No.044 Grid and Cloud Security: A Confluence

NII Shonan Meeting:

@ Shonan Village Center, March 24-27, 2014

NII Shonan Meeting Report (ISSN 2186-7437):No.2014-3


  • Barton P. Miller, University of Wisconsin, USA
  • Yoshio Tanaka, AIST, Japan
  • Elisa Heymann, Universitat Autónoma de Barcelona, Spain


Topics of the Seminar

The threats are clear: crime gangs, rogue nation-states and terrorists are using the Internet to raise money, steal information, promote their causes, and disrupt the infrastructure of those that they oppose. These organizations are motivated, well funded, and highly skilled.

The cost to society of not addressing these threats is high: lost revenue and funds, lost data, violated privacy, disrupted network services, and even the potential to disrupt physical services. Often the extent of damaged is not known until long after an attack is successfully executed.

The target environment is rich: online services and databases that hold valuable personal, financial, commercial, and scientific data, and that provide critical services to each of thes areas. The cost of disruption can be measured in terms of monetary loss, damage to business, loss of privacy, and severe delays in scientific progress.

In the past several years, Grids and Clouds have emerged as particularly productive environments for leveraging the technology of the Internet

  1. Computational Grids: Grids bring together and dynamically manage a diverse and geographically distributed collection of users, data sources, computational resources, networks, and data sources to solve problems that no single organization can attempt. Organizations must manage complex patterns of sharing, data movement, and remote access.
  2. Cloud Computing: Clouds virtualize computing resources, allowing an organization to dynamically provision their computational, service, and storage needs from a cloud provider. The cloud provider controls access, sharing, and allocation of resources to a diverse customer base.

In each of these two environments, unrelated users are accessing common computational, network, and storage resources, and organizations are extending their trust boundaries well beyond the traditional physical limitations of their own facilities.

The software that comprises the services provided by each of these environments is complex and multifaceted, and not well understood by the typical user. As a result, the threats that seem obvious to a user may have an actual risk that is quite minimal, while there are significant and emerging threats of which users are completely unaware.

Our goal for this Seminar is to take advantage of Shonan’s unique environment to bring together a diverse community of researchers, practitioners, and developers across several dimensions:

  1. Grid and Cloud security;
  2. Industry, government, and academia;
  3. Theoretical and practical interests; and
  4. Scientific and business communities.

Goals of the Seminar

A Shonan meeting offers the unique opportunities to harvest the benefits of both a meeting of Grid and Cloud experts as well as a meeting of practitioners and theoreticians. The week-long format offers an opportunity for these communities to familiarize themselves with each other and establish a basis for collaboration. Such a joining of disparate communities is difficulty to achieve in a typical workshop. Thus, the seminar is to answer the following questions among others:

  • A meeting of experts from the Grids and Clouds area:

-Grid computing and its predecessors (distributed computing, metacomputing, . . . ) has long had to address security issues. How can we leverage these lessons and apply them to Clouds?
-What solutions are coming from Cloud computing that can be applied to Grids?
-What new challenges come as Grids extend into the Clouds, using such facilities as dynamically provisioning Grids from Cloud resources?

  • A meeting of practitioners and theoreticians: Security meetings and projects tend to have either a strong theoretical or practical bent.

-What recent theoretical results in security can improve our way of securing Grids and Clouds?
-What are the most current pressing practical problems in Grids and Clouds for which we would like to see new algorithms and techniques?

IT security management is typically divided into the areas of confidentiality, integrity, and availability. ?Having the chance to gather experts from all these areas guarantees a comprehensive overview on the subject. During the week-long session, we will provide an opportunity to share each other’s experiences, leverage each other’s knowledge, and develop a joint strategy for securing these critical computational and informational resources as Grids and Clouds do offer.

The meeting would consist of representative background presentations to set the context for discussions, and sessions for working groups with common interests. Working group sessions will allow us to spend the extended time needed understand specific problems in depth, develop approaches to their solution, and form stronger international and interdisciplinary collaborations. While the actual topic of the working groups will be developed by the attendees during the first few days of the seminar, some example topics might include:

  1. Approaches to cross-Cloud and Grid authentication;
  2. Novel threat models and attack scenarios in virtual machine environments;
  3. Manual vs. automated evaluation of system security;
  4. Computer science curriculum design in an information security age;
  5. Security challenges for open source software;
  6. Software supply chain management in multi-organization distributed systems.

In addition to the practical progress expected from the working gropus, the proposed seminar will define an agenda for moving forward and strengthen the cooperation between Asia, United States, Europe, Australia, and South America in the security area.

Comments are closed.