Trust Relationships in Grid CHEP 07 Mine Altunay.
-
Upload
heather-cannon -
Category
Documents
-
view
219 -
download
0
Transcript of Trust Relationships in Grid CHEP 07 Mine Altunay.
Trust Relationships in Grid
CHEP 07Mine Altunay
Organizational Structures
Traditional organizations• brick and mortar• well-defined hierarchy• up-down info flow• face-face time• everyone knows their placeand responsibility
Grid communities• virtual• flat organization• side-side info flow• willing collaboration • limited face-face time
Trust: Essential ingredient in Grids
• Collaboration based on trust• Trust is relationship between two parties such that one partybelieves the other one does what s/he promises to do• Three key factors of a trust relationship: • when
• time the parties should perform, clear start-end dates• how
• under the conditions parties perform • what
• actions they perform
How Grid participants cultivate trust
• Ad-hoc , immature
process• Use established
contacts• Meet face-face• Phone your friends
up • Manual processing
Current
• Automated
processes to build, grow and monitor trust relationships
• Trust relationship lifecycle
• Cultivate transitive trust relationships
Our Goal
Formalizing trust relationship
TrustA(B, Action, Period, Cond) = Level of Assurance
A’s trust in B to perform action under the condition cond during the time period is equal to the level of assurance LoA, where LoA Є (low, high, medium)
• Unidirectional, non-reflexive – A trust B ≠ B trusts A
• Transitive function– A trusts B, B trusts C A trusts C
Benefits of Formalization
• Categorize trust relationships based on levels of assurance
• Monitor relationships• Reach agreements between two parties
– Well-defined expectations
• Promote collaborations
Trust Relationship Lifecycle
Definition
Categorization
Agreement
Publication
Monitoring
Termination
Restoration
Definition
• name the parties• define actions• define the conditions
Categorization
• determine level of assurance
Agreement
• reach an agreement over the trust relationship• establish non-repudiation and traceability
Publication
• publish the agreement to all involved parties• use for monitoring
Monitoring
• enforce the agreement• sample behavior • detect non-compliant behavior• store info for future trust relationships
Termination
• end the trust relationship
Restoration
• restore the terminated trust relationship
Transitive Trust
VO #1
Site#1
VO#2
Site#3
Site#2
VO #1 Member
Transitive re
lationships
Transitive relationship
Transitive trust relationships
• Builds a web of trust• Reduces one-one relationships• Broadens available resources • Eases collaboration
OSG
VO
Site
register
regi
ster
register
Ad-hoc
VOSite
Complete trust life-cycle-- Automated trust establishment-- Service-level agreements-- Agreed upon access rights-- Agreed usage policy-- Monitoring of trust-- enforcements (breach of agreements)
Trusting in Grid
Trust: Essential Ingredient in Grids
• when the time parties should perform• how under the conditions they perform • what actions they perform
The Current
meet face-face Phone your friends up
Formalizing Trust relationshipTrustA(B, Action, Period, Cond) = Level of Assurance
A’s trust in B to perform action under the
condition cond during the time period is equal
To the level of assurance LoA, where LoA Є
(low, high, medium)
• reach an agreement • establish non-repudiation and traceability
Definition
Categorization
Agreement
Publication
Monitoring
Termination
Restoration• name the parties• define actions• define conditions
• determine level of assurance
• publish the agreement to all involved parties• use for monitoring
• sample behavior • detect non-compliance• store info for future
• end the trust relationship
• restore the terminated relationship
Trust Life-Cycle
One-One Trust Relationships
Benefits of Trust Formalization
Categorize trust relationships based on
levels of assurance
Reach agreements between two parties
Well-defined expectations
Monitor relationships
Enforcement of the agreements
-- Unidirectional, non-reflexive
A trust B ≠ B trusts A
-- Transitive function
A trusts B, B trusts C A trusts C
One-onetrust
VO #1
Site#1
VO#2
Site#3
Site#2
VO #1 memberTransitiv
e trust re
lationships
Transitive trust relationship
One-onetrust
One-onetrust
On
e-on
etru
st
One-onetrust
VO Site
Complete trust life-cycle• Automated trust establishment• Service-level agreements• Agreed upon access rights• Agreed usage policy• Monitoring of trust• Enforcements (breach of agreements)
register OSGVO
Site
regi
ster
register
Ad-hocmissing link
Our Goal
• Build web of trust• Reduces one-one relationships• Broadens available resources • Eases collaboration
Why essential ?
What is it?
Trust is a relationship between two parties such that one party believes the other one does what s/he promises to do
• hierarchical• brick and mortar• up-down info flow• face-face time
• flat organization• virtual• side-side info flow• willing collaboration
Grid depends on collaborationsCollaborations depends on trustThus, grid depends on trust
Grid community:
vs.
Traditional Organization
How to fo
rmalize
it ?
How to accomplish it ?
Our Goal
Our Goal
The OSG process for establishing trust: registration agreements, agreed usage policies (AUP)
OSG