| GridBox: securing hosts from malicious and greedy applications |
| Full text |
 Pdf
(73 KB)
|
| Source
|
MGC; Vol. 76
archive
Proceedings of the 2nd workshop on Middleware for grid computing
table of contents
Toronto, Ontario, Canada
Pages: 17 - 22
Year of Publication: 2004
ISBN:1-58113-950-0
|
|
Authors
|
|
| Publisher |
|
| Bibliometrics |
Downloads (6 Weeks): 10, Downloads (12 Months): 43, Citation Count: 3
|
|
|
 ABSTRACT
Security is an important concern in providing the infrastructure for the implementation of general purpose computational grids. However, most grid implementations focus their security concerns in correctly authenticating users and hosts and in the communications among them. In most cases, application security is left to the underlying operating system. This can be a problem when a "malicious" application is executed. In this work, we introduce the GridBox architecture, that aims to provide additional security for GRID applications, using Access Control Lists and sandbox functionality for GRID tasks.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
N. Andrade, W. Cirne, F. Brasilerio, and P. Roisenberg. OurGrid: An approach to easily assemble grids with equitable resource sharing. In Proceedings of the 9th Workshop on Job Scheduling Strategies for Parallel Processing, June 2003.
|
| |
2
|
Apple Computer, Inc. X-grid project. http://www.apple.com/acg/xgrid/.
|
| |
3
|
|
| |
4
|
J. Dike. A. user-mode port of the linux kernel, 2001.
|
| |
5
|
J. Dike. The user-mode linux kernel home page. http://user-mode-linux.sourceforge.net/, 2004.
|
| |
6
|
E. Dodonov and H. C. Guardia. P2fs: Peer-to-peer grid filesystem. http://www.gsdr.dc.ufscar.br/p2fs/.
|
| |
7
|
Bryan Ford , Mike Hibler , Jay Lepreau , Roland McGrath , Patrick Tullmann, Interface and execution models in the Fluke kernel, Proceedings of the third symposium on Operating systems design and implementation, p.101-115, February 1999, New Orleans, Louisiana, United States
|
| |
8
|
L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going beyond the sandbox: An overview of the new security architecture in the Java Development Kit 1.2. In USENIX Symposium on Internet Technologies and Systems, pages 103--112, Monterey, CA, 1997.
|
| |
9
|
A. Grünbacher. Linux extended attributes and acls. http://acl.bestbits.at/.
|
| |
10
|
P. Kamp and R. N. M. Watson. Jails: Confining the omnipotent root. http://docs.freebsd.org/44doc/papers/jail/html, 2000.
|
| |
11
|
R. McGrath and Free Software Foundation. Chroot - run command or interactive shell with special root directory. The Linux Manual Pages.
|
| |
12
|
NSA.GOV. Security-enhanced linux. http://www.nsa.gov/selinux/.
|
| |
13
|
NTFS.COM. Ntfs - new technology file system designed for windows nt, 2000, xp. http://www.ntfs.com/, 2004.
|
| |
14
|
SETI@HOME. Seti@home project. http://setiathome.ssl.berkeley.edu/.
|
| |
15
|
Simes. Breaking out of a chroot() padded cell. http://www.bpfh.net/simes/computing/chroot-break.html.
|
| |
16
|
S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a Linux security module. NAI Labs Report #01-043, NAI Labs, Dec 2001. Revised May 2002.
|
| |
17
|
R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lepreau. The Flask security architecture: System support for diverse security policies. In Proc. of the 8th Usenix Security Symposium, pages 123--139, 1999.
|
| |
18
|
The Globus Project. http://www.globus.org.
|
| |
19
|
The Legion Project. http://legion.virginia.edu.
|
| |
20
|
The Linux VServer Project. Linux vserver project. http://www.linux-vserver.org/.
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
