Threat Analysis and Attacks on XtreemOS: a Grid–enabled Operating System
We perform a preliminary threat analysis on a grid–enabled operating system, namely XtreemOS, in this paper. While currently under development, XtreemOS aims to provide native Virtual Organisation support in a secure and dependable manner. We investigate security within the XtreemOS architecture by identifying the security requirements and objectives. Further, we list assets within the system that need protection and detail attacks using the attacker tree methodology. At the end, we describe a specific attack on the overall XtreemOS–supported architecture using an attacker tree. Analysis of this nature will help in generating a number of test cases for testing an early prototype of XtreemOS and provide assurance to the security of the XtreemOS system.
KeywordsGrid System Security Requirement Intrusion Detection System Attack Tree Security Objective
Unable to display preview. Download preview PDF.
- Grid Security Infrastructure http://www.globus.org/security/overview.html.
- C. Morin. XtreemOS: a Grid Operating System Making your Computer Ready for Participating in Virtual Organizations. 10th IEEE Intl. Symposium on Object-oriented Real-time distributed Computing (ISORC 2007) - to appear.Google Scholar
- P. Padala, GridOS, http://www.eecs.umich.edu/ppadala/research/gridos/
- Legion Project, http://legion.virginia.edu/index.html
- S. Naqvi and M. Riguidel. Threat model for grid security services. LNCS. Volume 3470 pp. 1048-1055, 2005.Google Scholar
- Demchenko Y., Web Services and Grid Security Vulnerabilities and Threats Analysis, EGEE JRA3 Technical document.Google Scholar
- V. Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman, S. Tuecke. Security for Grid Services. Proceedings of HPDC-12, pp. 48-57, IEEE Press, 2003.Google Scholar
- I. Foster, C. Kesselman, G. Tsudik, S. Tuecke. A Security Architecture for Computational Grids. Proceedings of the 5th ACM Conference on Computer and Communications Security Conference, pp. 83-92, 1998.Google Scholar
- R. Alfieri, R. Cecchini, V. Ciaschini, L. dell’Agnello, A. Frohner, K. Lrentey, and F. Spataro. From gridmap-file to VOMS: managing authorization in a Grid environment. Future Generation Computing Systems. Volume 21(4), pp. 549-558, ACM Press, 2005.Google Scholar