[communities] GGF Proposal Submission
wenbo.mao at hp.com
wenbo.mao at hp.com
Tue Nov 22 05:37:42 CST 2005
proposers_name: Wenbo Mao
affiliation: HP Labs, China
email: wenbo.mao at hp.com
proposed_title: Auditable Grid Authorization from Trusted Computing
session_type: Presentation + Demo
proposed_duration: 90 mins
target_audience: Users and technical experts
num_attendees: 100
abstract: Current Grid security solution, Grid Security Infrastructure, includes a Grid VO authorization mechanism called GridMap. A system administrator at a Grid resource provider (RP) maintains a GridMap file for users in a VO. The GridMap file maps between VO policy and the RP local policy for correct resource utilizations by the VO members. While GridMap files are of great importance in terms of mission-criticalness, integrity and in some cases confidentiality, GSI does not provide protection on these files against the system administrators, and only provide a weak protection against other adversaries.
Trusted Computing, which is an industrial standard technology for platform security, uses a tamper-protection hardware module as an in-platform agent to protect system security. In this talk and an accompanying proof-of-concept demo show we manifest how TC provides an effective, practical yet cryptographically strong protection on the GridMap mechanism, against not only usual adversaries, but also the system administrator in that all actions of an administrator maintaining GridMap files will be documented in an undeniable manner.
synopsis:
tech_requirements:
prereq_participants:
advertise_suggestion:
More information about the communities
mailing list