5-Dec-02 D.P.Kelsey, GridPP Security 1

GridPP SecurityUK Security Workshop

5-6 Dec 2002, NeSC

David KelseyCLRC/RAL, UK

d.p.kelsey@rl.ac.uk

5-Dec-02 D.P.Kelsey, GridPP Security 3

GridPPProvide architecture and middleware

Use the Grid with simulated data

Use the Grid with real data

Future LHC Experiments

Running US Experiments

£17M PPARC project toBuild Grid for UK PP

Sep 01 – Aug 04

5-Dec-02 D.P.Kelsey, GridPP Security 4

GridPP Security

• Same as EU DataGrid (see tomorrow)– But also US PPDG, GriPhyN, iVDGL– CERN LHC Computing Grid

• Based on Globus GSI– But adding our own developments and

functionality

5-Dec-02 D.P.Kelsey, GridPP Security 5

Security Requirements• 112 documented in D7.5 document

– 72 essential, 37 desirable aims, 3 long-term aim– Authentication (17), Authorisation (32), Auditing(5), Non-

repudiation (3), Delegation (8), Confidentiality (18), Integrity (4), Networking (2), Manageability (4), Usability (8), Interoperability (5), Scalability (1), Performance (5)

• Includes– Virtual Organisations (VO’s) – Role based authorisation

• Authorise resources as well as users– Local Authorisation

• Decisions and keep ACL’s local to data– Confidentiality

• Encrypted medical data• Don’t know who is in a VO

– International Collaboration – must inter-operate!

5-Dec-02 D.P.Kelsey, GridPP Security 6

Authentication

• More details tomorrow• International Collaboration very important• Building “Trust” between national CA’s• EDG defines list of “trusted” CA’s

– Currently 13 national CA’s– Will grow to ~20

5-Dec-02 D.P.Kelsey, GridPP Security 7

Security Developments

• Security components developed (see EDG web)– CA Trust Matrix tools– VO/LDAP & VOMS – Authorisation– LCAS, LCMAPS – local authorisation and mapping– Gridmapdir – dynamic leased accounts– Gridsite – certificate-based web management– SlashGrid - dn-based grid homefile system– GACL – Library to parse ACL’s (XML)– edg-java-security (for Data Management)

• More details in tomorrow’s talk

5-Dec-02 D.P.Kelsey, GridPP Security 8

Grid Deployment - issues

• Legal, political, site security policies, etc.– The user does not (need to) know where the

jobs will run• Cannot sign registration forms everywhere

– Acceptable Use policies (Rules)• What is needed for User Registration?

– We have a solution for EDG testbed• But not yet for full production (LCG considering this)

– What is acceptable to Site Security Officers?• GGF Site-AAA research group

– An extremely important area – could kill the Grid!

5-Dec-02 D.P.Kelsey, GridPP Security 9

Issues – Deployment (2)Virtual Organisation

Management• VO’s need to manage their members and

sites/resource providers negotiate with VO’s– Only system which will scale

• Sites cannot manage large number of Grid users

– Not just a technical problem!– Must develop procedures to allow this to

happen– VO’s not used to managing resources– Will Computer Centres give up (full) control?

5-Dec-02 D.P.Kelsey, GridPP Security 10

Summary• Authentication

– Cross-Domain Trust is the big problem• will it continue to scale?

• Authorisation– The most IMPORTANT area

• This is where the identity and rights need to be checked

– Technology is immature– Need VO management procedures/tools

• Many operational, legal, deployment issues– To establish “Trust” between Sites/VO’s/users

• Do/will sites trust each other?

• EDG has several solutions – see tomorrow’s talk

5-Dec-02 D.P.Kelsey, GridPP Security 11

Web links

• GridPP http://www.gridpp.ac.uk• DataGrid http://www.eu-datagrid.org• LCG http://lcg.web.cern.ch/LCG/• GGF Security Area

http://www.globalgridforum.org/2_SEC/SEC.htm

• DataGrid Security Requirements document

http://hepwww.rl.ac.uk/kelsey/datagrid-d7.5.pdf