Daonity: An Experience on Enhancing Grid Security by Trusted Computing Technology

摘要

A critical problem for grid security is how to gain secure solution for Grid virtual organization (VO). In Grid practice at present, issues of VO security rely on non-distributed policy management and related PKI mechanism. A practical but difficult solution is to enforce fine granularity policy over distributed sites. The emerging Trusted Computing (TC) technologies offer great potential to improve this situation. In our Project Daonity, Trusted Platform Module (TPM), as a tamper-resistance module, is shared as a strong secure resource among platforms of grid users. Based on the sharing mechanism, a TC-enabled architecture is proposed to improve Grid Security Infrastructure, especially authorization protection and single sign on are enhanced to demonstrate how to gain enhanced and distributed security in grid environment.