1. The goals of security are threefold :
first, prevention – prevent attackers from violating security policy;
secondly detection – detect attackers’ violation of security policy;
finally recovery – stop an attack, assess and repair damage, and continue to function
correctly even if the attack succeeds
Recovery means that the system continues to function correctly, possibly after a
period of degraded operation. Such systems are said to be intrusion tolerant.
recovery means that the attack is stopped and the system fixed.
This may involve shutting down the system for some time, or making it unavailable to
all users except those fixing the problem, and then the system
resumes correct operation.
2. The three classic security concerns of information security
deal principally with data, and are:
• Confidentiality: Data is only available to those who are authorized;
• Integrity: Data is not changed except by controlled processes;
• Availability: Data is available when required.
Additional concerns deal more with people and their actions:
• Authentication: Ensuring that users are who they say they are;
• Authorization: Making a decision about who may access data or
• Assurance: Being confident that the security system functions
• Non-repudiation: Ensuring that a user cannot deny an action;
• Auditability: Tracking what a user did to data or a service.
Other security concerns relate to:
• Trust: People can justifiably rely on computer-based systems to perform critical
functions securely, and on systems to process, store and communicate sensitive
• Reliability: The system does what you want, when you want it to;
• Privacy: Within certain limits, no one should know who you are or what you do.
Confidentiality is aimed at different issues. The content of a packet during a
communication has to be secure to prevent malicious users from stealing the data. In
order to prevent unauthorized users retrieving secret information, a common approach
is to encrypt data from the sender before sending to the receiver. On the receiving
end, the receiver can extract the original information by decrypting the encrypted text.
Hence, confidentiality of data transmission is closely related to application of
different encryption algorithms.
Integrity is the protection of data from modification by unauthorized users. This is not
the same as data confidentiality. Data integrity requires that no unauthorized users can
change or modify the data concerned. For example, you want to broadcast a message
to the public, which is definitely not confidential to anyone. You have to ensure the
data integrity of your message from modification by unauthorized people. In this
instance, you may have to stamp or add your signature to certify the message.
The term “availability” addresses the degree to which a system, sub-system or
equipment is operable and in a usable state.
Authentication implies ensuring the right user executes the granted services or the
origin of the data was from the real sender. There are a large number of techniques
that may be used to authenticate a user – passwords, biometric techniques, smart cards
Authorization is often a first step towards providing the service of authentication.
Authorization enables the decision to allow a particular operation when a request to
perform the operation is received
Assurance is the counterpart to authorization. Authorization mechanisms allow the
provider of a service to decide whether to perform an operation on behalf of the
requester of the service. Assurance mechanisms allow the requester of a service
to decide whether a candidate service provider meets the requesters’ requirements for
security, trustworthiness, reliability or other characteristics
Assurance mechanisms can be implemented through certificates. certificates are
checked as a client selects the providers to contact for particular operations.
Nonrepudiation means that it can be verified that the sender and the recipient were, in
fact, the parties who claimed to send or receive the message, respectively.
Auditability is about keeping track of what is happening on a system. The idea is that
if there is an intrusion, then the system operator can find out exactly what has been
done and in whose name.
3 . CRYPTOGRAPHY
Cryptography is the most commonly used means of providing security; it can be used
to address four goals:
• Message confidentiality: Only an authorized recipient is able to extract the contents
of a message from its encrypted form;
• Message integrity: The recipient should be able to determine if the message has been
altered during transmission;
• Sender authentication: The recipient can identify the sender, and verify that the
purported sender did send the message;
• Sender non-repudiation: The sender cannot deny sending the message.
3.1 Symmetric cryptosystems
Using symmetric (conventional) cryptosystems, data is transformed (encrypted) using
an encrypted key and scrambled in such a way that it can only be unscrambled
(decrypted) by a symmetric transformation using the same encryption key. Besides
protecting the confidentiality of data, encryption also protects data integrity.
Encrypt The Internet Decrypt with
Figure 4.1 Symmetric key cryptography
3.2 Asymmetric cryptosystems
In asymmetric cryptography, encryption and decryption are performed using a pair of
keys such that knowledge of one key does not provide knowledge of the other key in
the pair. One key, called the public key, is published, and the other key, called the
private key, is kept private. The main advantage of asymmetric cryptography is that
secrecy is not needed for the public key
3.3 Digital signatures
Integrity is guaranteed in public-key systems by using digital signatures,
which are a method of authenticating digital information, in the same manner that an
individual would sign a paper document to authenticate it. A digital signature is itself
a sequence of bits conforming to one of a number of standards.
Most digital signatures rely on public-key cryptography to work.
Consider a scenario, where someone wants to send a message to another and prove its
originator, but does not care whether anybody else reads it. In this case, they send an
encrypted copy of the message, along with a copy of the message encrypted with their
private (not public) key. A recipient can then check whether the message really came
from originator by unscrambling the scrambled message with the sender’s public key
and comparing it with the unscrambled version. If they match, the message was really
from the originator, because the private key was needed to create the encrypted copy
and no one but the originator has it. Often, a cryptographically strong hash function
 is applied to the message, and the resulting message digest is encrypted instead of
the entire message, which makes the signature significantly shorter than the message
and saves considerable time since hashing is generally much faster, byte for byte, than
A firewall is a hardware or software component added to a network to prevent
communication forbidden by an organization’s administrative policy. Two types of firewalls
are generally found, traditional and personal. A traditional firewall is typically a dedicated
network device or computer positioned on the boundary of two or more networks. This type
of firewall filters all traffic entering or leaving the connected networks, a personal firewall is
a software application that can filter traffic entering or leaving a single computer.
There are some of the standard protocols and mechanisms used in grid computing
systems. These are public key infrastructure, Secure Socket Layer (SSL), Kerberos,
and IP security .
1 - Public Key Infrastructure
An infrastructure which supports the public key based authentication and encryption
is called the Public Key Infrastructure (PKI). As the name suggests, each entity user
in the PKI environment possesses a public and a corresponding private key. At the
heart of the PKI lies the concept of certificates, which are used to validate the user
and the public key associated with the user, and Certification Authority (CA), who
issue these certificates.
Public Key Infrastructure (PKI) refers to the software that manages certificates in a
Public key Certificates
Certificates are credentials of a specific user containing the user details which is
signed by the CA.
Other words, A public-key certificate is a file that contains a public key, together with
identity information, such as a person’s name, all of which is signed by a Certification
Authority (CA). The CA is a guarantor who verifies that the public key belongs to the
Different types of certificates are available. The most popular and commonly used
certificate format is called X.509 format .
Certification Authority (CA)
The CA exists to provide entities which are trusted by different systems and which
they can use to access resources in a secure way.
The CAs are responsible for certifying the public keys of different users who
subscribe to the CA.
Its role is to issue (create and sign) certificates, make the valid certificates publicly
accessible, revoke certificates when necessary and regularly issue revocation lists.
The CA must also keep records of all its transactions.
2 - Secure Socket Layer (SSL)
One of the most popular protocols to secure the transport layer is called the Secure
Socket Layer (SSL), whose newer versions are called Transport Layer Security (TLS)
. SSL/TLS works on top of Transport Layer Protocol (TCP), and provides
security in managing sessions over the transport channel.
3 - Kerberos
Kerberos  is a secret key based mechanism for providing authentication in the
Kerberos consists of a Key Distribution Center (KDC) which runs on a secure node,
in the network. The KDC is composed of basically two components: the Ticket
Granting Server (TGS) and the Authenticating Server (AS). Kerberos was designed to
provide authentication between two entities who are trying to communicate on an
4 - IP Security (IPSec)
The IPSec [22,23] is a method proposed to solve the attacks mentioned. IPSec that
enables it to support a variety of application scenarios is that it can encrypt or
authenticate all traffic at the IP level. Thus, all distributed applications, including
remote login, client/server, e-mail, file transfer, Web access, and so on, can be
1 The Grid Security Infrastructure (GSI)
Grid security is based on what is known as the Grid Security Infrastructure (GSI) (Figure 4.3),
which is now a Global Grid Forum (GGF) standard [6, 7]. GSI is a set of tools, libraries, and
protocols used in Globus, and other grid middleware, to allow users and applications to access
GSI is based on a Public Key Infrastructure, with certificate authorities and X.509 certificates.
• A public-key system;
• Mutual authentication through digital certificates;
• Credential delegation and single sign-on.
Proxies and delegation (GSI
extensions) for secure single sign-on
Layer (SSL) for
and message protection
Proxies and delegation
credentials PKI (CAs and SSL / TLS
Figure The Grid Security Infrastructure
Grid Security Taxonomy
Grid computing is an interesting and a high potential solution for most
enterprises. However, security is one of the major impediments in
widespread grid adoption. a high level taxonomy of the grid systems has
been provided. Figure 1. shows the categorization of the different
security issues in a grid. The grid security issues can be categorized into
three main categories: architecture related issues, infrastructure related
issues, and management related issues.
Fig. 1. Taxonomy of grid security issues
Architecture Related Issues
These issues address concerns pertaining to the architecture of the grid.
Similar to car pooling, where we were concerned about our cassettes and
CDs, users of the grid are concerned about the data processed by the grid
and hence there is a requirement to protect the data confidentiality and
integrity, as well as user authentication. We categorize these requirements
under information security. Similarly, resource level authorization is a
critical requirement for grid systems. Finally, there are issues where users
of the grid system may be denied the service of the grid or the Quality-of-
Service (QoS) is violated. These fall under the purview of service level
Infrastructure Related Issues
These issues relate to the network and host components which constitute
the grid infrastructure. Host level security issues are those issues that
make a host apprehensive about affiliating itself to the grid system. The
main sub issues here are: data protection, job starvation, and host
A grid involves running alien code in the host system. Therefore, the
host can be apprehensive about the part of the system which contains
important data. Similarly, a host can also be concerned about the jobs that
it is running locally. The external jobs should not reduce the priority of
the local jobs, and hence lead to job starvation. Similarly, if the host is a
server, it can be concerned about its own availability. There should be
mechanisms to prevent the system from going down resulting in denial
of- service to the clients attached to the host.
Management Related Issues
The third set of issues pertains to the management of the grid. Managing
credentials is absolutely important in grid systems because of the
heterogeneous nature of the grid infrastructure and applications. Like any
distributed system, managing trust is also critical and falls under the
purview of management related issues. Similar to the car pooling case
where monitoring of gas was mandated, grid systems also require some
amount of resource monitoring for auditing purposes. Much of the
information obtained from the monitoring systems is fed back to higher
level systems like intrusion detection and scheduling systems.
Architecture Related Issues
Architecture level issues address the concern of the grid system as a
Issues like Information security, authorization, and service level security
generally destabilize the whole system and hence an architecture level
solution is needed to prevent those.
information security is defined as the security related to the information
exchanged between different hosts or between hosts and users. The
concerns at the information security level of the grid can be broadly
described as issues pertaining to secure communication, authentication,
and issues concerning single sign on and delegation.
Secure communication issues include those security concerns that arise
during the communication between two entities. These include
confidentiality and integrity issues. Confidentiality indicates that all data
sent by users should be accessible to only “legitimate” receivers, and
integrity indicates that all data received should only be sent/modified by
“legitimate” senders. There are also issues related to authentication,
where the identities of entities involved in the overall process can be
accurately asserted. These are critical issues in all areas of computing and
communication and become exceedingly critical in grid computing
because of the heterogeneous and distributed nature of the entities
involved there. In addition to the secure communication features users are
also concerned about single sign on capability provided by the grid
computing infrastructure. In single sign on the authentication is done
The information security issues exist in all fields of computing and
communications and have been studied for quite some time. In the grid
computing area, the researchers and practitioners have come together to
create the Global Grid Forum (GGF) (now called OGF). They have
released an open standard called Open Grid Standards Architecture
There is a Grid Security Infrastructure (GSI) layer of OGSA which
addresses most of the information security challenges mentioned above.
Solutions to Information Security Issues
The Grid Security Infrastructure (GSI), developed independently and
later integrated as part of the OGSA standards, addresses all the stated
architectural concerns. GSI is based on proven standards such as public
key encryption, X.509 certificates, and the Secure Sockets Layer (SSL)
and enables secure authentication and communication over computer
networks. The latest version of the GSI based on Globus Toolkit 4.0 also
allows Web services based security.
Secure Communication: The GSI uses public key cryptography,
as the basis for creating secure grids and SSL/TLS for data encryption.
In public key cryptography, the entities generate public/private key pairs
based on some cryptographically secure mathematical function. A
message when encrypted by the public key can only be decrypted by the
private key corresponding to the public key. The public keys are known
Authentication: A central concept in GSI authentication is the
certificate. Every user and service on the grid is identified via a
certificate, which contains information vital to identifying and
authenticating the user or service.
Single Sign on and Delegation: The GSI provides a single sign on and
delegation capability, which reduces the number of times the user must
enter his/her pass phrase when multiple resources are used, which is
common in a grid scenario. This is done by creating a proxy. A proxy
consists of a new certificate (with a new public key in it) and a new
private key. The new certificate contains the owner's identity, modified
slightly to indicate that it is a proxy.
The new certificate is signed by the owner, rather than a Certification
Authority (CA). The certificate also includes a time notation
after which the proxy should no longer be accepted by others.
Another important security issue is that of authorization. Like any
resource sharing system, grid systems also require resource specific and
system specific authorizations. It is particularly important for systems
where the resources are shared between multiple departments or
organizations, and department wide resource usage patterns are pre-
defined. Each department can internally have user specific resource
authorization also. The authorization systems can be mainly divided into
two categories: VO Level Systems and Resource Level Systems. Virtual
Organization or VO level systems have a centralized authorization system
which provides credentials for the users to access the resources. Resource
level authorization systems, on the other hand, allow the users to access
the resources based on the credentials presented by the users.
Grid Authorization Solutions
Several authorization systems can be applied to the grid context.
VO Level Systems: VO level grid authorization systems are centralized
authorization for an entire Virtual Organization (VO).
These types of systems are necessitated by the presence of a VO which
has a set of users, and several Resource Providers (RP) who own the
resources to be used by the users of the VO. Whenever a user wants to
access certain resources owned by a RP, he/she obtains a credential from
the authorization system which allows certain rights to the users. The user
presents the credentials to the resource to gain access to the resource. In
this type of systems, the resources hold the final right in allowing or
denying the access to the users. Examples of VO level grid authorization
systems are Community Authorization Service (CAS) Virtual
Organization Membership Service (VOMS), and Enterprise
Authorization and Licensing System (EALS).
Resource Level Systems: Unlike the VO level authorization systems,
which provide a consolidated authorization service for the virtual
organization, the resource level authorization systems implement
the decision to authorize the access to a set of resources.
Therefore, VO level and resource level authorization systems look
at two different aspects of the grid authorization.
One of the most important security threats existing in any infrastructure is
the malicious service disruption created by adversaries. Many such
examples exist in the Internet space where servers and networks are
brought down by a huge amount of network traffic and users are denied
the access to a certain Internet based service. Since grid computing
deployment has not reached the “critical mass” yet, the service level
attacks are also currently nonexistent. However, with the grid computing
poised for a huge growth in the next few years, this area should be looked
upon with utmost concern by the grid security experts. The grid service
level security issues can be further subdivided into two main types: QoS
Violation Issues and Denial-of-Service (DoS) related issues. The first
issue is about the forced QoS violation by the adversary through
congestion, delaying or dropping packets, or through resource hacking.
The second one is more dangerous where the access to a certain service is
Solutions to Service Attacks
It is to be noted that the DoS attacks and QoS violation attacks are
research topics for researchers in the areas of networks, services, and
DoS Solutions: The solutions proposed for Denial-of-Service
(DoS) attacks can be categorized into mainly two types: preventive
solutions and reactive solutions. Preventive solutions try to prevent
the attack from taking place by taking precautionary measures. Reactive
solutions, on the other hand, react to a DoS attack and are generally used
to trace the source of the attack. Some examples of preventive solutions
are filtering, throttling, location hiding, and intrusion detection. Examples
reactive solutions include logging, packet marking, Link testing, and
QoS Violation: This is an active area of research and several
architecture and solutions have been proposed. Most of these solutions
rely on some amount of monitoring and metering systems which try to
detect the QoS levels of the systems and then make decisions to raise the
alarms. The WATCHERS project is an example of such a system.
Infrastructure Related Issues
A grid infrastructure consists of grid nodes and the
communication network. The security issues related to the grid
infrastructure are also of paramount importance.
Host Security Issues
Host level security issues are those issues that make a host apprehensive
about affiliating itself into the grid system. The main sub issues here are:
data protection and job starvation. Whenever a host is affiliated to the
grid, one of the chief concerns is regarding the protection of the already
existing data in the host. The concern stems from the fact that the host
submitting the job may be untrusted or unknown to the host running the
job. To the host running the job, the job may well be a virus or a worm
which can destroy the system. This is called the Data protection issue.
refers to a scenario where jobs originating locally are deprived of
resources by alien jobs scheduled on the host as part of the grid system.
Solutions to the Host Security Issues
Several solutions have been proposed for data protection and job
Data Protection: Solutions in this space use isolation to restrict
the data to the grid or external applications. several isolation techniques
viz. application level sandboxing, virtualization, and sandboxing. The first
type of solution is through the use of proof carrying code (PCC) where
the code generators generate proofs of application safeness and embed
those in the compiled code. The second solutions looks at creating Virtual
Machines (VM) on the physical machine resulting is strong isolation
properties. The third type of solution, or the sandboxing solutions, traps
system calls and sandboxes the applications to prevent them from
accessing data and memory based on certain policies.
Job Starvation: Different solutions which look at the problem of job
starvation can be categorized as advanced reservations and priority
reduction techniques. Under advanced reservation system, a user requests
a set of resources (can be CPU, memory, disk space, etc.) for a specified
amount of time for the set jobs to be run. The resources are booked based
on the availability, security, QoS and other metrics. Once the resources
are booked, the resource providers honor the contract and have every
right to terminate the job once the contract expires. These techniques
require schedulers to work hand-in-hand with the resources/ hosts
providing service to the end users. Priority reduction techniques, on the
other hand, reduce the priorities of the long running jobs to reduce the
possibility of starvation.
Network Security Issues
In the context of grid computing, network security issues assume
significant importance mainly due to the heterogeneity and high speed
requirements of many grid applications. Moreover the grid inherits some
of the generic network issues also. Access control and isolation are
important requirements for traffic flowing through the grid networks. In
this area, integration of grid technologies with VPN and firewall
technologies assume significance. Routing of packets in networks based
on routing tables is a specific network issue. Attacks in routing include
link and router attacks which may cause significant destruction. Many of
the issues still require research attention. Multicasting is an efficient
means of information dissemination and may assume importance for grid
networks in the future.
Member authentication, key management, and source authentication are
specific security issues in multicasting. Another topic of interest in grid
networks is the integration of sensor networks with grid technologies.
Several sensor network attacks like sybil attacks, wormhole, and sinkhole
attacks, node hijacking, need to be tackled before the sensor grid vision
can get realized. Finally, there are security issues in high performance
Solutions to the Grid Network Issues
Many of the grid network issues are active areas of research where
solutions are mostly developed in labs and not yet commercialized.
Access Control & Isolation: Many of the grid and Web services
solutions cannot work effectively with firewalls and virtual private
networks (VPN) which have become ubiquitous in today’s enterprises.
The area requires significant research efforts.
There is Some of the research efforts like Adaptive Grid Firewalls
(AGF) and Hose .
Secure Routing: This area of research is inherited from the traditional
networking area. Most routing protocols use digital signatures and
passwords for message exchange which do not solve the advanced attacks
like source misbehavior. More research is needed in this area.
Secure Multicasting: This has been an active area of research for the
last few years. Most of the solutions presented in this area are research
outputs and rarely implemented in a large scale. However solutions like
centralized and hierarchical member authentication systems, tree-based,
and core based key management systems, and stream signing, and
chaining type solutions are important and require mention.
Sensor Grids: Security in sensor networks is a very important
issue due to the computational constraints imposed by the devices
and network and bandwidth constraints. This is also an active
area of research and several solutions have been proposed like SPINS and
High Speed Networks: One of the most important issues in the
adoption of security solutions is performance. A security solution which
requires firewall/intrusion detection, encryption/ decryption, message
authentication, distributed denial of service (DDoS) attack protection, etc.
results in a significant overhead which significantly reduces the
Management Related Issues
the grid management is important as the grid is heterogeneous in nature
and may consist of multiple entities, components, users, domains,
policies, and stake holders. The grid management issues include that grid
administrators are worried about are credential management, trust
management, and monitoring related issues.
In this thesis we will concentrate on information security
To look on the issues pertaining to the user – issues that make a user
comfortable with the grid system, namely authentication, confidentiality,
integrity, and single sign on/delegation.
a Grid defines a concept called the Virtual Organization (VO). In a VO,
different individuals, enterprises, organizations come together to share
resources and services under a set of rules or policies guiding and
governing the extent and conditions of sharing.
VO can be formed across many universities, across different enterprises,
as well as within an enterprise also.The level of heterogeneity defines the
type of solutions. Therefore, the main aspect that separates grid systems
from all the different systems are the heterogeneity involved and policy
complications. Here the concentration will be on the information security
aspects and how they can be tackled.
Fig. 2. Typical grid scenario
Figure 2 shows a typical grid scenario consisting of sites which
constitute a VO. A user submits a job to the grid which arrives at the
entry point or the gatekeeper of the grid system. There should be
mechanisms to authenticate the user at that point. When the job gets
submitted to the grid then there is a need to provide confidentiality and
integrity so that no one is able to see the contents of the information
carried and is able to modify the contents. Finally, there should be
mechanisms for single sign on and delegation. Discussions about the
different information security requirements are provided below:
Authentication: Grid security requirements should contain
authentication mechanisms at the entry points. Different authentication
mechanisms should be supported. It is possible to have different
authentication mechanisms for different sites within a grid. Therefore, the
security protocol should be flexible and scalable to handle all the
different requirements and provide a seamless interface to the user.
Furthermore, there is a need for management of context and sharing of
Confidentiality: Grid security mechanisms should protect the
confidentiality of the messages and the documents that flow over the
grid infrastructure. The confidentiality requirements should include
point-to-point transport as well as store and forward mechanisms.
Similar to the authentication mechanisms, there may be a need to
define, store, and share security contexts across different entities.
Integrity: Grid security mechanisms should include message integrity
which means that any change made to the messages or the documents can
be identified by the receiver.
Single Sign on: In a grid environment, there may be instances
where requests may have to travel through multiple security domains.
Therefore, there is need for single sign-on facility in the grid
Delegation: There may be a need for services to perform actions
on the user’s behalf. A computational job may require accessing
database many times. In that case there is a need to delegate the authority
to some service which will perform the action on the user’s behalf. When
dealing with delegation of authority from an entity to another, care should
be taken so that the authority transferred through delegation is scoped
only to the task(s) intended to be performed and within a limited lifetime
to minimize the misuse of delegated authority.
Grid Security Model
Grid computing provides a virtualized view of the underlying grid
resources. Such a virtualization also encompasses the security
requirements. Therefore, there is a need for virtualization of security
semantics to use standardized ways of segmenting security components
like authentication, access control, confidentiality, etc. and to provide a
standardized way to enable the federation of multiple security
mechanisms. Therefore, this requires a loosely-coupled platform
independent model of securing applications within and across
organizations. Now the question arises about the paradigm involved in
implementing such a loosely coupled, platform independent architecture.
Fig. 3 Components of the grid security model
the OGSA grid computing model uses Web services WS as a model
reference. Since confidentiality, integrity, policy management, trust
management are also integral to Web services, the grid security
infrastructure integrates the Web services standards like WS Security,
WS-Policy, WS-Trust, etc. in the specification. However, the Grid
Security Infrastructure does not exclude transport layer security like
Secure Socket Layer (SSL) on top of HTTPs. Users are free to use
HTTPs which provides confidentiality, integrity, and authentication.
However, if there is a need to traverse multiple intermediaries, WS
Security can be used in conjunction with XML encryption, XML
signatures and so on.
Fig 4. High level view of GSI
Figure 3 shows the different components of the grid security model
As shown in Fig 4, in GSI there are three types of authentication– using
X.509 certificates, using passwords, and using Kerberos.
For confidentiality mainly key based encryption algorithms are used.
Sometimes, the need arises for having a session key and therefore,
session management. For single sign on/delegation proxy certificates are
generally used. Provisions for both transport layer security mechanisms
like SSL and message layer mechanisms like WS-Security are provided.
Authentication in GSI
The most prevalent mechanisms of authentication in a GSI based grid is
the certificate based authentication mechanism where a public key
infrastructure (PKI) is assumed to exist which allows the trusted authority
to sign information to be used for authentication purposes. In addition to
certificate based mechanism, Kerberos and password based mechanisms
have also been implemented.
Certificate based Authentication
Certificate based authentication mechanism has been implemented in all
versions of Globus . It assumes that each user within the grid system
possesses a public private key pair, and there exists a trusted third party
or Certificate Authority (CA) to sign and certify the users. The GSI
certificate includes following information:
A subject name, which identifies the person or object that the certificate
The public key belonging to the subject.
The identity of a Certificate Authority (CA) that has signed the
certificate to certify that the public key and the identity both belong
to the subject.
The digital signature of the named CA.
Logging into the Grid System
Figure 5 shows the four steps involved in allowing a user to access a grid
system using the certificate based authentication in GSI. The different
1. The first step is to know the public key of the CA. This information
is used to verify the validity of the certificate obtained from
CA. The certificate is stored in the local host.
Fig. 5 Steps for logging into the grid
2. The second step is to create the public private key pair using any
common protocol. The private key thus obtained is also stored in a secure
place in the local host. A different credential service like MyProxy can
also be used for this purpose. In this step, the user also generates the
certificate request, which is its public key signed with the user’s private
key. This is done so that the CA can verify the authenticity of the
3. In the third step, the CA first verifies the information obtained
from the user and then signs the request with its public key. The
certificate is then sent to the user.
4. The last step is to store the certificate which would be used for all
subsequent authentication purposes. The following information is
stored at the local host: (i) the public key of the CA, (ii) the user’s
public key, and (iii) the signed certificate.