Research Article
Building a Demilitarized Zone with Data Encryption for Grid Environments
@INPROCEEDINGS{10.4108/gridnets.2007.2160, author={Matthias Schmidt and Matthew Smith and Niels Fallenbeck and Hans Picht and Bernd Freisle}, title={Building a Demilitarized Zone with Data Encryption for Grid Environments}, proceedings={1st International ICST Conference on Networks for Grid Applications}, publisher={ICST}, proceedings_a={GRIDNETS}, year={2007}, month={10}, keywords={Grid computing cluster computing network-level security and protection site security monitoring cryptography}, doi={10.4108/gridnets.2007.2160} }- Matthias Schmidt
Matthew Smith
Niels Fallenbeck
Hans Picht
Bernd Freisle
Year: 2007
Building a Demilitarized Zone with Data Encryption for Grid Environments
GRIDNETS
ICST
DOI: 10.4108/gridnets.2007.2160
Abstract
Security and data integrity are important aspects in the fields of Grid and cluster computing. When these two areas are combined, the security issues intermingle and new security concepts are needed to ensure protection of both Grid users and local cluster users. In this paper, a novel dual laned Demilitarized Zone (DMZ) to protect local clusters from Grid attacks is introduced. The Globus Security Infrastructure (GSI) is extended to enable safe end-to-end encryption of Grid jobs through the DMZ and into virtualized execution hosts. Finally, an integrated Network Intrusion Detection System with Grid-specific rules, further protecting the Grid DMZ, is presented.
Copyright © 2007–2024 ICST