Researcher Secures Grid Computing

A Japanese researcher has identified security as a chief reason for the slow uptake of grid computing -- and he's doing something about it.

Shingo Takeda, a researcher at Osaka University, today presented a proposed security monitoring system for grid computing environments at the Gelato ICE: Itanium Conference & Expo in Singapore. Takeda already has gained notoriety in the industry for his development of GSI-SFS, a secure single sign-on system for grids.

Takeda's latest tool is based on MOGAS, a grid accounting system developed at Nanyang Technological University in Singapore. "[MOGAS] collects job information from a [grid computing] job manager and aggregates it into a central database. However, the job manager does not provide failure information, such as authentication failure or authorization (grid-map) failure," Takeda says. "I wrote a new script to collect failure information and developed a new Web interface to visualize it."

The script makes it possible for administrators to spot authentication failures and authorization failures across a mesh of computers, then analyze those failures using graphs, charts, and tables, Takeda says. This analysis will help security managers quickly identify suspicious behavior in the grid, he says.

Takeda's monitoring tool, along with his single sign-on technology, could help enterprises and service providers overcome their trepidation about grid computing, which requires the linking of many computers to create a single set of server resources. Grid technology was once hailed as the next generation of computing, but confusion about security, costs, performance, and licensing have left it on the agenda for only about 20 percent of large enterprises in the U.S., according to International Data Corp.

Grid computing is making headway in Europe and Asia, where computing environments are often more homogeneous, experts say.

Takeda's new monitoring system will work in any operating environment that supports the Globus Toolkit -- a development kit for grid computing -- including Linux or Windows. The initial system may not be ready for commercial implementation, because it assumes that a single individual will be able to access all information collected from any resource, Takeda says. However, the visualization and monitoring technology could be ready for commercial grids in the near future, he says.

Previously, Takeda developed GSI-SFS, a secure single sign-on file system that combines two key technologies, GSI and SFS. GSI (Grid Security Infrastructure), the most widely used security middleware in grid computing, provides convenient single sign-on authentication. SFS (Self-certifying File System), a secure remote file system developed at MIT, provides transparent access to remote files. Takeda developed a GSI authentication module for SFS, so that grid users can access remote files more easily.

Such systems are crucial if the industry is to realize the potential of grid computing, which would enable companies to save money and improve performance and capacity by sharing computing hardware and resources across corporate boundaries. Thus far, grid computing has been used mostly in single-company environments, partly because enterprises are not confident that their data will be secure in a shared system. "Security is essential for realizing large-scale resource sharing among a variety of organizations," Takeda says.

— Tim Wilson, Site Editor, Dark Reading