Skip to main content
SpringerLink
Log in
Book cover

Building a National Distributed e-Infrastructure–PL-Grid pp 128–141Cite as

Security Best Practices: Applying Defense-in-Depth Strategy to Protect the NGI_PL

  • Chapter

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7136))

Abstract

The role of security in modern IT systems is continuously growing. Large infrastructures have to be protected against sophisticated attacks on organizational, technical and logical levels. Achieving sufficient security level becomes even more difficult for distributed and, often, heterogeneous environments that involve valuable assets and data – like grids. The main goal of the work described within this paper is to provide maximum level of protection against network attackers to the PL-Grid – Polish National Grid Initiative – infrastructure.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. National Data Storage Project, http://nds.psnc.pl

  2. Research projects of WCNS, http://www.wcss.wroc.pl//english/r.php

  3. Liferay portal multiple vulnerabilities. Secunia Advisory SA28742 (February 2008), http://secunia.com/advisories/28742

  4. Liferay portal script insertion and jsp code execution vulnerabilities. Secunia Advisory SA38088 (January 2010), http://secunia.com/advisories/38088

  5. Adamski, M., Frankowski, G., Jerzak, M., Stokłosa, D., Rzepka, M.: Defense in depth strategy – a use case scenario of security a virtual laboratory (2011)

    Google Scholar 

  6. Balcerek, B., Kosicki, G., Smutnicki, A., Teodorczyk, M.: Zalecenia bezpieczeństwa dotyczące instalacji klastrów lokalnych v0.95 (2010)

    Google Scholar 

  7. Balcerek, B., Szurgot, B., Uchroński, M., Waga, W.: ACARM-ng – Next Generation Correlation Framework. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 114–127. Springer, Heidelberg (2012)

    Google Scholar 

  8. Brzeźniak, M., Jankowski, G., Meyer, N.: National Data Storage 2 – Secure sparing, publishing and exchanging data (February 2011), http://www.terena.org/activities/tf-storage/ws10/slides/20110204-nds2.pdf

  9. Center for Internet Security, http://www.cisecurity.org/

  10. Domeny.pl, CertytfikatySSL.pl: Bezpieczeństwo zakupów w polskich serwisach internetowych, p. 10 (2011), https://certyfikatyssl.pl/resources/bezpieczenstwo_zakupow_w_polskich_e-sklepach_raport.pdf

  11. EUGridPMA (2010), http://www.eugridpma.org

  12. EuGridPMA: Authentication Profile for Classic X.509 Public Key Certification Authorities with secured infrastructure (2010)

    Google Scholar 

  13. Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants, p. 12

    Google Scholar 

  14. Frankowski, G., Rzepka, M.: SARA – System for Inventory and Static Security Control in a Grid Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 102–113. Springer, Heidelberg (2012)

    Google Scholar 

  15. Herman, S., Lambert, S., Ostwald, T., Shostack, A.: Thread modeling – uncover security design flaws using the STRIDE approach. MSDN Magazine (November 2006)

    Google Scholar 

  16. Howard, M., LeBlanc, D.: Writing secure code, p. 347. Microsoft Press (2002)

    Google Scholar 

  17. IGTF: IGTF One Statement Certificate Policies (2011), http://www.eugridpma.org/guidelines/1scp

  18. IGTF: International Grid Trust Federation, version 1.1 (2011), http://www.igtf.net/new-doc/IGTF-Federation-20051005-1-igtf.pdf

  19. Institute for Security and Open Methodologies, http://www.isecom.org/osstmm/

  20. Jain, N., Swaminathan, B.: Agile overview – embrace uncertainty, http://www.slideshare.net/nashjain/agile-overview

  21. Krakowian, M.: Procedura rejestracji użytkowników v1.0.1 (2010)

    Google Scholar 

  22. Kuczyński, T., Nowak, T.: Conference i3, badania poziomu bezpieczeństwa portalu dostępowego do infrastruktury PL-Grid (December 2010)

    Google Scholar 

  23. McConnell, S.: Code Complete – A Practical Handbook of Software Construction, 2nd edn. Microsoft Press (2004)

    Google Scholar 

  24. Meier, J., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R., Murukan, A.: Improving web application security: Threats and countermeasures. MSDN Magazine (June 2003)

    Google Scholar 

  25. Odlyzko, A.: Economics, psychology and sociology of security (2003)

    Google Scholar 

  26. United States Government Accountability Office. Information assurance – national partnership offers benefits, but faces considerable challenges. Tech. rep. (March 2006)

    Google Scholar 

  27. Open Information Systems Security Group, http://www.oissg.org/issaf/

  28. PL-Grid: Introduction to PL-Grid project, http://www.plgrid.pl/en/project/introduction

  29. Polish Grid CA (2010), http://www.man.poznan.pl/plgrid-ca/

  30. Portal (2010), http://www.portal.plgrid.pl/

  31. PricewaterhouseCoopers: Information security breaches survey 2010 – technical report, p. 2, http://www.infosec.co.uk/files/isbs_2010_technical_report_single_pages.pdf

  32. National Institute of Standards and Technology: Standards for Security Categorization of Federal Information and Information Systems (February 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. WCSS, Wrocław University of Technology, Poland

    Bartłomiej Balcerek, Agnieszka Kwiecień, Adam Smutnicki & Marcin Teodorczyk

  2. Poznań Supercomputing and Networking Center, Institute of Bioorganic Chemistry of the Polish Academy of Sciences, Poland

    Gerard Frankowski

Authors
  1. Bartłomiej Balcerek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerard Frankowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Agnieszka Kwiecień
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Adam Smutnicki
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Marcin Teodorczyk
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Marian Bubak Tomasz Szepieniec Kazimierz Wiatr

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Balcerek, B., Frankowski, G., Kwiecień, A., Smutnicki, A., Teodorczyk, M. (2012). Security Best Practices: Applying Defense-in-Depth Strategy to Protect the NGI_PL. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds) Building a National Distributed e-Infrastructure–PL-Grid. Lecture Notes in Computer Science, vol 7136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28267-6_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28267-6_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28266-9

  • Online ISBN: 978-3-642-28267-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation