Privacy Protection In Grid Computing System

1
Privacy Protection In Grid Computing System

• Presented by
• Jiaying Shi

2
Introduction

• Grid Computing System
• Privacy Issues
• Onion Routing application
• Improved approach
• Conclusion

3
Grid Computing System
4
Software Standard

• CORBA (Common Object Request Broker Architecture
  )
• MPI (Message Passing Interface )
• SOAP (Simple Object Access Protocol )

5
Privacy Issues

• The use of a switched public network should not
  automatically reveal who is talking to whom.
• Grid computation shares resources online through
  the internet, which might not be entirely
  trustworthy, so anyone may access shared
  resources. To prevent unwanted users from
  stealing information, necessary precautions
  should be done.

6
End-to-End Link encryption
7
Link encryption

• Link encryption offers a couple of advantages
• if the communications link operates continuously
  and carries an unvarying level of traffic, link
  encryption defeats traffic analysis.
• More secure

8
(OR) Onion Routing

• is a technique for anonymous communication over a
  computer network, developed by David Goldschlag,
  Michael Reed, and Paul Syverson.
• The idea of onion routing (OR) is to protect the
  privacy of the sender and recipient of a message,
  while also providing protection for message
  content as it traverses a network.

9
TOR (The Onion Router)

• is a free software implementation of
  second-generation onion routing a system
  enabling its users to communicate anonymously on
  the Internet. Originally sponsored by the US
  Naval Research Laboratory
• Aiming to protect its users against traffic
  analysis attacks, Tor operates an overlay network
  of "onion routers" that enable anonymous outgoing
  connections and anonymous "hidden" services.
• Privoxy is a web proxy program, frequently used
  in combination with Tor and Squid.
• It has filtering capabilities for protecting
  privacy, modifying web page data, managing
  cookies, controlling access, and selectively
  removing content such as ads, banners and
  pop-ups.

10
Work Principle

• To create an onion, the router at the head of
  a transmission selects a number of onion routers
  at random and generates a message for each one,
  providing it with symmetric keys for decrypting
  messages, and instructing it which router will be
  next in the path.

11
Work principle (cont.)

• The client initializes communication
• and make request send to application proxy
• and onion proxy gives the order to choose random
  router to form a random route, which is based on
  the encryption algorithm. Once the path has been
  specified, it remains active.
• The sender can transmit equal-length messages
  encrypted with the symmetric keys specified in
  the onion, and they will be delivered along the
  path.
• As the message leaves each router, it peels off
  a layer using the router's symmetric key, and
  thus is not recognizable as the same message.
• The last router peels off the last layer and
  sends the message to the intended recipient.
• When the connection is broken, all information
  about the connection is cleared at each Onion
  Router.

12
Advantage of TOR

• Each Onion Router can only identify adjacent
  Onion Routers along the route.
• Data passed along the anonymous connection
  appears different at each Onion Router, so data
  cannot be tracked in route and compromised Onion
  Routers cannot cooperate.

13
Disadvantage of TOR

• Eavesdropping by Exit Nodes
• As Tor does not and by design cannot itself
  encrypt the traffic between an exit node and the
  target server, any exit node is in a position to
  capture any traffic which is not encrypted at the
  application layer,

14
Improvement on TOR

• We add reputation system to nodes including the
  server nodes.
• Reputation system, collect, distribute and
  aggregate a participants past experiences with
  existing services would be useful to build a
  level of trust in the agent society helping
  choosing reliable services.

15
Improvement on TOR (Cont.)

• Components of reputation system
• CA (certificate authority)
• a reputation evaluation agent,
• a service provider agent,
• a client agent

16
Challenge

• The reputation system needs a lot of work on the
  software infrastructure.

17
Conclusion

• TOR solved the anonymity problem
• TOR protected the privacy of message, even if the
  message be intercepted
• The reputation system enhances the security level
  and protects nodes privacy.

18
References

• 1 Jana, D.   Chaudhuri, A.   Datta, A.  
  Bhaumik, B.B. Privacy Protection of Grid Services
  in a Collaborative SOA Environment, TENCON 2005
  2005 IEEE Region 10 Nov. 2005 Page(s)1 6
• 2 Canali, C. Colajanni, M. Lancellotti, R.
  Distributed Architectures for High Performance
  and Privacy-Aware Content Generation and
  Delivery, Automated Production of Cross Media
  Content for Multi-Channel Distribution, 2006.
  AXMEDIS '06. Second International Conference on
  Dec. 2006 Page(s)11 18
• 3 Porras, P.A. Privacy-Enabled Global Threat
  Monitoring, Security Privacy Magazine, IEEE
  Volume 4, Issue 6, Nov.-Dec. 2006 Page(s)60 63
• 4 Yu, Jiong Cao, Yuanda Lin, Yonggang Tan,
  Li. Research on Security Architecture and Privacy
  Policy of Grid Computing System, Semantics,
  Knowledge and Grid, 2005. SKG '05. First
  International Conference on Nov. 2005 Page(s)3
• 5 Smith, M. Engel, M. Friese, T. Freisleben,
  B. Koenig, G.A. Yurcik, W. Security issues in
  on-demand grid and cluster computing, Sixth IEEE
  International Symposium on Cluster Computing and
  the Grid Workshops, 2006. Volume 2, 2006
  Page(s)14 pp.
• 6 Onion routing, from Wikipedia 2007,
  http//en.wikipedia.org/wiki/Onion_routing
• 7 Jana D., Chaudhuri A., Datta A., Bhaumik B B.
  Dynamic User Credential Management in Grid
  Environment, IEEE International Region 10
  Conference, Proceedings of the IEEE TENCON 2005,
  Nov.21-24, 2005.

19
Questions?