Daoli--Grid security via Trusted Computing protected virtualization

Wenbo Mao, EMC Research

A grid builds a virtual organization (VO) of unbounded computational and storage capacity by pooling heterogeneous resources from real organizations. A grid user is typically a resource scarce entity while having a large quantity of jobs to be processed. With the user in need of resources from resourceful organizations, we shall name a user a resource lessee and the latter entities resource lessors. Currently grids in such a lessee-lessor-VO structure are not in commercial adoption yet. Ideally, commercial enterprises, like resource-abundant-and-under-utilized financial institutions, should go for the grid, i.e., become lessors. Inadequate grid security currently prevents commercial organizations from being lessors. A missing security service is behavior conformity: VO code must not damage the lessor, and conversely, the lessor must not compromise the VO proprietary information.

Project Daoli attempts to strengthen grid security by adding behavior conformity to grid computing. We will apply Trusted Computing Group's (TCG) technology as our means to behavior conformity and we do so by working on virtualization in two layers in the software stack. In the OS layer, a highly-privileged hypervisor for memory arbitration will be measured by a Trusted Platform Module (TPM) to achieve isolation between processes. Above OSes a grid middleware will achieve virtualization of hardware platforms and commodity OSes so that a unique VO code for policy enforcement can run on the middleware across a heterogeneous environment. The VO code and/or data which need confidentiality and/or integrity protection are secured by cryptographic credentials. By calling the standard credential migration function of TCG, VO credentials can be migrated from one TPM to another along the leased platforms.

11 Dec (Tuesday) at 1630 hrs

Gates 4B (opposite 490)