CIS seminar with Wenbo Mao
Speaker: Wenbo Mao , Director of EMC Research China
Date: December 14 2007
Time: 2:30PM to 4:00PM
Location: NOW IN 32-G449 Patil-Kiva
Contact: Be Blackburn, 3-6098, email@example.com
A grid builds for a resource-scarce user a virtual organization (VO) of unbounded computational and/or storage capacity by pooling heterogeneous resources from real organizations. A VO is a multitenancy environment in two senses: (i) a user is a tenant of multiple resource providers (lessors) for one batch of jobs and (ii) each lessor can host multiple tenants. Ideally, commercial organizations in particular resource-under-utilized financial institutions, should ``go for grid'' to become lessors. However currently such multitenancy grids are not in commercial adoption yet. Inadequate grid security is a main hurdle holding commercial organizations from becoming lessors. A missing security service is behavior conformity: a tenant mustn't cause damage to the lessor or other tenants, and conversely, the lessor mustn't compromise the proprietary code/data of a tenant.
Project Daoli attempts to strengthen grid security by adding behavior conformity. We will apply Trusted Computing Group's (TCG) technology as our means to behavior conformity and we do so by working on virtualization in two layers in the software stack. In the OS layer, a highly-privileged hypervisor for memory arbitration will be measured by a Trusted Platform Module (TPM) to achieve isolation between processes of different tenants. Above OSes a grid middleware will achieve virtualization of hardware platforms and commodity OSes so that a unique VO code of a tenant for remote policy enforcement can run across a heterogeneous environment. The VO code and/or data which need confidentiality and/or integrity protection are secured by cryptographic credentials. By calling the standard credential migration function of TCG, VO's credentials can be migrated from one TPM to another along the leased platforms.
See other events that are part of Cryptography and Information Security Seminars 2007/2008
See other events happening in December 2007