Secure communication between grid domains based on trust relationships and group keys

The grid facilitates coordinated resource sharing and problem solving in dynamic, multi-institutional virtual organisation (VO). Groups within the VO communicate efficiently by multicasting the shared information. Groups within a VO can be dynamic, because users, resources or sites can join or leave a group at any time. In addition, one member may belong to multiple groups simultaneously. In this context, maintaining data privacy against untrusted users is of utmost importance in the grid environment. This necessitates the encryption of information that is transmitted among the grid entities. To preserve security in communication, the multicast information should be encrypted using a group key. The challenges faced in maintaining security in a VO includes dynamic authentication of group members, dynamic creation, updation and distribution of group keys. In view of the challenges, this paper proposes an efficient approach for dynamic group key generation and distribution. This paper also proposes a novel approach for establishing domain to domain communication using trust relationship among the entities. The proposed approaches were implemented, tested and evaluated on GridSim.

[1]  John Linn,et al.  Generic Security Service Application Program Interface Version 2, Update 1 , 2000, RFC.

[2]  D. Eastlake,et al.  XML Encryption Syntax and Processing , 2003 .

[3]  Hai Jin,et al.  A Scalable Service Scheme for Secure Group Communication in Grid , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[4]  Marty Humphrey,et al.  OGSI.NET: OGSI-compliance on the .NET framework , 2004, IEEE International Symposium on Cluster Computing and the Grid, 2004. CCGrid 2004..

[5]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.

[6]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[7]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[8]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[9]  Vijay Varadharajan,et al.  Enhancing grid security with trust management , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[10]  Audun Jøsang,et al.  A Logic for Uncertain Probabilities , 2001, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[11]  Rajkumar Buyya,et al.  GridSim: a toolkit for the modeling and simulation of distributed resource management and scheduling for Grid computing , 2002, Concurr. Comput. Pract. Exp..

[12]  Hai Jin,et al.  Aeolus: Reconcilable Key Management Mechanism for Secure Group Communication in Grid , 2008, 2008 IEEE Asia-Pacific Services Computing Conference.

[13]  Hai Jin,et al.  An Authenticated Encryption Mechanism for Secure Group Communication in Grid , 2008, 2008 International Conference on Internet Computing in Science and Engineering.

[14]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[15]  Muthucumaru Maheswaran,et al.  Evolving and managing trust in grid computing systems , 2002, IEEE CCECE2002. Canadian Conference on Electrical and Computer Engineering. Conference Proceedings (Cat. No.02CH37373).

[16]  David K. Y. Yau,et al.  Distributed collaborative key agreement and authentication protocols for dynamic peer groups , 2006, TNET.