comparison of different security infrastructure implementations
DESCRIPTION
Comparison of different security infrastructure implementations. Olle Mulmo, KTH. Before we take the next step forward…. Stop and take a breath Look at what people have done so far Try to compare Be ignorant to technology details. State of the world. 3 rd party. RA. Org. Org. Org. gw. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/1.jpg)
Comparison of different security infrastructure
implementations
Olle Mulmo, KTH
![Page 2: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/2.jpg)
Before wetake the next step forward…
Stop and take a breath
Look at what people have done so far
Try to compare
Be ignorant to technology details
![Page 3: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/3.jpg)
State of the world
3rd party3rd party
OrgOrg OrgOrgOrgOrgRARA
gwgw gwgwgwgw
![Page 4: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/4.jpg)
Analyzed Characteristics
Underlying Assumptions Usage scenario Lifetime & scale of operations
Setup Trust anchors Commitments
![Page 5: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/5.jpg)
Analyzed Characteristics (cont)
Registration Bootstrap for a resource provider Bootstrap for a user
Security concerns Local control Privacy Audit Acceptance
![Page 6: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/6.jpg)
Analyzed Characteristics (cont)
Dynamics Setup & Registration “lightweight”? Adding/removing a user Adding/removing a member org Handling Lusers and Loosers
![Page 7: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/7.jpg)
Scenarios
Unique ID & VO affiliation
Federation / gateway model
VO control + sandboxing
![Page 8: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/8.jpg)
Unique ID & VO affiliation (#1)
OrgOrg OrgOrgOrgOrg
3rd party3rd party
VO VO
gwgw gwgwgwgw
RARA
trust
VO
msg
![Page 9: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/9.jpg)
Unique ID & VO affiliation (#2)
OrgOrg OrgOrgOrgOrg
3rd party3rd party
VO VO
gwgw gwgwgwgw
RARA
trust
VO
msg
![Page 10: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/10.jpg)
Unique ID & VO affiliation (#3)
OrgOrg OrgOrgOrgOrg
3rd party3rd party
VO VO
gwgw gwgwgwgw
RARA
trust
VO
msg
![Page 11: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/11.jpg)
Unique ID & VO affiliation
Different trust sources for AuthN and AuthZ Local control Allows for widely different levels of
operational trust
![Page 12: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/12.jpg)
Federation / gateway model (#1)
3rd party3rd party
OrgOrg OrgOrgOrgOrgRARA
gwgw gwgwgwgw
trust
VO
msg
??
![Page 13: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/13.jpg)
Federation / gateway model (#2)
3rd party3rd party
OrgOrg OrgOrgOrgOrgRARA
gwgw gwgwgwgw
trust
VO
msg
![Page 14: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/14.jpg)
Federation / gateway model
Organizational based trust Assumptions on infrastructure Higher demands on operational trust
![Page 15: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/15.jpg)
VO control + sandboxing
3rd party3rd party
OrgOrg OrgOrgOrgOrgRARA
VO
trust
VO
msg
![Page 16: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/16.jpg)
VO control + sandboxing
3rd party3rd party
OrgOrg OrgOrgOrgOrgRARA
VO
trust
VO
msg
![Page 17: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/17.jpg)
VO control + sandboxing
VO runs the show Prepackaged, domain specific Little or no local control Trust by reputation
![Page 18: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/18.jpg)
Comparisons
I have tried my best to be impartial and objective “Is this hard to do or not?”
Over-simplified conclusions “difficult” vs “easy”
![Page 19: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/19.jpg)
Comparisons
Underlying assumptions UID+local enforcement Federation VO centric controlScenario many orgs, many VOs,
different needs. Preserve local control
large orgs and enterprises, trust on an organizational level
VO controls what to run where (cycle scavanging, prepackaged binaries, sandboxing)
Lifetime & scale of operations long-lived, static, any scale
long-lived, static, large-scale
long-lived, non-static, large-scale
Lack of support for short-lived lifetimes & small-scale operations
![Page 20: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/20.jpg)
Comparisons
Setup UID+local enforcement Federation VO centric controlTrust anchors CA and VO management (CA), common VO
policyVO (blind trust, reputation)
Commitments CA management (long-term, trustworthy), VO management (???)
Long-term, trustworthy, gateways need to operate according to external requirements
Basically none. Resource providers may come and go
![Page 21: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/21.jpg)
Comparisons
Registration UID+local enforcement Federation VO centric controlBootstrap for resource prov difficult: multiple trust
anchors, local configdifficult: operate trustworthy gw is hard, local config
easy: install sandbox environment
Bootstrap for user Get ID (1, pain) get VO membership (N, less pain)
transparent (reuse organizational trust fabric)
transparent / get VO membership
Bootstrap for VO hard: Management infrastructure (although mileage may vary)
medium: membership description, re-use organizational trust fabric
hard: have to do everything
![Page 22: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/22.jpg)
Comparisons
Security Concerns UID+local enforcement Federation VO centric controlPrivacy / Anonymity Not really (pseudonymity
possible)Yes Yes
Audit Yes Yes Not reallyAcceptance Good Good PoorPolicy Intersection of VO and
local policyIntersection of VO and local policy
VO in complete control
![Page 23: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/23.jpg)
Comparisons
Dynamics UID+local enforcement Federation VO centric controlSetup of 2nd VO easy easy difficultAdding/removing a user difficult easy easyAdding/removing a member org easy difficult easyLusers and Loosers yes no yes
![Page 24: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/24.jpg)
Conclusions
No single model strikes out as #1 Lack of support for short-lived, small-scale,
light-weight operations
![Page 25: Comparison of different security infrastructure implementations](https://reader035.vdocuments.us/reader035/viewer/2022081519/56814781550346895db4b1e9/html5/thumbnails/25.jpg)
Topics for discussion
What model is most likely a best fit fora) academia, b) industry?
Are there alternatives? What characteristics should we focus on in
the near-term?