A Scalable Security Model for Enabling Dynamic Virtual Private Execution Infrastructures on the Internet

• Published in: 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid pp. 348 - 355
• Main Authors: Primet, P.V.-B., Gelas, J.-P., Mornard, O., Koslovski, G., Roca, V., Giraud, L., Montagnat, J., Huu, T.T.
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.05.2009
• Subjects: authorization; Computer networks; Computer vision; Environmental management; Execution Infrastructure as a service; Grid computing; Hip; Internet; Large-scale systems; Public key cryptography; Resource virtualization; Security; SPKI
• ISBN: 1424439353; 9781424439355
• DOI: 10.1109/CCGRID.2009.76

With the expansion and the convergence of computing and communication, the dynamic provisioning of customized processing and networking infrastructures as well as resource virtualization are appealing concepts and technologies. Therefore, new models and tools are needed to allow users to create, trust and exploit such on-demand virtual infrastructures within wide area distributed environments. This paper proposes to combine network and system virtualization with cryptographic identification and SPKI/HIP principles to help the user communities to build and share their own resource reservoirs. These ideas are implemented in the HIPerNet framework enabling the creation and the management of customized confined execution environments in a large scale context. Based on the example of biomedical applications, the paper focuses on the security model of the HIPerNet system and develops the key aspects of our distributed security approach. Then the paper discusses and illustrates how HIPerNet solutions fulfill the security requirements of applications through different scenarios.