Computational & Technology Resources
an online resource for computational,
engineering & technology publications
Civil-Comp Proceedings
ISSN 1759-3433
CCP: 90
Edited by: B.H.V. Topping and P. Iványi
Paper 25

Automation of Security Analysis for Service Grid Systems

S. Acs, M. Kozlovszky and Z. Balaton

Laboratory of Parallel and Distributed Systems, Computer and Automation Research Institute, Hungarian Academy of Sciences, Budapest, Hungary

Full Bibliographic Reference for this paper
S. Acs, M. Kozlovszky, Z. Balaton, "Automation of Security Analysis for Service Grid Systems", in B.H.V. Topping, P. Iványi, (Editors), "Proceedings of the First International Conference on Parallel, Distributed and Grid Computing for Engineering", Civil-Comp Press, Stirlingshire, UK, Paper 25, 2009. doi:10.4203/ccp.90.25
Keywords: service grid, security, vulnerability, gLite, globus, monitoring.

Cyber attacks are an everyday occurrence. They are dangerous to machines with an Internet connection. The service grid networks are available 24 hours a day and such large-scale grids can offer in a magnitude of 30,000-40,000 CPUs for their customers. These kinds of network are always targets of intrusions.

EGEE (Enabling Grids for E-sciencE) [1] grid infrastructure is a good example of that kind of system. The current middleware called gLite [2] is run under Red hat or Red hat like Linux systems (Scientific Linux, Cent OS). It was born from the collaborative efforts of academic and industrial research centres as part of the EGEE project. The security status of each element of the grid network can define the reliability of the entire service system. The security status of the elements are mostly determined by the programs running on the machine and their configuration and of course the appropriate authorization methods and settings.

In order to decrease the number of the weak software elements and to increase the security status of the system, grid administrators should use patch status monitoring system. There are some programs but all of them have the disadvantages of firewall configuration and labour-intensive work when installing the client side. We managed to solve these problems by using the essential service of grids.

We have designed and implemented an application called Grid Site Software Vulnerability Analyzer (GSSVA) which can automatically explore the installed Linux packages of the grid machines. Our approach uses a modified status monitoring system as a basis called PAKITI [3]. It collects important information about the status of the machines and it can analyze the information gathered from security point of view. During this analysis it compares the results using an external information repository to find the security problems of machines. The software collects the data of the gird environment and stores them in a database. The application offers a graphical user interface to visualize the information for grid administrators. In GSSVA administrators do not need to install the client side or configuring the firewalls so we can easily set up a patching status monitoring system.

The GSSVA functioning was analyzed in a production service grid. In this article we describe the developed solution, how the application is functioning in a real service grid environment, the results of some tests gathered from real system, and some experiences we gained during the development and usage of the application.