Metsch, Thijs (2005) Content-validation of Messages and Policy assurances for a Security-Proxy supporting Grid services. Diplomarbeit, Berufsakademie Mannheim.
|
PDF
774kB |
Kurzfassung
Today Grid computing is an important technology that allows scientists and engineers to solve large and complex problems, to work in complex and heterogeneous environments, and to cooperate in various new ways. In Grid environments integrate distributed computing resources, networks, scientific instruments, data archives and databases, and visualization environments. The virtualization of these resources results in resource environments allowing the dynamic generation of Virtual Organizations (VO) to increase the productivity and quality of scientific work. This work describes a security concept for securing Grid Services in a Firewalled environment. The main aspect of this concept is a security gateway which performs content based checks on incoming Grid requests. This is an application level gateway and it checks SOAP messages of Grid Service requests and decides on the application level (OSI level 7) whether the message should pass the gateway or be blocked. In combination with packet filtering, provided by usual rewall solutions, and encrypted data transfer methods, this allows a shared secured use of Grid resources, separated by security gateways. This can be accomplished without changing the respective Grid middleware and without increasing security risks to an unacceptable level (e. g., by opening network ports). The work on this topic led to the conclusion that with an appropriate concept, modern services based distributed environments can be secured. This concept includes the use of Firewalls and security proxies.
elib-URL des Eintrags: | https://elib.dlr.de/19241/ | ||||||||
---|---|---|---|---|---|---|---|---|---|
Dokumentart: | Hochschulschrift (Diplomarbeit) | ||||||||
Titel: | Content-validation of Messages and Policy assurances for a Security-Proxy supporting Grid services | ||||||||
Autoren: |
| ||||||||
Datum: | 2005 | ||||||||
Open Access: | Ja | ||||||||
Seitenanzahl: | 45 | ||||||||
Status: | nicht veröffentlicht | ||||||||
Stichwörter: | Grid Computing, Grid Security, Firewall, Application Level Gateway, Plug-In | ||||||||
Institution: | Berufsakademie Mannheim | ||||||||
Abteilung: | Informationstechnik | ||||||||
HGF - Forschungsbereich: | Verkehr und Weltraum (alt) | ||||||||
HGF - Programm: | Weltraum (alt) | ||||||||
HGF - Programmthema: | W SY - Technik für Raumfahrtsysteme | ||||||||
DLR - Schwerpunkt: | Weltraum | ||||||||
DLR - Forschungsgebiet: | W SY - Technik für Raumfahrtsysteme | ||||||||
DLR - Teilgebiet (Projekt, Vorhaben): | W - Vorhaben SISTEC (alt) | ||||||||
Standort: | Köln-Porz | ||||||||
Institute & Einrichtungen: | Institut für Simulations- und Softwaretechnik > Verteilte Systeme und Komponentensoftware | ||||||||
Hinterlegt von: | Schreiber, Andreas | ||||||||
Hinterlegt am: | 02 Mär 2009 | ||||||||
Letzte Änderung: | 31 Jul 2019 19:15 |
Nur für Mitarbeiter des Archivs: Kontrollseite des Eintrags