabilities and threats analysis and model

The paper provides an overview of available Web services security vulnerability models and proposes a classification of the potential grid and Web services attacks and vulnerabilities. This is further used to introduce a security model for interacting grid and Web services that illustrates how basic security services should interact to provide an attack-resilient multilayer protection in a typical service-oriented architecture. The analysis and the model can be used as a basis for developing countermeasures against known vulnerabilities and security services design recommendations. The paper refers to the ongoing work on middleware and operational security in the framework of the European grid infrastructure deployment project EGEE and related coordination groups.

On advance reservation of heterogeneous network paths

The availability of information about properties and status of resources is essential for Grid resource brokers. However, while abstractions of computing and storage resources already exist, the notion of Grid network resource is far from being understood today. As a result, the integration of advanced network services is still difficult when a Grid system spans large-scale heterogeneous network infrastructures. In this paper, we propose a single definition of a Grid network resource abstraction for multiple types of network connectivity. This abstraction was successfully implemented and tested in a network resource management prototype supporting a variety of network technologies.

Authorization of a QoS path based on generic AAA

For data intensive Grid applications, such as shown at iGrid2002, users may require short-lived guaranteed high bandwidth connections. These types of connections, providing a certain Quality of Service (QoS) will need to be authorized and provisioned, often through multiple administrative domains. We present a case study of a Bandwidth on Demand service that provides a QoS path based on Genetic Authorization, Authentication, Accounting, that represents a first step forward towards a multi-domain solution.

User Programmable Virtualized Networks

This paper introduces the concept of a User Programmable Virtualized Network, which allows networks to deliver application specific services using network element components that developers can program as part of a users application. The use of special tokens in data or control packets is the basis of a practical, yet powerful security and AAA framework. This framework allows for implementations with a low footprint that can operate in a multi domain network operator environment. We demonstrate the ease with which one can build applications and address networking problems as they appear for example in sensor networks.

Security architecture for open collaborative environment

The paper presents proposed Security Architecture for Open Collaborative Environment (OCE) being developed in the framework of the Collaboratory.nl (CNL) project with the intent to build a flexible, customer-driven security infrastructure for open collaborative applications. The architecture is based on extended use of emerging Web Services and Grid security technologies combined with concepts from the generic Authentication Authorization and Accounting (AAA) and Role-based Access Control (RBAC) frameworks. The paper describes another proposed solution the Job-centric security model that uses a Job description as a semantic document created on the basis of the signed order (or business agreement) to provide a job-specific context for invocation of the basic OCE security services. Typical OCE use case of policy based access control is discussed in details.

Using SAML and XACML for Complex Resource Provisioning in Grid Based Applications

This paper presents ongoing research and current results on the development of flexible access control infrastructure for complex resource provisioning (CRP) in Grid-based applications. The paper proposes a general CRP model and specifies major requirements to the Authorisation (AuthZ) service infrastructure to support multidomain CRP, focusing on two main issues - policy expression for complex resource models and AuthZ session support. The paper provides suggestions about using XACML and its special profiles to describe access control policies to complex resources and briefly describes proposed XML based AuthZ ticket format to support extended AuthZ session context. Additionally, the paper discusses what specific functionality can be added to the gLite Java Authorisation Framework (gJAF), to handle dynamic security context including AuthZ session support. The paper is based on experiences gained from major Grid based and Grid oriented projects such as EGEE, Phosphorus and GigaPort Research on Network.

Job-centric security model for open collaborative environment

This paper describes the design and development of a flexible, customer driven, security infrastructure for open collaborative environments. The experiences were gained within the framework of the collaboratory.nl project. The work is based on extended use of emerging Web services and grid security technologies, combined with concepts from the generic authentication authorization and accounting (AAA) authorisation framework. Basic CNL use cases and functional security requirements are analysed to provide motivation for the proposed job-centric security model. This model describes access control and user- and resource management. The proposed job-centric approach uses a job description as a semantic document that is created on the basis of the signed order (or business agreement). It contains all the information required to run the experiment and also to create/manage the virtual job-based associations of users and resources. The proposed trust relations analysis explains the use of trust anchors in the job-centric security model. In addition, the paper provides implementation details of using XACML and SAML for authorisation assertions and messaging, based on the current CNL implementation

Using Workflow for Dynamic Security Context Management in Grid-based Applications

This paper presents ongoing research and current results on the development of flexible access control infrastructures for complex resource provisioning in Grid-based collaborative applications and on-demand network services provisioning. We investigate the use of workflow concepts for the required orchestration of multiple Grid resources and/or services across multiple administrative and security domains. In particular, workflow execution and management tools can be used to track security context changes that are dependent on the application domain, execution stage defined policies, or user and/or service attributes. The paper discusses what specific functionality should be added to Grid-oriented authorization frameworks to handle such dynamic service-related security contexts. As an example, the paper explains how such functionality can be achieved in the GAAA Authorization framework and GAAA toolkit. Suggestions are given about integration with the Globus Toolkits Authorization Framework. Additionally, the paper analyses what possibilities of expressing and handling dynamic security contexts are available in XACML and SAML, and how the VO concept can be used for managing dynamic security associations of users and resources. The paper is based on experiences gained from major Grid based and Grid oriented projects such as EGEE, NextGrid, Collaboratory. nl and GigaPort Research on Network.

Multi-domain lightpath authorization, using tokens

This paper highlights the concepts and results of our research, leading to demonstrations during the period 2005-2007 to develop a flexible and simple access control model, and corresponding support tools to provision multi-domain optical network resources on demand. We introduce the general network resources provisioning model that extends the Generic AAA Authorisation sequences for multi-domain scenarios, and explain how token based access control and policy enforcement can be used during the provisioned resource access. To build a solid conceptual foundation for the proposed token, based access control, the paper revisits existing token definition and proposes a new definition in the context of our research. We subsequently show the use of tokens during different stages of the lightpath provisioning process. The paper identifies and describes two major scenarios in multidomain lightpath provisioning: the chain and tree approaches. The proposed token concept allows a simple combination of access control enforcement at different networking layers: the packet layer, the path layer, and the service layer. We end with a brief description of a few demonstrations that proves the proposed concepts and illustrates its acceptance by a wider networking community.

Dynamic paths in multi-domain optical networks for grids

Many Grid applications require high bandwidth end-to-end connections between Grid resources in different domains. Fiber optic networks, owned by different providers, have to cooperate in a coordinated manner in order to provide an end-to-end connection. Currently, multi-domain optical network solutions require paper-based long-term contracts between administrative domains. This paper describes a solution for dynamically creating optical connections between different autonomous domains. This was implemented in the form of a Grid Service following the Open Grid Service Architecture. In our prototype, each switch belongs to a different network domain. Our Grid Service uses a toolkit based on the Generic Authorization, Authentication, and Accounting framework. This toolkit authorizes the use of optical infrastructure elements based on specific policies that are active within each domain. To complete our multi-domain authorization architecture, a Broker Service was also implemented. Our Broker Service interacts with the Grid Service instances to provide Grid application with a simplified way to set up end-to-end connections on demand.