Skip to main content
SpringerLink
Log in

Building Trusted Sub-domain for the Grid with Trusted Computing

  • Conference paper
Information Security and Cryptology (Inscrypt 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4990))

Included in the following conference series:

  • 598 Accesses

Abstract

The Grid is all about collaboration, which is supported by dynamic, multi-institutional virtual organizations (VO). The fact that Grid users and resource providers often suffer from attacks outside or inside the VO make it necessary to build a trusted sub-domain. The TCG (Trusted Computing Group) proposes Trusted Computing (TC) to enhance users’ trust on today’s open architecture platforms by adding a tamper-resistant hardware module called Trusted Platform Module (TPM) to the end system. In this paper, we propose and design an open-source security system based on Linux and TPM hardware to extend the trust on the platform to the Grid environment, and hereby provide sharing of trusted environment. Especially, we demonstrate how to build a trusted sub-domain for the Grid with our system by using trusted attestation and migration based on the TC.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the Grid: Enabling scalable virtual organizations. International Journal of High Performance Computing Applications 15(3), 200–222 (2001)

    Article  Google Scholar 

  2. Novotny, J., Tueke, S., Welch, V.: An Online Credential Repository for the Grid: MyProxy. In: Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC-10), IEEE Press, Los Alamitos (2001)

    Google Scholar 

  3. Lorch, M., Basney, J., Kafura, D.: A Hardware-secured Credential Repository for Grid PKIs. In: 4th IEEE/ACM International Symposium on Cluster Computing and the Grid (April 2004)

    Google Scholar 

  4. Smith, S.W., Dengguo, F., Zhen, X., Liwu, Z.: Trans. Trusted Computing Platforms: Design and Applications, pp. 14–15. Tsing Hua University Press, Beijing (in Chinese) (2006)

    Google Scholar 

  5. Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and Implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 11th USENIX Security Symposium (August 2004)

    Google Scholar 

  6. Dyer, J., Lindemann, M., Perez, R., Sailer, R., Smith, S.W., van Doorn, L., Weingart, S.: Building the IBM 4758 Secure Coprocessor. IEEE Computer 34, 57–66 (2001)

    Google Scholar 

  7. Smith, S.: Outbound Authentication for Programmable Secure Coprocessors. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 72–89. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: Proceedings of the 19th Symposium on Operating Systems Principles (SOSP 2003), pp. 164–177 (2003)

    Google Scholar 

  9. Trusted Computing Research Group. Open Grid Forum, http://forge.gridforum.org/projects/tc-rg/

  10. Globus Toolkit 4, http://www-unix.globus.org/toolkit/

  11. Open Grid Forum. Overview of the GSI, http://www.globus.org/security/overview.html/

  12. OpenSSL, http://www.openssl.org/

  13. Trusted Computing Group, TCG Specification Architecture Overview (April 2004), http://www.trustedcomputinggroup.org/specs/IWG/TCG_1_0_Architecture_Overview.pdf

  14. Trusted Computing Group, TPM Main: Part 1 Design Principles (March 2006), http://www.trustedcomputinggroup.org/specs/TPM/Main_Part1_Rev94.zip

  15. Trusted Computing Group, TCG Infrastructure Working Group Reference Architecture for Interoperability (June 2005), http://www.trustedcomputinggroup.org/groups/infrastructure/IWG_Architecture_v1_0_r1.pdf

  16. Trusted Computing Group, TSS_Version_1.2_Level_1_FINAL (January 2006), http://www.trustedcomputinggroup.org/specs/TSS/TSS_Version_1.2_Level_1_FINAL.pdf

  17. Watson Research I.B.M - Global Security Analysis Lab: TCPA Resources (April 2006), http://sourceforge.net/projects/trousers

  18. LaGrande Technology Architectural Overview (September 2003), http://www.intel.com/technology/security/

  19. Microsoft, Next-Generation Secure Computing Base home page, http://www.microsoft.com/resources/ngscb

  20. IBM Integrity Measurement Architecture (March 2007), http://sourceforge.net/projects/linux-ima

  21. Smith, M., Friese, T., Engel, M., Freisleben, B.: Countering security threats in service-oriented on-demand grid computing using sandboxing and trusted computing techniques. Journal of Parallel and Distributed Computing 66(9), 1189C1204 (2006)

    Article  MATH  Google Scholar 

  22. Sailer, R., Jaeger, T., Zhang, X., van Doorn, L.: Attestationbased policy enforcement for remote access. In: Proceedings of the 11th ACM conference on Computer and communications security (CCS 2004), pp. 308–317. ACM Press, New York (2004)

    Chapter  Google Scholar 

  23. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Wuhan University, Wuhan, 430079, China

    Jing Zhan & Fei Yan

  2. State Key Lab of Software Engineering, (Wuhan University), Wuhan, 430072, China

    Huanguo Zhang

Authors
  1. Jing Zhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huanguo Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fei Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Dingyi Pei Moti Yung Dongdai Lin Chuankun Wu

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhan, J., Zhang, H., Yan, F. (2008). Building Trusted Sub-domain for the Grid with Trusted Computing. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds) Information Security and Cryptology. Inscrypt 2007. Lecture Notes in Computer Science, vol 4990. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79499-8_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-79499-8_36

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-79498-1

  • Online ISBN: 978-3-540-79499-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation