Article Preview
TopIntroduction
In the last years, a huge amount of scientific computations has been performed on the Grid, thus addressing the always increasing demand for computational and storage power, and offering an infrastructure available to the scientists 24 hours-a-day. The geographically spread resources of Grid can be virtually exploited as a traditional computing system by means of a specific middleware that hides much of the complexity, giving the user impression that all the resources are available as a coherent computer center (Foster, Kesselman, & Tuecke, 2001).
Both gLite (The Enabling Grids for E-sciencE project: http://ssicilia.unime.it/, 2009) and security. We focus on this latter aspect, proposing both an encrypted file storage and a user credential management system, based on smart card devices and crypto-tokens. This article aims to build an additional security layer on top of the existing security infrastructure: the integrations involve accounting mechanisms on the User Interface1 (UI), storage encryption on the Storage Elements2 (SE) and data computing on the Worker Nodes3 (CE).
According to the existing authentication mechanisms of gLite, both the user X.509 certificate (i.e. the RSA public key together with the related user identity) and the related RSA private key are stored on the UI home directory on two different files: the first one contains the public key and the related user credentials while the second one holds the user private key. Both files are encoded using the Privacy Enhancement for Internet Electronic Mail (PEM) format (Linn, 1993). Thus, the user private key plays a crucial role and the fact it is stored on the file system implies that it could be potentially stolen and then employed by insider attackers (e.g. malicious system administrator). According to the traditional GSI authentication model, in order to gain access to a grid resource, a user has to employ his own RSA key-pair for generating a temporary proxy certificate (Tuecke, Welch, Engert, Pearlman, & Thompson, 2004). Once this latter is generated, it has to be digitally signed (Brincat, 2001) through the RSA private key associated to the user himself.