GRID Security Review

  • Lazaros Gymnopoulos
  • Stelios Dritsas
  • Stefanos Gritzalis
  • Costas Lambrinoudakis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2776)


A Computational GRID is a collection of heterogeneous computing resources spread across multiple administrative domains, serving the task of providing users with an easy access to these resources. Taking into account the advances in the area of high-speed networking, but also the increased computational power of current micro-processors, Computational GRIDs or meta-systems have gradually become more popular. However, together with the advantages that they exhibit they are also contributing to several problems associated with the design and implementation of a secure environment. The conventional approach to security, that of enforcing a single, system-wide policy, cannot be applied to large-scale distributed systems. This paper analyzes the security requirements of GRID Computing and reviews a number of security architectures that have been proposed. Furthermore, these architectures are evaluated in terms of addressing the major GRID security requirements that have been identified.


Security Requirement Certification Authority Grid Service Security Architecture Method Invocation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the GRID. Enabling Scalable Virtual Organizations. International J. Supercomputer Applications 15(3) (2001)Google Scholar
  2. 2.
    Foster, I., Kesselman, C.: The GRID: Blueprint for a Future Computing Infrastructure. Morgan Kaufman, San Francisco (1999)Google Scholar
  3. 3.
    Johnston, W.E., Jackson, K.R., Talwar, S.: Overview of security considerations for computational and data GRIDs. In: Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing (2001)Google Scholar
  4. 4.
    Nagaratnam, N., Janson, P., Dayka, J., Nadalin, A., Siebenlist, F., Welch, V., Foster, I., Tuecke, S.: The Security Architecture for Open GRID Services. Technical Paper, Open GRID Service Architecture Security Working Group (OGSA-SEC-WG) (July 2002)Google Scholar
  5. 5.
    Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational GRID. In: The Proceedings of the 5th ACM Conference on Computer and Communications Security Conference, pp. 83–92 (1998)Google Scholar
  6. 6.
    Chapin, S., Wang, C., Wulf, W., Knabe, F., Grimshaw, A.: A New Model of Security for Metasystems. Future Generation Computer Systems 15(5–6), 713–722 (1999)CrossRefGoogle Scholar
  7. 7.
    Ferrari, A., Knabe, F., Humphrey, M., Chapin, S., Grimshaw, A.: A Flexible Security System for Metacomputing Environments. Technical Report CS-98-36, Department of Computer Science, University of Virginia (December 1998)Google Scholar
  8. 8.
    Butler, R., Engert, D., Foster, I., Kesselman, C., Tuecke, S., Volmer, J., Welch, V.: A National- Scale Authentication Infrastructure. IEEE Computer 33(12), 60–66 (2000)Google Scholar
  9. 9.
    Tuecke, S.: GRID Security Infrastructure Roadmap. In: Internet Draft (February 2001)Google Scholar
  10. 10.
    van Steen, M., Homburg, P., Tanenbaum, A.S.: Globe: A Wide-Area Distributed System, pp. 70–78. IEEE Concurrency, Los Alamitos (1999)Google Scholar
  11. 11.
    Popescu, B.C., van Steen, M., Tanenbaum, A.S.: A Security Architecture for Object-Based Distributed Systems. In: The Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas, NV ( December 2002)Google Scholar
  12. 12.
    Vahdat, A., Anderson, T., Dahlin, M., Culler, D., Belani, E., Eastham, P., Yoshikawa, C.: WebOS: Operating System Services For Wide Area Applications. In: The Seventh IEEE Symposium on High Performance Distributed Computing (July 1998)Google Scholar
  13. 13.
    Belani, E., Vahdat, A., Anderson, T., Dahlin, M.: The CRISIS Wide Area Security Architecture. In: The Proceedings of the 1998 USENIX Security Symposium (January 1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Lazaros Gymnopoulos
    • 1
  • Stelios Dritsas
    • 2
  • Stefanos Gritzalis
    • 1
  • Costas Lambrinoudakis
    • 1
  1. 1.Department of Information and Communication Systems EngineeringUniversity of the AegeanSamosGreece
  2. 2.Department of InformaticsAthens University of Economics and BusinessAthensGreece

Personalised recommendations