Security in the Development Process of Mobile Grid Systems

Grid computing has emerged to cater the need of computing-on-demand (Jana et al., 2009) due to the advent of distributed computing with sophisticated load balancing, distributed data and concurrent computing power using clustered servers. The Grid enables resource sharing and dynamic allocation of computational resources, thus increasing access to distributed data, promoting operational flexibility and collaboration, and allowing service providers to scale efficiently to meet variable demands (Foster & Kesselman, 2004). Security is considered as the most significant challenge for Grid computing (Humphrey et al., 2005), due to the fact that resources are shared between organizations; expensive resources, that may go from computers and other hardware facilities, to potentially valuable, sensitive and confidential data files. In recent years the mobile computing community has been successful in utilising academic and industry research efforts to bring products to the commercial market. We have seen a proliferation of consumer electronic devices taking advantage of wireless technology enrich our daily lives with increased productivity thanks to higher connectivity. At first glance, it seems that the marriage of mobile wireless consumer devices with highperformance Grid computing would be an unlikely match. After all, Grid computing to date has utilised multiprocessors and PCs as the computing nodes within its mesh. Consumer computing devices such as laptops and PDAs are typically restricted by reduced CPU, memory, secondary storage, and bandwidth capabilities. However, therein lies the challenge. The availability of wirelessly connected mobile devices has grown considerably within recent years, creating an enormous collective untapped potential for resource utilisation. To wit, recent market research shows that in 2008, 269 million mobile phone and 36 million smartphone (Gartner, 2009) were sold worldwide, and that in 2006, 17 million PDAs (Gartner, 2007) were sold worldwide. Although these individual computing devices may be resource-limited in isolation, as an aggregated sum, they have the potential to play a vital role within Grid computing (Phan et al., 2005). On the other hand, the idea of developing software through systematic development processes to improve software quality is not new. Nevertheless, there are still many information systems such as the Grid Computing ones, that are not developed through methodologies adapted to their most differentiating features (Kolonay & Sobolewski, 2004). That is to say, generic development processes are used to develop specific systems without

[1]  P. Krutchen,et al.  The Rational Unified Process: An Introduction , 2000 .

[2]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[3]  Mathilde Romberg,et al.  The UNICORE Grid infrastructure , 2002, Sci. Program..

[4]  Jack Dongarra,et al.  Scheduling in the Grid application development software project , 2004 .

[5]  Mario Piattini,et al.  Developing a Secure Mobile Grid System through a UML Extension , 2010, J. Univers. Comput. Sci..

[6]  Mario Piattini,et al.  Analysis of Secure Mobile Grid Systems: A systematic approach , 2010, Inf. Softw. Technol..

[7]  Ruth Breu,et al.  Key Issues of a Formally Based Process Model for Security Engineer-ing , 2003 .

[8]  Jan Jürjens,et al.  Towards Development of Secure Systems Using UMLsec , 2001, FASE.

[9]  Eduardo Fernández-Medina,et al.  Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application , 2009, ER Workshops.

[10]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[11]  Haralambos Mouratidis,et al.  When security meets software engineering: a case of modelling secure information systems , 2005, Inf. Syst..

[12]  Young-Koo Lee,et al.  AutoMAGI - an Autonomic middleware for enabling Mobile Access to Grid Infrastructure , 2005, Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services - (icas-isns'05).

[13]  Haralambos Mouratidis,et al.  Integrating Security and Software Engineering: Advances and Future Visions , 2006 .

[14]  Ramesh Nagappan,et al.  Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management , 2005 .

[15]  Mohammad Ilyas,et al.  Mobile Computing Handbook , 2004 .

[16]  Eduardo Fernández-Medina,et al.  Reusable security use cases for mobile grid environments , 2009, 2009 ICSE Workshop on Software Engineering for Secure Systems.

[17]  Ivar Jacobson,et al.  The Unified Software Development Process , 1999 .

[18]  Mario Piattini,et al.  Systematic design of secure Mobile Grid systems , 2011, J. Netw. Comput. Appl..

[19]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[20]  Eduardo Fernández-Medina,et al.  Security services architecture for Secure Mobile Grid Systems , 2011, J. Syst. Archit..

[21]  Terry Komperda,et al.  Securing the Grid , 2013 .

[22]  Ming Gu,et al.  Enhancing Grid Security Infrastructure to Support Mobile Computing Nodes , 2003, WISA.

[23]  Thomas Phan,et al.  Integrating Mobile Wireless Devices into the Computational Grid , 2004, Mobile Computing Handbook.

[24]  Zhen Li,et al.  Enabling Autonomic Grid Applications: Requirements, Models and Infrastructure , 2005, Self-star Properties in Complex Information Systems.

[25]  Thomas Phan,et al.  Challenge: integrating mobile wireless devices into the computational grid , 2002, MobiCom '02.

[26]  Salim Raza Qureshi,et al.  Integration of Mobile Computing with Grid Computing : A Middleware Architecture , 2008 .

[27]  Sungyoung Lee,et al.  Bringing Handhelds to the Grid Resourcefully: A Surrogate Middleware Approach , 2005, ICCSA.

[28]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[29]  David De Roure,et al.  A Grid Service Infrastructure for Mobile Devices , 2005, 2005 First International Conference on Semantics, Knowledge and Grid.

[30]  Marty Humphrey,et al.  Security for Grids , 2005, Proceedings of the IEEE.

[31]  Bashar Nuseibeh,et al.  A framework for security requirements engineering , 2006, SESS '06.

[32]  Sungyoung Lee,et al.  Mobile-to-Grid Middleware: Bridging the Gap Between Mobile and Grid Environments , 2005, EGC.

[33]  M. Angela Sasse,et al.  Bringing security home: a process for developing secure and usable systems , 2003, NSPW '03.

[34]  Debasish Jana,et al.  Privacy and Anonymity Protection in Computational Grid Services , 2009, Int. J. Comput. Sci. Appl..

[35]  Philippe Kruchten,et al.  The Rational Unified Process: An Introduction , 1998 .

[36]  Sungyoung Lee,et al.  Mobile-to-Grid Middleware: An Approach for Breaching the Divide Between Mobile and Grid Environments , 2005, ICN.

[37]  Haralambos Mouratidis,et al.  Modelling security and trust with Secure Tropos , 2006 .

[38]  Jörn Eichler Towards a Security Engineering Process Model for Electronic Business Processes , 2012, ArXiv.

[39]  R. M. Kolonay Grid interactive service-oriented programming environment , 2004 .

[40]  Felix Bachmann,et al.  Security and Survivability Reasoning Frameworks and Architectural Design Tactics , 2004 .

[41]  Jie Pan,et al.  Introduction to Grid Computing , 2009 .

[42]  Recommended Practice for Architectural Description of Software-Intensive Systems , 1999 .