Analysis of impact of Symmetric Encryption Algorithms in Data Security Model of Grid Networks
IJCSIS is an open access publishing venue for research in general computer science and information security. Target Audience: IT academics, university IT faculties; industry IT departments; government departments; the mobile industry and computing industry. Coverage includes: security infrastructures, network security: Internet security, content protection, cryptography, steganography and formal methods in information security; computer science, computer applications, multimedia systems, software, information systems, intelligent systems, web services, data mining, wireless communication, networking and technologies, innovation technology and management. The average paper acceptance rate for IJCSIS issues is kept at 25-30% with an aim to provide selective research work of quality in the areas of computer science and engineering. Thanks for your contributions in September 2010 issue and we are grateful to the experienced team of reviewers for providing valuable comments.
(IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 Analysis of impact of Symmetric Encryption Algorithms in Data Security Model of Grid Networks M. Madheswaran N. Thenmozhi Department of Electronics and Communication Engg., Department of Computer Science Muthayammal Engineering College N.K.R. Govt. Arts College for Women Rasipuram-637 408, India. Namakkal-637 001, India. Email : firstname.lastname@example.org Email : email@example.com Abstract─The symmetric and asymmetric encryption algorithms applications, and other entities may be required to are commonly used in grid software to provide necessary authenticate also. Basic authentication is the simplest web- security. The use of symmetric encryption algorithm will based authentication scheme that works by sending the significantly affect the network communication performance. username and password within the request. Generally authentication is achieved through the presentation of some In this paper, the impact of using different popular and token that cannot be stolen (forged). This can be either peer- commonly used symmetric key cryptography algorithms for to-peer relationship (password for client and server) or encrypting data in a typical grid commuting environment is through a trusted third party (certification authority or analyzed. It is obvious that the use of encryption and decryption Kerberos server). Biometrics characteristics can also be used at application layer will certainly have an impact in the application layer performance in terms of speed. In this work, to a service for authentication purpose, since a unique we have studied its impact at network layer performance in a identification of human being can give more security for typical grid computing environment in the algorithms such as example a finger print scanner can be used to log into a local DES, Triple DES, AES, Blow Fish, RC2 and RC6. The machines. Trust can be defined as the assured reliance on the performances are measured through simulation studies on ns2 character, ability, strength, or truth of someone or something. by simulating these algorithms in GARUDA Grid Network Access Control is the ability to limit and control the Topology. access to host systems and applications via communications Keywords─ Grid Security; Encryption; ECGIN; ERNET; links. The process of authorization is often used as a synonym GARUDA; PPlive; GridFTP; for access control, but it also includes granting the access or rights to perform some actions based on access rights. Data integrity assures that the data is not altered or I. INTRODUCTION destroyed in an unauthorized manner. Integrity checks are provided primarily via hash functions (or “message digests”). Internet and Grid computing applications are growing Data confidentiality, Sensitive information must not be very fast, so the needs to protect such applications have revealed to parties that it was not meant for. Data increased. Encryption algorithms play a main role in confidentiality is often also referred to as privacy. The information security systems. On the other side, those standard approach to ensure confidentiality is through algorithms consume a significant amount of computing encryption, which is the application of an algorithm that resources such as CPU time, memory, and battery power. transforms “plaintext” to “cipher text” whose meaning is The Globus Toolkit is the very commonly used software hidden but can be restored to the original plaintext by another for Grid computing. It provides different kinds of security for Algorithm (the invocation of which is called decryption). grid computing. The Grid Security Infrastructure (GSI) of Globus and a Public Key Infrastructure (PKI) provide the Key management deals with the secure generation, technical framework (including protocols, services, and distribution, authentication, and storage of keys used in standards) to support grid computing with five security cryptography. Nonrepudiation refers to the inability of capabilities: user authentication, data confidentiality, data something that performed a particular action such as a integrity, non-repudiation, and key management. financial transaction to later deny that they were indeed responsible for the event. A. Security Issues Basically, security requires at least three fundamental Authentication is the process of verifying the validity of a services: authentication, authorization, and encryption. A grid claimed individual and identifying who he or she is. resource must be authenticated before any checks can be done Authentication is not limited to human beings; services, as to whether or not any requested access or operation is 99 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 allowed within the grid. Once the grid resources have been 1997 after a competition to select the best encryption authenticated within the grid, the grid user can be granted standard. Brute force attack is the only effective attack known certain rights to access a grid resource. This, however, does against it, in which the attacker tries to test all the characters not prevent data in transit between grid resources from being combinations to unlock the encryption. Both AES and DES captured, spoofed, or altered . The security service to are block ciphers. insure that this does not happen is encryption. Obviously, use of data encryption certainly will have its impact on Blowfish is a variable length key, the block size is 64 bits, application layer performance. But, in this work we will and the key can be any length up to 448 bits block cipher. examine its impact on total network performance. In this This algorithm can be optimized in hardware applications paper, we will study the impact of four symmetric encryption though it's mostly used in software applications. Though algorithms in a typical grid network. it suffers from weak keys problem, no attack is known to be successful against . The use of cryptography will certainly have an impact on network performance in one way or another. So we decided to RC2 is a block cipher with a 64-bits block cipher model an application layer encryption -decryption scenario in with a variable key size that range from 8 to128 bits. RC2 is a typical grid computing environment and study its impact on vulnerable to a related-key attack using 234 chosen plaintexts network performance through network simulations. . B. Security Methods Authentication and authorization has been a basic and necessary Service for internet transactions. Several new Symmetric encryption: Using the same secret key to standards have merged which allow dynamic access control provide encryption and decryption of data. Symmetric based on exchanging user attributes. Unfortunately, while cryptography is also known as secret-key cryptography. providing highly secure and flexible access mechanisms are a Asymmetric encryption: Using two different keys for very demanding task. Authentication and Authorization encryption and decryption. The public key encryption Infrastructures (AAIs) can provide such integrated federations technique is the primary example of this using a "public key" of security services. They could, in particular, provide and a "private key" pair. So it is referred as public-key attribute based access control (ABAC) mechanisms and mediate customers’ demand for privacy and vendors’ needs cryptography. for information . Secure Socket Layer/Transport Layer Security II. LITERATURE SURVEY (SSL/TLS): These are essentially the same protocol, but are The Globus Security Infrastructure (GSI) is one of the referred to one another differently. TLS has been renamed by most famous security architecture. GSI is based on Public the IETF, but they are based on the same RFC. Key Infrastructure (PKI), which performs mutual Public Key Infrastructure (PKI): The different authentication via X.509 certificates. The author describes components, technologies, and protocols that make up a PKI present a password-based grid security infrastructure environment. Grid security implementations are (PBGSI), which authenticates clients by authenticated key predominantly built on public key infrastructure (PKI) exchange (AuthA) methods and uses improved Chaffing and (Housely et al., 2002; Tuecke et al., 2004). In a PKI each Winnowing for secure data transfer. By using password-based entity (e.g. user, service) possesses a set of credentials methods in authentication, authorization and delegation, comprised of a cryptographic key and a certificate. PBGSI provides convenient interface for the user. At the same time, encryption-less secure data transfer improves the Mutual Authentication: Instead of using an Lightweight performance; and mechanisms used in our scheme (time- Distribution Access Protocol (LDAP) repository to hold the stamp etc.) enhance the security of the whole grid . public key (PKI), two parties who want to communicate with one another use their public key stored in their digital A grid environment is built to verify the feasibility and the certificate to authenticate with one another. efficiency of the extended OCSP protocol. The paper deals with the running requirement and the data description of the client and each extended OCSP responder in detail. It C. The symmetric key Encryption Algorithms describes the processing algorithm of each responder. In order Data Encryption Standard(DES), was the first encryption to improve the efficiency of the system, the path length standard to be recommended by NIST (National Institute of constraint and time constraint of request transmitting are Standards and Technology). It is based on the IBM proposed designed specially. Theory and experiments all prove that the algorithm called Lucifer. DES became a standard in 1974. extended OCSP system improves the efficiency of certificate Since that time, many attacks and methods were recorded that verification effectively . exploit the weaknesses of DES, which made it an insecure block cipher. Recently, Authentication protocol has been recognized as an important factor for grid computing security. This paper Advanced Encryption Standard(AES), is the new  described a new simple and efficient Grid authentication encryption standard recommended by NIST to replace DES. system providing user anonymity. It is based on hash Rijndael (pronounced Rain Doll) algorithm was selected in function, and mobile users only do symmetric encryption and 100 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 decryption and it takes only one round of messages exchange ERNET also acts as a bridge for co-operation with other between the mobile user and the visited network, and one countries in the area of computer com- munications, round of message exchange between the visited network and information technology, computer networking and other the corresponding home network. related emerging technologies. There are number of projects investigating attribute-based The ERNET network has 15 Points of Presence spread authentication such as the VO Privilege Project, GridShib, throughout India serving 1389 institutions, including 152 and PERMIS. However, there are quite a few decision universities, 284 agricultural universities and many other dimensions when it comes about designing this scheme in research organizations. It has 14 points of peering for Internet grid computing . bandwidth connectivity using submarine cables. Authentication in the grid environment can be performed The network comprises a mix of terrestrial and satellite- in two ways either in the application layer part or in the based wide area networks. It provides a wide range of communication part. Cryptography plays a major role to operation and application services. As of today, universities, implement authentication. It is obvious that the use of academic institutions, R&D labs and schools, etc. use ERNET encryption and decryption at application layer will certainly for a variety of applications and services including email, file have an impact in the application layer performance in the transfer, database access, world wide web , web hosting, mail grid environment. In this paper, we have simulated the relaying, security solutions, distant learning and grids. encryption algorithms in a typical grid network scenario using ERNET is the first network in the country to provide dual the results from the paper . stack access of Internet protocol version 6 (IPv6) and Internet protocol version 4 (IPv4) test beds to its users to develop, test A. Europe-China Grid Internetworking (EC-GIN) Project and implement IPv6 based mail, Domain name Services, Web The Internet communication infrastructure (the TCP/IP applications and products. protocol stack) is designed for broad use; as such, it does not ERNET has deployed many overlay networks over its take the specific characteristics of Grid applications into terrestrial and satellite network under different schemes. account. This one-size-fits-all approach works for a number Some examples are GARUDA (see below), UGC-Infonet, of application domains, however, it is far from being optimal interconnecting Indian universities, ICAR-Net, general network mechanisms, while useful for the Grid, and interconnecting Agricultural Research centers, Universities cannot be as efficient as customized solutions. While the Grid and Stations, and several pilot projects aiming at is slowly emerging, its network infrastructure is still in its interconnecting schools. Separate networks were infancy. Thus, based on a number of properties that make implemented to allow DAE institutes to connect to the Grids unique from the network perspective, the project EC- GÉANT network and to participate in LHC activities. GIN (Europe-China Grid Internetworking) will develop tailored network technology in dedicated support of Grid applications. These technical solutions will be supplemented with a secure and incentive-based Grid Services network traffic management system, which will balance the conflicting performance demand and the economic use of resources in the network and within the Grid . By collaboration between European and Chinese partners, EC-GIN parallels previous efforts for real-time multimedia transmission across the Internet: much like the Grid, these applications have special network requirements and show a special behavior from the network perspective. B. The ERNET Project ERNET (Education and Research Network) was the first dedicated and integrated step taken towards to enable the research and education community in India to leverage the benefits of ICTs. ERNET India aims at developing, setting up and operating nationwide state-of-the-art computer Figure 1. The ERNET Topology  communication infrastructure and providing services to the users in academic and research institutions, Government organizations, and industry, in line with technology developments and national priorities. Dissemi- nation, C. Overview of GARUDA Project training and knowledge transfer in the field of computer GARUDA initiative is a collaboration of science communication and information technology are an integrating researchers and experimenters on a nation- wide grid of part of ERNET mission. computational nodes, mass storage and scientific instruments that aims to provide the technological advances required to 101 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 enable data and compute intensive science of the 21st century. One of GARUDA's most important challenges is to strike the right balance between research and the daunting task of deploying that innovation into some of the most complex scientific and engineering endeavours being undertaken today. The Department of Information Technology (DIT) has funded the Center for Development of Ad- vanced Computing (C-DAC) to deploy the nation-wide computational grid 'GARUDA' which today connects 45 institutions across 17 cities in its Proof of Concept (PoC) phase with an aim to bring "Grid" networked computing to research labs and industry. In pursuit of scientific and technological excel- lence, GARUDA PoC has also brought together the critical mass of well-established researchers. Figure 3. GARUDA topology - EU-I NDIA GRID  E. Network Simulator The Grid Computing paradigm has been widely adopted within the research community for scientific computing. Grid Computing is used as a method by which access is seamlessly given to a set of heterogeneous computational resources across a dynamic set of physical organizations, supplying massive computing and storage capabilities. Within a Grid environment, computational jobs are submitted to and run on suitable resources and data is stored and transferred transparently without knowing its geographic location. All of this behavior will obviously show its impact on the underling network infrastructure and the data generated within a Grid environment may substantially affect the Figure 2. GARUDA Grid Component Architecture  network performance due to the volume involved. C. Present Network Architecture We will use NS2 to simulate the network, but it is well known that NS2 doesn't implement any security The GARUDA network is a Layer 2/3 MPLS Virtual features. Till now, there is no option for simulating security Private Network [VPN] connecting selected institutions at things in NS2. The reasons for lack of security features in ns2 10/100 Mbps with stringent quality and Service Level are: Agreements. The network has been contracted as a man- aged service with a peak capacity of 2.43 Gbps across 17 cities. Security is a subtle thing related to many aspects, which This network is a pre-cursor to the next genera- tion Gigabit is much different from other kinds of network protocols. speed nation-wide Wide Area Network with high Generally there will not be any real data or packet to performance computing resources and scientific instruments encrypt or decrypt in ns2. for seamless collaborative research and ex- periments. The PoC network was established at all the GARUDA partner The scope of a simulation will be minimizing the overall institutes in close collaboration with ERNET who are simulation time. But if we do real encryption or responsible for the operation, mainte- nance and management decryption in simulator, then it will go beyond the of this network. concept of a simulator. Lack of support for sending real payload in ns2. D. Computational Resources in GARUDA Lack of support for handling socket connection like real In this collaborative grid project, various resources such TCP/IP scenario. as high performance computing sys- tems (HPC) and satellite Ns2 simulator has limitation in simulating simultaneous based communication systems have been committed by threaded processes to mimic real socket connections. different centers of C-DAC and GARUDA partners. It may be noted that since the resources are diverse in nature, one of Ns2  is an object oriented simulator, written in C++, the major challenges of GARUDA is to deploy appropriate with an OTCL interpreter as a frontend. The simulator tools and middleware to enable applications to run seamlessly supports a class hierarchy in C++, and a similar class across the grid. hierarchy within the OTcl interpreter. The root of this 102 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 hierarchy is the class TclObject. Users create new simulator • Compute the next video packet sending time. Put it objects through the interpreter. Applications sit on top of into a variable NextT. transport agents in ns and there are two basic types of applications: traffic generators and simulated applications. Next, the time needed to send the next packet is computed. Currently, there are four C++ classes derived from the traffic To account for different packet sizes, different parameters are generator class . Traffic Generator: EXPOO_Traffic, used to calculate inter-video packet time (variable NextT) and POO_Traffic, CBR_Traffic, TrafficTrace. the inter-control packet time (array t_i). The values of t_1 to t_n are summed to variable SmallT. As long as the value of However, none of these classes match the traffic SmallT is less than NextT, t_i is used as the inter- packet time characteristics of PPLive, and of GridFTP. So we decided to for sending small packets (control packets). Otherwise, a simulate encryption in ns2 at application layer, by modeling a large packet(video packet) is sent immediately with an inter- new encrypted traffic generator. packet time of NextT - (SmallT - t_i). In addition to the above process, we have delayed the III. MODELING GRID AND GRID TRAFFIC IN NS2 packet transmission with respect to the size of the packet to Though there are different kinds of security requirements be sent and the selected encryption algorithm. or models for grid computing systems, the role of a symmetric key encryption algorithm and its impact will be a significant So the new Scheduled Transmission Time will be equal to one when implemented in application layer that will affect the the sum of inter-packet time and the time taken for encrypting performance in terms of time. In this work, we have simulated the packet by the selected algorithm. the workload of different Symmetric Key Encryption In our implementation we have simulated the encryption algorithms such as DES, Triple DES, AES, Blow Fish, RC2 algorithms in a typical grid network scenario just by including and RC6 at application layer using Network Simulator tool. the encryption delay at the traffic generator using the results The proposed traffic model is based on the model used in from the paper . In the traffic model of ECGIN, they used ECGIN for symmetric key encryption and GridFTP as a cross UDP in their design. We have decided to use TCP in our traffic. The proposed model is implemented on the Indian grid design, because, TCP is the most commonly used transport network topology GARUDA, to study the impact of the protocol in grid network communication. encryption based traffic model. B. Modeling GridFTP A. Modeling Encrypted PPLive Traffic The GridFTP tool of Globus Toolkit is one of the most Along with the rapid development of P2P file sharing and important components provided by Globus for moving large IPTV video services, P2P streaming services have become amounts of data in bulk. GridFTP is based on FTP, the a core multi-user video sharing application on the highly- popular Internet file transfer protocol. Given the Internet. The focus of grid technology in the video area is characteristics of Grid traffic - often a mixture of short, generally on the resource scheduling and replica sporadic service calls and bulk data transfers - a GridFTP management aspects, while the service traffic simulation scenario differs from other traffic models and is characteristics are still similar to the traditional video service. therefore important for testing Grid-specific network In depth work has already been carried out in the areas of mechanisms. The GridFTP simulator of EC-GEN was monitoring and modeling video traffic. Therefore, developed with the OTCL language to mimic this GridFTP exploring the developing trends of grid systems, video traffic. The EC-GEN GridFTP is embedded in a gridftp.tcl sharing, monitoring and the analysis of P2P IPTV traffic are file. In this work we just used GridFTP as a background cross interesting and promising topics of research. traffic during evaluation the impact of encrypted PPLive The time interval between two packets and the size of each traffic. The three major parameters defined for the GridFTP packet waiting for sending out is very important when simulator are: modeling actual traffic. Therefore if the model can accurately • Bandwidth: this parameter is used to set the total match these two characteristics, it can be said to generate bandwidth of the link. By default, this parameter is set to traffic that is similar to the actual data. The EC-GIN project 1.0Mbps. With this and the ratio parameter, we can built a new traffic generator to model the actual traffic called determine the "rate_" parameter for each FTP instance. Lognormal Traffic, which is primarily responsible for controlling the packets time interval and the packet sizes. • Parallel: this parameter is used to set the parallel GridFTP streams. By default, this is set to 4. Since each In this work, we extended the traffic model of PPLive GridFTP stream can be simulated by FTP, this parameter (Lognormal Traffic) to support a simulated encryption- will actually set the number of FTP instances for the decryption scenario. GridFTP simulator. Based on traffic model of EC-GIN, an algorithm has been • Ratio: this parameter is used to set the throughput ratio put forward to control the packet generation sequence. First, among the parallel streams. By default, this is set to data initialization is performed as follows: 1:1:1:1 which means each stream will transmit packets at • Send a video packet when simulation begins. an equal speed. 103 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 The GridFTP simulator consists of two classes. One is the Institution to Backbone Links 2/8 Mbps GridFTP class and the other is the GridFTPSink class. We Queue Type DropTail also override two methods for the basic Simulator class, attach-agent and connect, with which the GridFTP instance can be attached to the network node and be connected to the We have simulated a encrypted PPLive traffic from one GridFTPSink instance. node to another (in this topology, from Madras to Delhi) and used some GridFTP cross traffic. C. The Simulation of GARUDA Network in ns2 The following NAM (Network Animator) output shows B. Performance the model of GARUDA network simulated on ns2. The The following graph shows the performance of the topology was derived from the information provided by the network with respect to different cryptography algorithms ERNET and GARUDA projects . used in application layer. The Throughput The following graphs show the comparison of throughput in different encryption schemes over time. Figure 5. The Simulated GARUDA Topology The links shown in green are 8/34Mbps links Figure 6. Time VS Throughput – Comparison The links shown in red are 2/8 Mbps links Nodes shown as red hexagon are backbones and POPs The following graph shows the average throughput. The Nodes shown as blue circles are the connected institutes throughput in the case of Blowfish based scheme was good. IV. SIMULATION RESULTS AND DISCUSSION A simple model of GARUDA grid network has been simulated in ns2 and the impact of different encryption schemes on network performance has been evaluated. A normal 2 GHz Pentium IV computer with 1 GB RAM was used for this simulation. A. Traffic models In order to create the different traffic scenarios files we used different types of grid traffics mentioned in ECGIN project. They are GridFTP Traffic and PPLive Traffic. Some of the simulation parameters are Figure 7. The Average Throughput Number of Backbone and POP nodes 12 Number of Simulated Institution Nodes 36 The Received Packets comparison Routing Protocol DV The following graphs show the comparison of time and Backbone Link Capacity 8/34 Mbps received packets in different encryption schemes. 104 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 Even though all the transmitted packets were received successfully, the throughput and delay was much affected by the retransmission of the packets during the packet loss or drop. This retransmission of packet had an impact on throughput. Faster the encryption algorithm, higher the bandwidth it will try to use. So it will increase delay, packet loss as well as drop at intermediate nodes. V. CONCLUSION The security is a very important issue in grid network design. Apart from authentication and authorization, the use of symmetric encryption algorithm for grid data security is Figure 8. The Time VS Received Packets – Comparison also having significant impact on the design and performance of grid networks. A model for grid security infrastructure has The End to End Delay been implemented on network simulator ns2 and the impact of use of encryption algorithms in network performance has The following graphs show the comparison of end to end been measured. We have simulated a simplified model of GARUDA grid network in ns2 and simulated some of the delay in different encryption schemes over time basic traffic types of grid network (proposed in ECGIN). As shown in the graphs in previous section, the use of cryptography at application layer has obvious impact on network performance. Depending on the cryptographic algorithms, the delay in delivery of packet is proportional with respect to time. Due to queuing delay at the intermediate node, the faster algorithm provides better throughput with a little bit of delay in packet delivery. Future works may address the issues of impact of asymmetric encryption algorithms used in a grid network for authentication and other purposes. Further, the work may be extended for implementing some other traffic types of grid network. Figure 9. Time VS E2Edelay - Comparison REFERENCES  Diaa Salama Abd Elminaam, Hatem Mohamed Abdual Kader, and Mohiy Mohamed Hadhoud, "Evaluating The Performance of Symmetric Encryption Algorithms" International Journal of Network Security, Vol.10, No.3, PP.216-222 The Average Delay  D. S. Abdul. Elminaam, H. M. Abdul Kader and M. M. Hadhoud, Performance Evaluation of Symmetric The following graphs show the average delay in different Encryption Algorithms, Communications of the IBIMA Volume 8, 2009 ISSN: 1943-7765. encryption schemes.  Aamer Nadeem, "A Performance Comparison of Data Encryption Algorithms", IEEE 2005.  Earle, "Wireless Security Handbook,". Auerbach Publications 2005  Priya Dhawan., "Performance Comparison: Security Design Choices", Microsoft  Edney, " Real 802.11 Security: Wi-Fi Protected Access and 802.11i ", Addison Wesley 2003.  Hardjono, " Security In Wireless LANS And MANS ", Artech House Publishers 2005  Bruce Schneier, "Applied Cryptography", John Wiley & Sons, Inc 1996  Ronald L. Rivest, M.J.B. Robshaw, R. Sidney, and Y.L. Yin, “ The Figure 10. The Average Delay 105 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 8, No. 6, September 2010 RC6TM, Block Cipher”, Version 1.1 - August 20, 1998.  Christian Schläger, Manuel Sojer, Björn Muschall, and Günther Mrs. N. Thenmozhi is working as Assistant Professor, Pernul Department of Computer Science in N.K.R. Govt. Arts , “Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers”, K. Bauknecht et al. College for Women, Namakkal. She obtained her Bachelor (Eds.): EC-Web 2006, degree in Statistics from Saradha College, Salem under LNCS 4082, pp. 132 – 141, 2006. Madras University, Master’s degree in Computer  Zhun Cai,“A Password-based Grid Security Infrastructure” Applications from Bharathiar University, Coimbatore, 10.1109 /ICDS.2008.39, Second International Conference on Master’s degree in Software Systems from BITS, Pilani,and The Digital Society, Institute of Digital Technology M.Phil From Manonmaniam Sundaranar University. She is AISINO Inc. currently pursuing Ph.D. under Mother Teresa Women’s  Shaomin Zhang, Baoyi Wang, Hebei Province, “Research on An Extended OCSP Protocol for Grid”, Proceedings of University, Kodaikanal. She has 18 years of Teaching the 7th World Congress on Intelligent ontrol and Experience and 2 years of Industrial experience. She has Automation, 25 - 27, 2008, China. published number papers in various national and international  Ronghui Wu, Renfa Li, Fei Yu ,guangxue,Cheng Xu, conferences.She is life member of ISTE. Her field of interest “Research on User Authentication for Grid Computing includes Grid Computing, Network Security and Image Security”, Proceedings of the Second International Conference on Semantics, Knowledge, and Grid (SKG'06) 0-7695-2673- Processing. X/06 $20.00 © 2006.  Anna Cinzia Squicciarini, Elisa Bertino and Sebastien Goasguen, “Access Control Strategies for Virtualized M.Madheswaran received the BE Degree from Madurai Environments in Grid Computing Systems”, Proceedings of Kamaraj University in 1990, ME Degree from Birla Institute the 11th IEEE International Workshop on Future Trends of of Technology, Mesra, Ranchi, India in 1992, both in Distributed Computing Systems (FTDCS'07) 0-7695-2810- 4/07 $20.00 © 2007. Electronics and Communication Engineering. He obtained his  Marty Humphery, Mary R. Thomson, and Keith R.Jackson, PhD degree in Electronics Engineering from the Institute of “Security for Grids”, Proceeding of the IEEE, Vol 93, No.3, pp.644-650, March 2005. Technology,Banaras Hindu University, Varanasi, India, in  Europe-China Grid InterNetworking, European Sixth 1999. At present he is a Principal of Muthayammal Framework STREP FP6-2006-IST-045256, Deliverable Engineering College, Rasipuram, India. He has authored over D2.1, Ns2 code for Grid network simulation. The EC-GIN Consortium, Europe-China Grid InterNetworking, Survey of Seventy five research publications in International and Grid Simulators, Network-level Analysis of Grid Applications, National Journals and Conferences. Currently he is the The EC-GIN Consortium. chairman of IEEE India Electron Devices Society Chapter.  International Technical Support Organization, “Introduction to Grid Computing with Globus”, September 2003, IBM His areas of interest are theoretical modeling and simulation Corporation. of high-speed semiconductor devices for integrated  http://partners.euindiagrid.eu/deliverables/D3.1.html optoelectronics application, Bio-optics and Bio-signal  http://www.faqs.org/rfcs/rfc2828.html Processing. He was awarded the Young Scientist Fellowship  http://msdn2.microsoft.com/en-us/library/ms978415.aspx, Developer Network October 2002. (YSF) by the State Council for Science and  http://en.wikipedia.org/wiki/Block_cipher Technology,TamilNadu, in 1994 and Senior Research  http://www.tropsoft.com/strongenc/des.htm Fellowship (SRF) by the Council of Scientific and Industrial  http://www.eskimo.com/~weidai/benchmarks.html Research (CSIR), Government of India in 1996. Also he has  Coder's Lagoon, http://www.hotpixel.net/software.html received YSF from SERC, Department of Science and  http://www.ec-gin.eu Technology, Govt. of India. He is named in Marquis Who’s  http://www.eis.ernet.in Who in Science and engineering in the year 2006. He is a  www.garudaindia.in  http://www.euindiagrid.eu/ Member of Institute of Electrical and Electronics Engineers,  www.cdac.in Fellow of Institution of Electronics and Telecommunication  ttp://www.euindiagrid.eu/index.php/documents/doc_downloa Engineers, Member of Indian Society for Technical Education d/11- einfrastructures-across-europe-and-india and Member of Institution of Engineers. AUTHORS PROFILE 106 http://sites.google.com/site/ijcsis/ ISSN 1947-5500