240 likes | 347 Views
Data Management in Grid VLDB ’06 Conference Security and Performance Enhancements to OGSA-DAI for Grid Data Virtualization Marcin Admaski, Michal Kulczewski, Krzysztof Kurowski , Jarek Nabrzyski , Ally Hume krzysztof.kurowski@man.poznan.pl
E N D
Data Management in Grid VLDB’06 Conference Security and Performance Enhancements to OGSA-DAI for Grid Data Virtualization Marcin Admaski, Michal Kulczewski, Krzysztof Kurowski, Jarek Nabrzyski, Ally Hume krzysztof.kurowski@man.poznan.pl Poznan Supercomputing and Networking Center, Poland EPCC The University of Edinburgh, Scotland www.inteligrid.com
Agenda • inteliGrid vision & challenges • Data management problems/issues within a fabric Grid layer • Data management problems/issues within inteliGrid middleware layer • Data management problems/issues within business interoperability layer • InteliGrid VO development and deployment • Security and Performance Tests • Summary and future steps 2005 2006 2007
InteliGrid in numbers • 6th Framework STREP project • Budget ~2.5 m€ • 360 person months, • Duration 2.5 years 1.9.2004 – 28.2.2007 • Partners • LJU (coord), TUD, PSNC, VTT • EPM, Conject, Sofistik • OPB, ESoCE PSNC
inteliGrid vision and challenges • InteliGrid = interoperability of virtual organizations on a complex semantic grid = Grid + Semantic + VO • One of the main goals in the inteliGrid project is to provide secure, flexible, and easy to use solutions for interoperability between distributed data resources, services and application tools required by various business processes within Virtual Organizations (VOs). • But… end users or service providers do not want to expose databases, services, capability providers to all people (including hackers :-) in the Internet, but only to people they trust (e.g. from the same VO). • Some InteliGrid requirements and scenarios: • people, services, resources may join and leave the VO for a few days (not years) • support the access to various types of resources and services (both computing and data resources), • enable to define multiple collaborative groups within the VO, • support multiple credentials (originating from various trusted parties), • be as much as possible transparent to end users and applications, • use the existing security mechanisms, wherever possible, • be able to handle fine grained security privileges in a platform independent manner (such privileges can range from single objects to multiple grid resources and entities of separate administrative domains)
VOs in Architecture, Engineering and Construction (AEC) sector PAST: WITHOUT IT ;-) TODAY: INFORMATION CHAOS TOMORROW'S GOAL: INTEROPERABILITY (one central VO server / service)
InteliGrid approach • From the security perspective, a VOis a collection of individuals and institutions that are defined according to a set of resource or data sharing policy rules. In other words, the VO is a dynamic collection of individuals, institutions and distributed resources (data, processors, storage, information, applications, etc.). • In order to fulfill strict security requirements based on real business VO scenarios, all inteliGrid products must allow users and service/resource owners to define a dynamic global security policies within VOs and enforcing them through a consistent Authentication, Authorization and Accounting (AAA) infrastructure • Check out the following webpage: http://testbed.inteligrid.com
InteliGrid dream (December 2004 ;-)networked VOs and on demand AEC services PSNC TUD LJU VO Administrator Dynamic InteliGrid Collaborative Environments And Workspaces (Virtual Organizations) SOFISTIK
InteliGrid Physical Grid Resources Open Network (Internet) OGSA-DAI OGSA-DAI OGSA-DAI OGSA-DAI
Heterogeneous data resources in InteliGrid… • Distributed resources within InteliGrid • Different Databases • PostgreSQL • MySQL • File systems • Object oriented databases (e.g. EPM) • Business Service Providers* (e.g. Conject, EPM) • Various legacy applications* and AEC modules require and generate input/output files * Running on both Linux and Win platforms
Why do we use existing open source solutions? • We did not want to develop everything from scratch • We did not have enough time, money and resources • We wanted to use and integrate widely accepted and mature grid technologies and standards • Some grid-related projects have developed already a lot of useful infrastructure services and data management tools, in particular: • Globus Pre-WS/GT4(www.globus.org) • OGSA-DAI (www.ogsadai.org.uk) • GridLab grid middleware services: GAS (www.gridlab.org) • We had to add new features and capabilities to meet inteliGrid requirements and use cases, also for data management (dynamic/secure VO scenarios)
OGSA-DAI • OGSA-DAI services can be used as the basic primitives for creating sophisticated higher-level services that offer capabilities such as data federation, distributed query processing, etc… • The OGSA-DAI middleware layer can abstract away concerns such concerns as database driver technology, data formatting techniques and delivery mechanisms, etc.
Authentication • Communication between multi-domains over the Internet (various OGSA-DAI services) within a networked VO must be well protected: • Many grid environments utilize a public key or asymmetric cryptography for authentication of users, resources and service (SSL/GSI). • According to the basics of PKI cryptography, each resources on the Grid has a key pair, a public and a private key (for users and OGSA-DAI services). • Encryption is performed using the public key while decryption and digital signature is performed with the private key. • InteliGrid provides X.509 certificates for identification and authentication purposes for all operation performed on OGSA-DAI services and underlying data resources (relational and XML databases, file systems, etc. ) • SSO must be supported Open Network (Internet) OGSA-DAI OGSA-DAI OGSA-DAI OGSA-DAI
Basic OGSA-DAI authorization model • Advantages • Closed system • Disadvantages • Very static model • No dynamic VO support • Only internal authorization possible Authentication and encryption based on GSI/SSL Authorization based on a flat mapper file Example: imagine a federation of 1000 databases
OGSA-DAI PUSH authorization model (e.g. CAS, VOMS) • Advantages • VO support • Fast model • Disadvantages • Static model (as long as proxy is valid) • Consistent polices required in two places: CAS and Rolemapper • Specific user security policy for OGSA-DAI can be seen by various system components
OGSA-DAI PULL authorization model (InteliGrid approach) • Advantages • VO support • Dynamic model • Full security control in one place GAS (no changes in OGSA-DAI required) • Real RBAC model (admin can change roles dynamically during execution) • We did not modify sources of OGSA-DAI • Disadvantages • Slow model (many iterations required) • DoS attacks possible VO Administrator Authorization based on security decisions taken from GAS
GAS: Gridge Authorization Service • GAS is an authorization service which provides a universal way of defining the security policy for the whole networked VO, independently of technologies used at lower levels. GAS is able to • Add/Modify VO security policies within GAS by using a nice web-based administrative interface • generate the authorization decision for users or inteliGrid middleware services (including OGSA-DAI) – PULL authorization model • generate part of the security policy for users or inteliGrid middleware services – PUSH authorization model OGSA-DAI OGSA-DAI OGSA-DAI • Cash services • Replication services • …
Dynamic on-line policy authorization control and enforcement in VOs Users who have access rights to OGSA-DAI resources InteliGrid users OGSA-DAI Resources (MySQL, PostrgreSQL, Oracle, etc)
Accounting • Accounting has close ties to authentication and authorization because of the certainty in which they identify the entity to be associated with the accounting data. • This is particularly important in the areas of security audits, intrusion detection, etc. • On the other hand, by using the accounting statistics we may introduce various billing or charging policies, e.g. pay-per-use • Please observe that, in contrast to access control and authorization, which are binary, charging or billing in the VO could be quantitative; so the question then becomes how much access to grant a user to a resource, rather than simply whether to grant access or not • Commercialization process of InteliGrid next year… hopefully ;-)
Performance tests (1) • The performance of every OGSA-DAI query was measured in two ways: after the containerrestart (marked with the grey color) and while the container was running forsome time. Average values of different security mechanisms used byTomcat and Globus Toolkit 4 containers are presented below:
Performance tests (2) • In our tests an example SQLstatement has been used to query to the MySQL database to deliver 10 000 rowsin the CSV format as a file transferred over SOAP attachments. 4.3
Performance tests (3) • Performance among different OGSA-DAI authorization mechanisms are presented.
Summary • So many different views on virtual organizations… • There are both advantages and disadvantages of AAA, but dynamic and fine-grained security control and management are key issues in networked VOs • InteliGrid solutions and problems are generic and will beavailablefor free • Metadata, semantics and ontologies within/over OGSA-DAI to simplify and speed up the integration of distributed business processes • Push from commercial partners to use new security protocols, e.g. SAML and XACLM (GAS provides SAML2.0 compliant interfaces, DRMAA Service Provider supports SAML2.0/Liberty Alliance) to deal with SSO scenarios • Push from commercial partners to adopt accounting mechanisms and come up with new business models • Online demo… ;-)