190 likes | 356 Views
Privacy Protection In Grid Computing System. Presented by Jiaying Shi. Introduction. Grid Computing System Privacy Issues Onion Routing & application Improved approach Conclusion. Grid Computing System. Software & Standard. CORBA (Common Object Request Broker Architecture )
E N D
Privacy Protection In Grid Computing System Presented by Jiaying Shi
Introduction • Grid Computing System • Privacy Issues • Onion Routing & application • Improved approach • Conclusion
Software & Standard • CORBA (Common Object Request Broker Architecture ) • MPI (Message Passing Interface ) • SOAP (Simple Object Access Protocol )
Privacy Issues • The use of a switched public network should not automatically reveal who is talking to whom. • Grid computation shares resources online through the internet, which might not be entirely trustworthy, so anyone may access shared resources. To prevent unwanted users from stealing information, necessary precautions should be done.
Link encryption Link encryption offers a couple of advantages: • if the communications link operates continuously and carries an unvarying level of traffic, link encryption defeats traffic analysis. • More secure
(OR) Onion Routing • is a technique for anonymous communication over a computer network, developed by David Goldschlag, Michael Reed, and Paul Syverson. • The idea of onion routing (OR) is to protect the privacy of the sender and recipient of a message, while also providing protection for message content as it traverses a network.
TOR (The Onion Router) • is a free software implementation of second-generation onion routing – a system enabling its users to communicate anonymously on the Internet. Originally sponsored by the US Naval Research Laboratory • Aiming to protect its users against traffic analysis attacks, Tor operates an overlay network of "onion routers" that enable anonymous outgoing connections and anonymous "hidden" services. • Privoxy is a web proxy program, frequently used in combination with Tor and Squid. It has filtering capabilities for protecting privacy, modifying web page data, managing cookies, controlling access, and selectively removing content such as ads, banners and pop-ups.
To create an onion, the router at the head of a transmission selects a number of onion routers at random and generates a message for each one, providing it with symmetric keys for decrypting messages, and instructing it which router will be next in the path. Work Principle
The client initializes communication and make request send to application proxy and onion proxy gives the order to choose random router to form a random route, which is based on the encryption algorithm. Once the path has been specified, it remains active. The sender can transmit equal-length messages encrypted with the symmetric keys specified in the onion, and they will be delivered along the path. As the message leaves each router, it peels off a layer using the router's symmetric key, and thus is not recognizable as the same message. The last router peels off the last layer and sends the message to the intended recipient. When the connection is broken, all information about the connection is cleared at each Onion Router. Work principle (cont.)
Advantage of TOR • Each Onion Router can only identify adjacent Onion Routers along the route. • Data passed along the anonymous connection appears different at each Onion Router, so data cannot be tracked in route and compromised Onion Routers cannot cooperate.
Disadvantage of TOR • Eavesdropping by Exit Nodes As Tor does not and by design cannot itself encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic which is not encrypted at the application layer,
Improvement on TOR • We add reputation system to nodes including the server nodes. • Reputation system, collect, distribute and aggregate a participant’s past experiences with existing services would be useful to build a level of trust in the agent society helping choosing reliable services.
Improvement on TOR (Cont.) • Components of reputation system: • CA (certificate authority) • a reputation evaluation agent, • a service provider agent, • a client agent
Challenge • The reputation system needs a lot of work on the software infrastructure.
Conclusion • TOR solved the anonymity problem • TOR protected the privacy of message, even if the message be intercepted • The reputation system enhances the security level and protects nodes’ privacy.
References • [1] Jana, D. Chaudhuri, A. Datta, A. Bhaumik, B.B. Privacy Protection of Grid Services in a Collaborative SOA Environment, TENCON 2005 2005 IEEE Region 10 Nov. 2005 Page(s):1 – 6 • [2] Canali, C.; Colajanni, M.; Lancellotti, R. Distributed Architectures for High Performance and Privacy-Aware Content Generation and Delivery, Automated Production of Cross Media Content for Multi-Channel Distribution, 2006. AXMEDIS '06. Second International Conference on Dec. 2006 Page(s):11 – 18 • [3] Porras, P.A. Privacy-Enabled Global Threat Monitoring, Security & Privacy Magazine, IEEE Volume 4, Issue 6, Nov.-Dec. 2006 Page(s):60 – 63 • [4] Yu, Jiong; Cao, Yuanda; Lin, Yonggang; Tan, Li. Research on Security Architecture and Privacy Policy of Grid Computing System, Semantics, Knowledge and Grid, 2005. SKG '05. First International Conference on Nov. 2005 Page(s):3 • [5] Smith, M.; Engel, M.; Friese, T.; Freisleben, B.; Koenig, G.A.; Yurcik, W. Security issues in on-demand grid and cluster computing, Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops, 2006. Volume 2, 2006 Page(s):14 pp. • [6] Onion routing, from Wikipedia 2007, http://en.wikipedia.org/wiki/Onion_routing • [7] Jana D., Chaudhuri A., Datta A., Bhaumik B B. Dynamic User Credential Management in Grid Environment, IEEE International Region 10 Conference, Proceedings of the IEEE TENCON 2005, Nov.21-24, 2005.