网格环境安全访问控制技术研究
摘要
网格是用来表述一种适用于高端科学和工程的分布式计算体系结构,它试图实现互联网上所有资源的全面共享,其中包括计算资源、存储资源、通信资源、软件资源、信息资源、知识资源等。网格系统相当于提供了一台虚拟的超级计算机,具有超强的能力,它将对人类和社会产生巨大的影响。
由于网格是一个开放的、动态的异构环境,这使得网格系统的安全性显得尤为重要。网格安全问题是网格计算的一个核心问题,而访问控制技术又是网格安全的核心,它在保证网格安全通信过程中起到了至关重要的作用。
首先,进行了访问控制技术的研究,介绍了三种访问控制技术:自主访问控制DAC,强制访问控制MAC和基于角色的访问控制RBAC,并分析了RBAC在网格环境下的适用性,根据现有的RBAC96模型进行改进,将角色细化为用户角色和资源角色两类,提出了基于双重角色的访问控制Dual-RBAC,以更好的适应网格环境。
其次,重点研究了网格项目Globus下的安全基础设施GSI(Grid SecurityInflastructure),分析了GSI的访问控制模型。针对GSI现有访问控制模型的不足之处,提出了一个改进模型——基于AS和RMS的GSI访问控制模型。它将网格虚拟组织划分为多个组织单元,并在模型中加入了授权服务器AS和角色管理服务器RMS,来共同管理对用户访问资源进行授权的过程,提高了访问控制的效率。
最后,设计并实现了一个简单的基于GSI安全机制的网格服务,并且实现了一个客户端测试程序,验证了GSI的安全访问控制机制。
Grid is used to describe a distributed computing architecture which is adapted for advanced science and engineering. It tries to share all of the resources on the Internet, which included computation resources, storage resources, communication resources, software resources, information resources and knowledge resources etc. The grid system is equivalent to a virtual super computer and has strong abilities. It will have a great effect on the humanity and society.
Due to the open and dynamic isomerism condition of grid, the security of a grid system is more important. Grid security is a core issue of grid computation. Control access is the core technology of grid security, and it plays an important role in the process of secure communication under grid systems.
Firstly, the technology of control access is researched. This paper introduces three kinds of control access models: Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC). It also analyzes the applicability of RBAC using in the grid environment. Based on the model of RBAC96, this paper divides the conception of role into user role and resource role, brings forward Dual-RBAC in order to fit grid environment better.
Secondly, Grid Security Infrastructure (GSI) in the Globus project is intensively researched and access control models in GSI are analyzed in this paper. Because there are some deficiencies in the existing access control models of GSI, this paper brings forward an improved model—GSI access control model base on AS&RMS. The improved model divides a grid virtual organization into many organization units and puts an authorization server (AS) and a role management server (RMS) into each organization unit. The two servers manage the authentication and authorization jointly when a user accesses a particular resource. It can improve the efficiency of access control.
Finally, a simple grid service based on the security mechanism of GSI is designed and implemented. The paper also designs a client testing program in order to validate the secure access control mechanism of GSI.
由于网格是一个开放的、动态的异构环境,这使得网格系统的安全性显得尤为重要。网格安全问题是网格计算的一个核心问题,而访问控制技术又是网格安全的核心,它在保证网格安全通信过程中起到了至关重要的作用。
首先,进行了访问控制技术的研究,介绍了三种访问控制技术:自主访问控制DAC,强制访问控制MAC和基于角色的访问控制RBAC,并分析了RBAC在网格环境下的适用性,根据现有的RBAC96模型进行改进,将角色细化为用户角色和资源角色两类,提出了基于双重角色的访问控制Dual-RBAC,以更好的适应网格环境。
其次,重点研究了网格项目Globus下的安全基础设施GSI(Grid SecurityInflastructure),分析了GSI的访问控制模型。针对GSI现有访问控制模型的不足之处,提出了一个改进模型——基于AS和RMS的GSI访问控制模型。它将网格虚拟组织划分为多个组织单元,并在模型中加入了授权服务器AS和角色管理服务器RMS,来共同管理对用户访问资源进行授权的过程,提高了访问控制的效率。
最后,设计并实现了一个简单的基于GSI安全机制的网格服务,并且实现了一个客户端测试程序,验证了GSI的安全访问控制机制。
Grid is used to describe a distributed computing architecture which is adapted for advanced science and engineering. It tries to share all of the resources on the Internet, which included computation resources, storage resources, communication resources, software resources, information resources and knowledge resources etc. The grid system is equivalent to a virtual super computer and has strong abilities. It will have a great effect on the humanity and society.
Due to the open and dynamic isomerism condition of grid, the security of a grid system is more important. Grid security is a core issue of grid computation. Control access is the core technology of grid security, and it plays an important role in the process of secure communication under grid systems.
Firstly, the technology of control access is researched. This paper introduces three kinds of control access models: Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC). It also analyzes the applicability of RBAC using in the grid environment. Based on the model of RBAC96, this paper divides the conception of role into user role and resource role, brings forward Dual-RBAC in order to fit grid environment better.
Secondly, Grid Security Infrastructure (GSI) in the Globus project is intensively researched and access control models in GSI are analyzed in this paper. Because there are some deficiencies in the existing access control models of GSI, this paper brings forward an improved model—GSI access control model base on AS&RMS. The improved model divides a grid virtual organization into many organization units and puts an authorization server (AS) and a role management server (RMS) into each organization unit. The two servers manage the authentication and authorization jointly when a user accesses a particular resource. It can improve the efficiency of access control.
Finally, a simple grid service based on the security mechanism of GSI is designed and implemented. The paper also designs a client testing program in order to validate the secure access control mechanism of GSI.
引文
[1]Ian Foster,Carl Kesselman.The Grid 2 Blueprint for a New Computing Infrastructure,网格计算.第2版.北京:电子工业出版社,2004
[2]徐志伟,冯百明,李伟.网格计算技术.第1版.北京:电子工业出版社,2004
[3]Al Geist,Adam Beguelin,Jack Dongarra.PVM:Parallel Virtual Machine A Users' Guide and Tutorial for Networked Parallel Computing.MIT Press,1994
[4]T.DeFanti,I.Foster,M.Papka,R.Stevens,T.Kuhfuss.Overview of the I-WAY:Wide Area Visual Supercomputing.International Journal of Supercomputer Applications,1996,10(2):123-130.
[5]I.Foster,C.Kesselman.Globus:A Metacomputing Infrastructure Toolkit.International Journal Supercomputer Application,1997,11(2):115-128
[6]Grimshaw A,Wulf W.et al.The Legion Vision of a Worldwide Virtual Computer.Communications of the ACM,1997,40(1)
[7]David De Roure,Mark A.Baker,Nicholas R.Jennings,Nigel R.Shadbol.The Evolution of the Gird.http://www.semanticgrid.org/documents/evolution/evolution.pdf
[8]Ian Foster.What is the Grid? A Three Point Checklist.http://www-fp.mcs.anl.gov/~foster/Articles/WhatIsTheGrid.pdf,2002
[9]都志辉,陈渝,刘鹏.网格计算.第1版.北京:清华大学出版社,2002
[10]I Foster,C Kesselman.Grid Services for Distributed System Integration.Computer,2002,12(1):38-41
[11]I.Foster,H.Kishimoto,A.Savva,D.Berry,A.Djaoui,A.Grimshaw,B.Horn,et al.The Open Grid Services Architecture version 1.0.http://www.gridforum.org/documents/GWD-I-E/GFD-I.030.pdf,2005.
[12]Karl Czajkowski,Donald F Ferguson,Ian Foster,Jeffery Frey,Steve,et al.The WS-Resource Framework Version.1.0.http://www.Globus.org/wsrf/specs/ws-wsrf.pdf,2004
[13]Merike Kaeo,潇湘工作室.网络安全性设计.第1版.北京:人民邮电出版社,2000
[14]徐爱国.网络安全.第1版.北京:北京邮电大学出版社,2004
[15]R Housley,et al.Internet X.509 Public Key Infrastructure Certificate and CRL Profile.RFC 2459,1999
[16]William Stallings.Network Security Essentials Applications and Standards,网络安全基础应用与标准.第2版.北京:中国电力出版社,2004
[17]蔡皖东.网络与信息安全.第1版.西安:西北工业大学出版社,2004
[18]周建.用于网格环境下的认证系统研究.长春:吉林大学,2005
[19]杨国富.计算机网络安全应用基础.第1版.北京:清华大学出版社,2005
[20]Various.Web Service Security.http://www.ibm.com/developerworks/library/specification/ws-secure,2004
[21]Rich Baker,Bob Cowles,Leon Gommans,et al.Conceptual Grid Authorization Framework and Classification.http://www.ggf.org/documents/GFD.38.pdf,2003
[22]Patrick R.A Guide to Understanding Discretionary Access Control In Trusted System.1~(st)ed.US:National Computer Security Center,1987
[23]丁建立.网络安全.第1版.武汉:武汉大学出版社,2007
[24]宁葵.访问控制安全技术及应用.第1版.北京:电子工业出版社,2005
[25]Ferraiolo D,Kuhn R.Role-Based Access Controls.Proceeding of the 15th NIST-NSA National Computer Security Conference,1992:554-563
[26]David F,Ferraiolo,D.Richard,Kuhn,Ramaswamy,Chandramouli.Role-Based Access Control.Artech House,2003
[27]Ravi S.Sandhu,Edward J.Coyne,Hal L.Feinstein,Charles E.Youman.Role-Based Access Control Models.IEEE Computer,1996,29(2):38-47
[28]Sandhu R.Role Activation Hierarchies.Proceedings of 3~(rd)ACM Workshop on Role-Based Access Control,1998
[29]Joshi J BD,Bertino E,Ghafoor A.Temporal Hierarchies and Inheritance Semantics for GTRBAC.Seventh ACM Symposium on Access Control Models and Technologies,2002,74-83
[30]张龙军.网格安全访问控制与安全认证机制研究.上海:上海交通大学,2005
[31]Globus联盟.http://www.globus.org/
[32]Butler,R.,et al.A National-Scale Authentication Infrastructure.IEEE Computer,2000,33(12):60-66
[33]I.Foster,et al.A Security Architecture for Computational Grids.In 5~(th)ACM Conference on Computer and Commtmications Security,1998
[34]T.Dierks,C.Allen.The TLS Protocol Version 1.0.http://www.ietf.org/rfc/rfc2246.txt,1999
[35]The Globus Security Team.Globus Toolkit Version 4 Grid Security Infrastructure:A Standards Perspective.http://www.globus.org/toolkit/docs/4.0/security/GT4-GSI-Overview.pdf,2005.
[36]Security Association Markup Language(SAML)Specification v.1.0.http://www.oasis-open.org/committees/secutiry/
[37]Ian Foster,Carl Kesselman,Steven Tuecke.The Anatomy of the Grid Enabling Scalable Virtual Organizations.Intl J.Supereomputer Application,2001
[38]赵曦滨,郭陟,雍建平.网格计算中面向虚拟组织的多级授权机制研究.计算机科学,2005,(32):129-132
[39]S.Cannon,S.Chan,D.Olson,et al.Using CAS to Manage Role-Based VO Sub-Groups.http://www.globus.org/alliance/publications/papers/CAS-group-CHEP03.pdf,2003
[40]Laura Pearlman,Von Welch,Ian Foster,Carl Kesselman,Steven Tuecke.A Community Authorization Service for Group Collaboration.IEEE Computer,2002
[41]吴毓毅,贺也平.关于网格计算授权机制的研究.计算机应用研究,2005,(8):81-83
[42]刘妍,郭洁,陈克非.认证授权技术在网格中的应用与扩展.计算机工程,2004,(24):44-46
[43]蔡家楣,沈孝栋,裘春熙.用MyProxy改进统一认证服务CAS的网格门户研究.计算机时代,2006,(1):14-16
[44]Novotny J,Tuecke S,Welch V.Online Credential Repository for the Grid:MyProxy.Proceedings of the Tenth International Symposium on High Performance Distributed Computing(HPDC-10).IEEE Press,2001
[45]Jiageng Li,David Cordes.A scalable authorization approach for the Globus grid system.Future Generation Computer Systems,2005,(21):291-301
[46]GT4 Admin Guide.http://www.globus.org/toolkit/docs/4.0/admin/docbook/index.html,2005
[47]Bart Jacob,Michael Brown,Kentaro Fukui,Nihar Trivedi.Introduction to Grid Computing.1~(st)ed.International Business Machines Corporation,2005
[48]Roberto Chinnici,Jean-Jacques Moreau,Arthur Ryman,Sanjiva Weerawarana.Web Services Description Language(WSDL)Version 2.0.http://www.w3.org/TR/2007/REC-wsdl20-20070626/,2007
[49]Globus service build tools,http://gsbt.sourceforge.net/
[2]徐志伟,冯百明,李伟.网格计算技术.第1版.北京:电子工业出版社,2004
[3]Al Geist,Adam Beguelin,Jack Dongarra.PVM:Parallel Virtual Machine A Users' Guide and Tutorial for Networked Parallel Computing.MIT Press,1994
[4]T.DeFanti,I.Foster,M.Papka,R.Stevens,T.Kuhfuss.Overview of the I-WAY:Wide Area Visual Supercomputing.International Journal of Supercomputer Applications,1996,10(2):123-130.
[5]I.Foster,C.Kesselman.Globus:A Metacomputing Infrastructure Toolkit.International Journal Supercomputer Application,1997,11(2):115-128
[6]Grimshaw A,Wulf W.et al.The Legion Vision of a Worldwide Virtual Computer.Communications of the ACM,1997,40(1)
[7]David De Roure,Mark A.Baker,Nicholas R.Jennings,Nigel R.Shadbol.The Evolution of the Gird.http://www.semanticgrid.org/documents/evolution/evolution.pdf
[8]Ian Foster.What is the Grid? A Three Point Checklist.http://www-fp.mcs.anl.gov/~foster/Articles/WhatIsTheGrid.pdf,2002
[9]都志辉,陈渝,刘鹏.网格计算.第1版.北京:清华大学出版社,2002
[10]I Foster,C Kesselman.Grid Services for Distributed System Integration.Computer,2002,12(1):38-41
[11]I.Foster,H.Kishimoto,A.Savva,D.Berry,A.Djaoui,A.Grimshaw,B.Horn,et al.The Open Grid Services Architecture version 1.0.http://www.gridforum.org/documents/GWD-I-E/GFD-I.030.pdf,2005.
[12]Karl Czajkowski,Donald F Ferguson,Ian Foster,Jeffery Frey,Steve,et al.The WS-Resource Framework Version.1.0.http://www.Globus.org/wsrf/specs/ws-wsrf.pdf,2004
[13]Merike Kaeo,潇湘工作室.网络安全性设计.第1版.北京:人民邮电出版社,2000
[14]徐爱国.网络安全.第1版.北京:北京邮电大学出版社,2004
[15]R Housley,et al.Internet X.509 Public Key Infrastructure Certificate and CRL Profile.RFC 2459,1999
[16]William Stallings.Network Security Essentials Applications and Standards,网络安全基础应用与标准.第2版.北京:中国电力出版社,2004
[17]蔡皖东.网络与信息安全.第1版.西安:西北工业大学出版社,2004
[18]周建.用于网格环境下的认证系统研究.长春:吉林大学,2005
[19]杨国富.计算机网络安全应用基础.第1版.北京:清华大学出版社,2005
[20]Various.Web Service Security.http://www.ibm.com/developerworks/library/specification/ws-secure,2004
[21]Rich Baker,Bob Cowles,Leon Gommans,et al.Conceptual Grid Authorization Framework and Classification.http://www.ggf.org/documents/GFD.38.pdf,2003
[22]Patrick R.A Guide to Understanding Discretionary Access Control In Trusted System.1~(st)ed.US:National Computer Security Center,1987
[23]丁建立.网络安全.第1版.武汉:武汉大学出版社,2007
[24]宁葵.访问控制安全技术及应用.第1版.北京:电子工业出版社,2005
[25]Ferraiolo D,Kuhn R.Role-Based Access Controls.Proceeding of the 15th NIST-NSA National Computer Security Conference,1992:554-563
[26]David F,Ferraiolo,D.Richard,Kuhn,Ramaswamy,Chandramouli.Role-Based Access Control.Artech House,2003
[27]Ravi S.Sandhu,Edward J.Coyne,Hal L.Feinstein,Charles E.Youman.Role-Based Access Control Models.IEEE Computer,1996,29(2):38-47
[28]Sandhu R.Role Activation Hierarchies.Proceedings of 3~(rd)ACM Workshop on Role-Based Access Control,1998
[29]Joshi J BD,Bertino E,Ghafoor A.Temporal Hierarchies and Inheritance Semantics for GTRBAC.Seventh ACM Symposium on Access Control Models and Technologies,2002,74-83
[30]张龙军.网格安全访问控制与安全认证机制研究.上海:上海交通大学,2005
[31]Globus联盟.http://www.globus.org/
[32]Butler,R.,et al.A National-Scale Authentication Infrastructure.IEEE Computer,2000,33(12):60-66
[33]I.Foster,et al.A Security Architecture for Computational Grids.In 5~(th)ACM Conference on Computer and Commtmications Security,1998
[34]T.Dierks,C.Allen.The TLS Protocol Version 1.0.http://www.ietf.org/rfc/rfc2246.txt,1999
[35]The Globus Security Team.Globus Toolkit Version 4 Grid Security Infrastructure:A Standards Perspective.http://www.globus.org/toolkit/docs/4.0/security/GT4-GSI-Overview.pdf,2005.
[36]Security Association Markup Language(SAML)Specification v.1.0.http://www.oasis-open.org/committees/secutiry/
[37]Ian Foster,Carl Kesselman,Steven Tuecke.The Anatomy of the Grid Enabling Scalable Virtual Organizations.Intl J.Supereomputer Application,2001
[38]赵曦滨,郭陟,雍建平.网格计算中面向虚拟组织的多级授权机制研究.计算机科学,2005,(32):129-132
[39]S.Cannon,S.Chan,D.Olson,et al.Using CAS to Manage Role-Based VO Sub-Groups.http://www.globus.org/alliance/publications/papers/CAS-group-CHEP03.pdf,2003
[40]Laura Pearlman,Von Welch,Ian Foster,Carl Kesselman,Steven Tuecke.A Community Authorization Service for Group Collaboration.IEEE Computer,2002
[41]吴毓毅,贺也平.关于网格计算授权机制的研究.计算机应用研究,2005,(8):81-83
[42]刘妍,郭洁,陈克非.认证授权技术在网格中的应用与扩展.计算机工程,2004,(24):44-46
[43]蔡家楣,沈孝栋,裘春熙.用MyProxy改进统一认证服务CAS的网格门户研究.计算机时代,2006,(1):14-16
[44]Novotny J,Tuecke S,Welch V.Online Credential Repository for the Grid:MyProxy.Proceedings of the Tenth International Symposium on High Performance Distributed Computing(HPDC-10).IEEE Press,2001
[45]Jiageng Li,David Cordes.A scalable authorization approach for the Globus grid system.Future Generation Computer Systems,2005,(21):291-301
[46]GT4 Admin Guide.http://www.globus.org/toolkit/docs/4.0/admin/docbook/index.html,2005
[47]Bart Jacob,Michael Brown,Kentaro Fukui,Nihar Trivedi.Introduction to Grid Computing.1~(st)ed.International Business Machines Corporation,2005
[48]Roberto Chinnici,Jean-Jacques Moreau,Arthur Ryman,Sanjiva Weerawarana.Web Services Description Language(WSDL)Version 2.0.http://www.w3.org/TR/2007/REC-wsdl20-20070626/,2007
[49]Globus service build tools,http://gsbt.sourceforge.net/