Security for grid-based computing systems issues and challenges

Grid systems were initially developed for supporting scientific computations. Today, companies, users and researchers are looking at ways to use the Grid approach to commercial uses and for applications in many different areas. Security in grid systems however has not been much addressed and yet is an important prerequisite to really make grid systems usable in a variety of commercial applications.The goal of this panel is to explore relevant security issues, with special emphasis on access control, for grid-based computing systems. The panel will discuss security requirements that are specific to grid-based systems and set these systems apart from conventional distributed systems, and outline directions for future research. Questions addressed by the panel include the following ones:

• What needs to be protected in a grid system: hosts, resources, data, computations?

• Access control languages and policies: do we need ad-hoc languages for specifying access control policies for grid hosts? If so, which would be the most relevant and features of these languages?

• User requirements: different grid hosts may provide different levels of security. How can a user specify his/her security requirements when running computations? Which assurance has the user that his/her own requirements have been met?

• Scalability and evolution: grid computing systems may encompass a very large number of nodes (hundreds or even thousands). Moreover, they can be quite dynamic with hosts and clients dynamically joining and leaving. How can we design scalable access systems able to cope with the required dynamicity?