Biblio

As the Future Internet arrives, more complex, service-based applications are spreading. These applications pose several challenges, including the huge amount of entities that must interact and their het- erogeneity. The success of these applications depends on the collaboration and communication of these entities, that might belong to different or- ganizations and administrative domains. Therefore, trust and reputation become two crucial issues. We propose the specification and design of a service-based security architecture that stresses the delivery of trust and reputation services to any application that might require them.

 Mobile Grid, is a full inheritor of the Grid with the additional feature that it supports mobile users andresources. Security is an important aspect in Grid based systems, and it is more complex to ensure thisin a mobile platform owing to the limitations of resources in these devices. A Grid infrastructure that supportsthe participation of mobile nodes and incorporates security aspects will thus play a significant rolein the development of Grid computing. The idea of developing software through systematic developmentprocesses to improve software quality is not new. However, many information systems such as those ofGrid Computing are still not developed through methodologies which have been adapted to their mostdifferentiating features. The lack of adequate development methods for this kind of systems in whichsecurity is taken into account has encouraged us to build a methodology to develop them, offering adetailed guide for their analysis, design and implementation. It is important to use software V&V techniques,according to IEEE Std. 1012 for Software Verification and Validation, to ensure that a software systemmeets the operational needs of the user. This ensures that the requirements for the system arecorrect, complete, and consistent, and that the life-cycle products correctly design and implement systemrequirements. This paper shows part of a development process that we are elaborating for the constructionof information systems based on Grid Computing, which are highly dependent on mobile devices inwhich security plays a highly important role. In the design activity of the process, we design a securityarchitecture which serves as a reference for any mobile Grid application that we wish to build since thissecurity architecture defines a complete set of security services which will be instantiated depending onthe requirements and features found in previous activities of the process. A V&V task is also defined in thedesign activity to validate and verify both the architecture built and the traceability of the artifacts generatedin this activity. In this paper, we will present the service-oriented security architecture for MobileGrid Systems which considers all possible security services that may be required for any mobile Grid application.

 Grid computing has arisen as an evolution of distributed systems mainly focused on the sharing of and remote access to resources in a uniform, transparent, secure, efficient and reliable manner. It is possible to join Grid technology and mobile technology in order to create one of the most promising technologies and developments to appear in recent years, in that they enrich one another and provide new solutions that solve many of the limitations and problems found in different technologies. Security is a very important factor in Mobile Grid Computing and is also difficult to achieve owing to the open nature of wireless networks and heterogeneous and distributed environments. Success in obtaining a secure system originates in incorporating security from the first stages of the development process. It has therefore been necessary to define a development process for this kind of systems in which security is incorporated in all stages of the development and the features and particularities of the Mobile Grid systems are taken into consideration. This paper presents one of the activities of this development process, the design activity, which consists of defining and designing a security software architecture. This architecture will be built from a security architecture, defined as reference architecture, in which security services, interfaces and operations are defined with the purpose of defining a reference security architecture which covers the majority of security requirements identified in the analysis activity. The design activity will build the system architecture that will be the input artefact for the subsequent activity in the process, which is the construction activity.

This paper describes the security framework that is to be developed for the generic grid platform created for the project GREDIA. This platform is composed of several components that need to be secured. The platform uses the OGSA standards, so that the security framework will follow GSI, the portion of Globus that implements security. Thus, we will show the security features that GSI already provides and we will outline which others need to be created or enhanced.

Mobile Grid systems allow us to build highly complex information systems with various and remarkable features (interoperability between multiple security domains, cross-domain authentication and authorization, dynamic, heterogeneous and limited mobile devices, etc), which demand secure development methodologies to build quality software, offering methods, techniques and tools that facilitate the work of the entire team involved in software development. These methodologies should be supported by Grid security architectures that define the main security aspects to be considered, and by solutions to the problem of how to integrate mobile devices within Grid systems. Some approaches regarding secure development methodologies of Grid security architectures and of the integration of mobile devices in the Grid have been found in literature, and these are analyzed and studied in this paper, offering a comparison framework of all the approaches related to security in Mobile Grid environments.

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software’s development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.