![Page 1: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/1.jpg)
1
Secure Distributed Objects for Grid Applications
Laurent Baduel, Arnaud Contes, Denis Caromel
OASIS team http://www.inria.fr/oasis
ProActive http://proactive.objectweb.org
![Page 2: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/2.jpg)
2
2
Outline
Context• ProActive overview
• Abstract Deployment model
Security Model• Security Entities
• Security Policies
• Example
Conclusion
![Page 3: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/3.jpg)
3
3
The ProActive Middleware
A Java API + Tools for Parallel & Distributed Computing
A uniform framework : Active Object (AO) pattern • one thread, owns passive objects, remotely accessible
Programming model : • groups, mobility, components, security
A formal model• Determinism, Insensitivity to deployment
![Page 4: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/4.jpg)
4
4
Deployment Model
Virtual Nodes : • Identified as a string name, used in program source, configured
(mapped) in an XML descriptor file
2 distinct steps :
Development Source Code
Deployment
XML Descriptor Active Objets VN VN Runtimes (JVMs) Hosts
![Page 5: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/5.jpg)
5
5
A ProActive Application
Virtual Node 1
Virtual Node 2
Virtual Node 3
Active objectPassive object
![Page 6: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/6.jpg)
6
6
Multiple Deployment Issues
One Host Cluster Grid
Different Deployments Different Security Policies
![Page 7: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/7.jpg)
7
7
Issues & Goals
Authentication of Computers, Users, and Applications
Creation, connection to, and monitoring of activities
Authentication, Integrity and Confidentiality (AIC) of communications
Several levels of security policies: users, resource providers, administrators
Main objective : Facilitate the use and the management of security features by removing them from the source code
![Page 8: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/8.jpg)
8
8
Outline
Context• ProActive overview
• Abstract Deployment model
Security Model• Security Entities
• Security Policies
• Example
Conclusion
![Page 9: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/9.jpg)
9
9
Security Entity Model
Generic definition, composed of a security manager and a protected object
Subject of security policies
Transparent for the protected object (meta object protocol)
No supposition on the protected object (runtimes, nodes, active objects, …)
Hierarchical structure
![Page 10: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/10.jpg)
10
10
Security Manager:
• Entity ID
• Security Policies
• Session Manager
Negotiation protocol
Security Manager:
• Entity ID
• Security Policies
• Session Manager Normal
communications
Secured communications
Security Entities
ProtectedObject
![Page 11: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/11.jpg)
11
11
Application Authentication
User certificate
Application certificate
Certificate chaincertificates for active objects, nodes
SPKI :
• Certificate chain
• No Certificate Authority
![Page 12: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/12.jpg)
12
12
Hierarchical Security Policies
Dn
Accept Deny
Runtime
Accept Deny
D0
Accept Deny
VN
Accept DenyAO
Accept Deny
Final Security policy
Administrator policy
Application-level policy
Security policy is defined according all matching rules from:
• Domains / Runtime
• Virtual Node
• Active Object
Resource provider policy
![Page 13: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/13.jpg)
13
13
Security Rule
Interactions:• JVMCreation
• NodeCreation
• CodeLoading
• ObjectCreation
• ObjectMigration
• Request
• Reply
• Listing
Entities:
• Domain
• User
• Virtual Node
• Object
Entities -> Entities : Interactions # Security Attributes
Attributes:• Authentication
• Integrity
• Confidentiality
Each attribute can be:• Allowed
• Optional
• Disallowed
![Page 14: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/14.jpg)
14
14
Descriptor Security Model
A key principle:
• Specify security policies in the XML deployment, NOT IN SOURCE CODE !
In program source: • Virtual Node (VN, a string name)
In XML descriptors:• List of policy rules between virtual nodes, runtimes, domains,
…
![Page 15: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/15.jpg)
15
15
Security Example
2 domains GridA & GridB with security policies• Domain [GridA] -> Domain [GridB] : Q,P,M # [+A,+I,+C]
• Domain [GridB] -> Domain [GridA] : Q,P,M # [+A,+I,+C]
Application : • 2 Virtual Nodes (vn1,vn2)
• 2 Active objects
![Page 16: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/16.jpg)
16
16
Descriptor with SecurityVirtualNodes: vn1, vn2
SECURITY:
VN [vn1] -> VN [vn2] : Q,P # [?A,?I,?C]
VN [vn1] -> VN [vn2] : M # Forbidden
VN [vn2] -> VN [vn1] : Q,P # [?A,?I,?C]
VN [vn2] -> VN [vn1] : M # Forbidden
Domain [GridA] -> Domain [GridB] : Q,P,M # [+A,+I,+C]
Domain [GridB] -> Domain [GridA] : Q,P,M # [+A,+I,+C]Mapping:
vn1 --> GridAComputers, GridBComputers
vn2 --> GridAComputers
JVMs:
/…/
![Page 17: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/17.jpg)
17
17
Example: std. code, no security/…/proActiveDescriptor.activateMappings();vn1 = proActiveDescriptor.getVirtualNode("vn1");vn2 = proActiveDescriptor.getVirtualNode("vn2");/…/Flower rose = (Flower) ProActive.newActive(Flower.class,new Object[]{« Rose »}, vn1.getNode()};Flower daliah = (Flower) ProActive.newActive(Flower.class,new Object[]{« Daliah »}, vn2.getNode()};/* next VN1 node inside the same domain */rose.migrateTo(vn1);/* communication inside the same domain */rose.sayHelloTo(daliah);/* next VN1 Node, other domain */rose.migrateTo(vn1);/* communication with another domain */rose.sayHelloTo(daliah);/* other virtual node, forbidden */rose.migrateTo(vn2);
![Page 18: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/18.jpg)
18
18
Example
Domain GridA Domain GridB
VN1VN2
Policy rules database Runtime
![Page 19: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/19.jpg)
19
19
Example
Domain GridA Domain GridB
VN1VN2
Policy rules database
Runtime
![Page 20: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/20.jpg)
20
20
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Runtime
![Page 21: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/21.jpg)
21
21
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Migration : - same VN - same domain
Runtime
Can I migrate to the next VN1 node ?
![Page 22: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/22.jpg)
22
22
Example
Domain GridA Domain GridB
Daliah
VN1VN2
Policy rules database
Migration : - same VN - same domain
Runtime
1 - Retrieve VN policy2 - migration allowed
Rose
![Page 23: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/23.jpg)
23
23
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Migration : - same VN - same domain
Runtime
![Page 24: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/24.jpg)
24
24
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Migration : - same VN - same domain
Runtime
Negotiated Policy:Rose -> Daliah : [?A,?I,?C]
Perform a method callRose -> Daliah : [?A,?I,?C]
Receive a method call : Daliah -> Rose : [?A,?I,?C]
![Page 25: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/25.jpg)
25
25
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2Policy rules
database
Migration : - same VN - same domain
Runtime
![Page 26: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/26.jpg)
26
26
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Migration : - same VN - other domain
Runtime
Can I migrate to the next VN1 node on
GridB domain?
![Page 27: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/27.jpg)
27
27
Example
Domain GridA Domain GridB
Daliah
VN1VN2
Policy rules database
Migration : - same VN - other domain
Rose
Runtime
1- VN1 policy -> none2- GridA -> GridB : [+A,+I,+C] 3- migration with [+A,+I,+C]
![Page 28: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/28.jpg)
28
28
Example
Domain GridA Domain GridB
Rose
Daliah
VN1VN2
Policy rules database
Migration : - same VN - other domain
Runtime
![Page 29: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/29.jpg)
29
29
Example
Domain GridA Domain GridB
Daliah
VN1VN2
Policy rules database
Method call : - other VN - other domainFrom Rose --> Daliah
Rose
Runtime
Negotiated Policy:Rose -> Daliah : [+A,+I,+C]
Perform a method callRose -> Daliah : [+A,+I,+C]
Receive a method call : Daliah -> Rose : [+A,+I,+C]
![Page 30: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/30.jpg)
30
30
Example
Domain GridA Domain GridB
Daliah
VN1VN2
Policy rules database
Migration : - other VN From Rose --> Daliah
Rose
Runtime
Migration to VN2 ?VN1 -> VN2 : [-M]
NO !
![Page 31: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/31.jpg)
31
31
Conclusion
Transparent to application
Take care of a hierarchy of security policies
Security can be adapted to application deployment
![Page 32: 1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive](https://reader030.vdocument.in/reader030/viewer/2022032803/56649e3b5503460f94b2da78/html5/thumbnails/32.jpg)
32
32
Thank you for your time
Questions ?