论文信息 - Dynamic Layer-2 VPN Services for Improving Security in the Grid Environment

Dynamic Layer-2 VPN Services for Improving Security in the Grid Environment

Pervasive and on-demand computing are now a reality, mainly in the scientific area, and the computational Grid concept is gaining popularity as a scalable way to deliver access to a wide range of distributed computing and data resources. But, as Grids move from an experimental phase to real production and their deployment in the Internet significantly increases, controlling the security of a Grid application becomes imperative. The most significant Grid security issue is that the different sites composing the Grid will generally be managed by different organizations each with their own security mechanisms and policies. This makes any communication security arrangement on the entities participating to the Grid generally more difficult than if they were on the same local area network. In this paper, we show how the security and privacy services offered by scalable on-demand layer-2 MPLS VPN services can be applied in large-scale Grid scenarios and propose a novel network resource abstraction for discovery and setup of on-demand layer-2 Virtual Private Networks. It has been implemented in a Grid Information Service prototype which was successfully tested on a dedicated testbed infrastructure.

Francesco Palmieri

[1] Ian T. Foster,et al. The Anatomy of the Grid: Enabling Scalable Virtual Organizations , 2001, Int. J. High Perform. Comput. Appl..

[2] Eric C. Rosen,et al. Multiprotocol Label Switching Architecture , 2001, RFC.

[3] Waldemar Augustyn. Requirements for Virtual Private LAN Services (VPLS) , 2002 .

[4] Ian T. Foster,et al. Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[5] Eric C. Rosen,et al. Transport of Layer 2 Frames Over MPLS , 2007, RFC.

[6] Steven Tuecke,et al. The Open Grid Services Architecture , 2004, The Grid 2, 2nd Edition.

[7] Andrew G. Malis,et al. A Framework for IP Based Virtual Private Networks , 2000, RFC.

[8] Paul Watson,et al. A Grid Application Framework based on Web Services Specifications and Practices , 2004 .

[9] Ian Foster,et al. The Globus toolkit , 1998 .

[10] Kireeti Kompella. MPLS-based Layer 2 VPNs , 2000 .

[11] Jem Treadwell,et al. Open Grid Services Architecture , 2006, Grid-Based Problem Solving Environments.

[12] John Linn,et al. Generic Security Service Application Program Interface , 1993, RFC.

[13] John Linn,et al. Generic Security Service Application Program Interface, Version 2 , 1997, RFC.

[14] Ian Foster,et al. The Security Architecture for Open Grid Services , 2002 .