Friday, October 22, 2021

To Go Corporate, the Grid Must be Secured

Grid computing is normally considered the province of the academic and

scientific world…. the Search for Extra-Terrestrial Intelligence

(SETI), the Earth System Grid, the European Data Grid, the TeraGrid and

other such projects have popularized the field and created a whole new

category of computing.

And the commercial sector has begun to take notice.

”Companies that rely on computationally intensive tasks, such as

rendering frames of movies, hardware verification, software building,

infrastructure testing and some financial applications, are attracted to

the same tools that scientists use for the grid,” says Ian Alderman, a

Ph.D student, who also is a member of the Condor Project, based at the

University of Wisconsin in Madison.

The SETI grid model, for example, is being harnessed by pharmaceutical

and stock brokering companies to extend their analysis applications and

utilize any spare computer power from idling office computers at night.

A more complex example is from the automotive industry, where specialized

engineering firms aid in the construction of different vehicle parts. As

these outfits are typically too small to be able to afford the necessary

computing infrastructure themselves, they are granted access to some

share of the manufacturer’s supercomputer powers.

Such scenarios, however, highlight the importance of security.

While these external firms are working for the same manufacturer, they

are often direct competitors. Resource sharing has to be managed so they

have enough access to be able to compute, but not enough to be able to

steal each other’s secrets.

”Perhaps the biggest challenge in grid computing is security,” says

Sasan Hamadi, chief security officer at Interval International Inc., a

Miami-based resort and vacation company, which is using grid technology.

Computing in Concert

Grid computing is essentially a diverse array of machines and other

resources being used in concert to rapidly process and solve problems

beyond an organization’s available capacity. Grids function by

partitioning problems into smaller tasks. Each node within the grid is

given some code and asked to solve a piece of a larger problem.

According to Hamadi, the main advantages are the resolution of

large-scale problems, reduction of time-to-market, enhancement of the

business process, and lowered cost of computing. Beyond that, though, it

could open the door to innovative goods and services, as well as

alternative methods of marketing products.

For those benefits to be realized on a grand scale, however, grid

security will have to reach maturity.

Fortunately, grids have gone relatively unmolested by the bad hats. The

biggest breach to date was an attack against a series of universities and

government agencies last year. Interestingly, this attack was not

directed towards grid software, but against a broadly adopted software

component used for remote logins to UNIX and Linux systems. Essentially,

a local privilege escalation attack was used to obtain passwords, and

those passwords were used to log in to other machines. Attackers then

repeated the process.

”Users had access to several of these systems, and the attackers used

this to quickly jump from one place to the next, creating more or less

global havoc in no time,” says Stockholm, Sweden-based Olle Mulmo,

security area director for the Global

Grid Forum and security architect for the world’s largest production

grid to date. ”The most important lesson learned from this attack is

that if one site is vulnerable, nearly all sites are. This has prompted

us to put a lot of energy into preparing for when an attack comes, not if

it will come.”

That means a heavy investment of time and effort on tools that can

quickly disable what grid computing has enabled. Though this problem is

not fully resolved, Mulmo reports that the grid community is working in

that direction.

Grid Vulnerabilities

For grid computing to become commercially viable, the potential

compromise of corporate secrets has to be addressed. That’s why most

commercial grid projects to date have been in-house. As long as you have

traditional security measures in place and can trust your developers and

vendors, there is no grid-specific threat. But when your grid extends

beyond the bounds of the corporate firewall, a whole vista of new

concerns emerges.

When you let someone use your computer cycles, for example, how do you

ensure that what is executed is not something destructive, such a Trojan

horse that steals company secrets or reads email. The answer to that is

isolation.

There are several techniques that will ”sandbox” an application,

meaning that it will permit certain functions while denying other ones.

That is a simple approach, though perhaps not the best.

”Virtual machines are a heavyweight solution to this problem but could

be made very secure,” says Alderman. ”Sandboxing is easier to implement

but probably less effective.”

Access control — or simply keeping the bad guys out — is another

important security facet. But in such a distributed problem, access

control is far from easy.

Several solutions currently exist, according to Mulmo, who also

co-founded the Globus Alliance, which

fosters the research and development of grid middleware technologies. One

solution is to ask a central service at runtime if a user is permitted to

perform a certain operation. Another approach is to have users provide

”evidence” ahead of time that they are indeed allowed to perform the

operations requested.

Both solutions have their pros and cons with regard to performance,

scalability, management and security.

”Ultimately, it’s a question of where in the system you will place the

complexity,” says Mulmo. ”Which solution you would finally choose

depends on your particular use case and your specific application

needs.”

For grid authentication to work properly, a global identification scheme

is required. Currently, the grid community is favoring a Public Key

Infrastructure (PKI) certificate format known as X.509. This is the same

technology that identifies your online banking or travel reservation

services, and provides an added assurance that you won’t send your credit

card details to the wrong person.

”Grid users need to have strong protection mechanisms to securely store

private keys, to revoke certificates and secure applications being used

within the grid,” says Hamadi.

The problem with this PKI scheme, says Mulmo, is that setting up an

X.509-based infrastructure can be expensive. More flexibility, therefore,

is needed to reduce costs while maintaining security.

And then there are the gray areas.

If a user gives a task to the grid, does that task have the full rights

of that user? If so, what if an attacker gets ahold of the task? How do

you give the tasks just the rights they need, but not more?

”Even if you are able to delegate a subset of rights, you still need to

keep those rights out of the wrong hands,” says Alderman. ”The

techniques used for digital rights management (DRM) might be effective at

providing confidentiality and integrity guarantees in a grid setting.”

But security of the grids themselves may actually prove to be less of a

stumbling point in corporate adoption than the thorny subject of

licensing security.

How do you move a software license, which is required to run your

program, from one organization to another? The grid concept is juxtaposed

against the traditional software licensing models used worldwide.

”Today, you cannot move licenses in a secure manner, or without breaking

the licensing terms,” says Mulmo. ”This problem strikes at the heart of

currently used licensing management schemes, and while it is being

investigated, it is still unresolved at this point in time.”

Similar articles

Latest Articles