Grid computing is in simple terms the pooling of computing resources. The concept refers to the connecting together of loosely coupled,
heterogeneous and geographically dispersed computer resources from multiple administrative domains, using general-purpose grid software libraries known as middleware. This technology aims to harness the power of interconnected processors and storage as a single entity, without the mediation of a network, thereby making available the processing power of a supercomputer for a fraction of the cost.
Image Credit: flickr.com/Paul Downey
Overview of Security Issues
Grid computing has distinct security issues compared to traditional computing systems, be it stand-alone, or networked architecture. The major security problems with grid computing include:
- Impact on Local Host: Grid computing involves running an alien code in the host system. This external code can hamper jobs running locally, and compromise local data security.
- Vulnerable Hosts: Clients using the grid remain in danger from the local hosts. The major vulnerabilities include the local hosts shutting down resulting in denial of service, viruses, or other malware in the local host affecting the entire process, and local hosts compromising client data integrity and confidentiality.
- Interception: One major security risk with grid computing is an attacker intercepting the resources and data in the grid. The attack can take various forms such as a distributed denial-of-service (DDOS) attack and the like.
- Packet Losses: Interruption of nodes during the routing process to send packets from source to destination decreases total packet delivery and loss or corruption of data
The extent of security risks when using smart grid depends on the intellectual property put in the hosted environment
A monitoring agency with the following roles can resolve most of the grid computing security concerns with grid systems:
- Monitoring resource usage.
- Institution of a trust management system to create, manage, and negotiate trust among the different units in the grid.
- Establishing an authorization system to authorize user access specific resources.
The user running an application on a remote machine in the grid-computing network requires assurance of the machine retaining its integrity, to ensure that proprietary application remains safe. The local host requires a similar assurance regarding the client data and processes that run on the host. While the safeguards of a traditional system aim at protecting the system and data from its users, the security orientation of grid systems need to go a step ahead and also protect applications and data from the system where the computation takes place.
Grid computing security requires strong authentication and restrictions on local execution from remote systems. Some of the ways include:
- Secure grid communication using public key cryptography.
- Authentication or verifying identity of the participant. Traditional systems authenticate clients to protect the server, grid systems require mutual authentication to ensure protection against attackers.
- Single sign on or delegation capacity, to reduce the number of times a user needs to enter password.
- SSL Layers.
- Filtering and auditing of data.
- Erasure of data after use.
- Advanced measures for security in grid computing such as hardware based Virtual Private Network (VPN), which involves moving grid processors into the VPN at the start of a session and out at its conclusion, and restricting client-side access to the grid to named users.
The business gains resulting from grid computing already outweigh the security risks, and as security problems with grid computing find even more resolution with further advancement of technology, grid computing is poised to become commonplace.
- Infosys Research. "Taxonomy of Grid Security Issues." https://www.infosys.com/research/publications/Documents/grid-computing-security.pdf. Retrieved 04 November 2010.
- University of Southern California. Information Sciences Institute. “Security Issues in Grid Computing." https://www.isi.edu/~annc/classes/grid/lectures/lecture3.pdf. Retrieved 04 November 2010.
- Edmund X. DeJesus. "Grid computing and security uncertainties." https://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1176732,00.html?ShortReg=1&mboxConv=searchSecurity_RegActivate_Submit&%20K%20Data%20Grid.%20Grid%20Computing%20Security%20Issues.%20https://www.kdatagrid.com/grid-computing-security-issues. Retrieved 04 November 2010.