Grid computing and security issues
We plan to develop the Grid computing features of the TECC in four stages. These are described in more detail below.
Stage 1: The parallel high performance computer cluster with 16 processors (TYAN) and appropriate network communication hardware is now installed and operating. TYAN is based on Linux and uses the MPI (Message Passing Interface) library for implementing parallel and distributed routines. This is the only stage that is being funded by the NATO grant that set up the TECC. Stages 2- 4 will require additional funding and we are currently working on the grant applications to get these funds.
Stage 2: Globus middleware will be installed the TYAN cluster. This includes the process of generating user certificates and integrating into the world network. We plan to include the 54 personal computers of the TNEU digital library as computational nodes of the Grid system via this Globus middleware. These PCs can be used as Grid nodes everyday from 8:00pm until 8:00am. Thus, at times we will have a Grid network consisting of 70 CPUs, and this system can be used for the computationally-intensive tasks of TNEU’s Research Institute of Intelligent Computer Systems such as parallel neural networks training, and facial recognition.
Stage 3: The Globus middleware will be installed on appropriate high-performance or cluster systems of TECC members. At this point the TECC Grid System will become operational.
Stage 4: The TECC Grid System Obtained will be connected to the Grid-segment of Ukrainian National Academy Sciences (www.acadgrid.org.ua) and the Grid-segment of the Ukrainian Ministry of Education and Sciences (www.grid.ntu-kpi.kiev.ua) using the UarNet and URAN networks. This expanded Grid-system can then be used for execution computationally-intensive research tasks inside and outside Ukraine. We will base the security system for the TECC Grid system on the approach described in. This system will have the following features: 1. It must be intelligent. The main component of this system will be a software agent. 2. It must be distributed. Since Grid components are widely separated and have their own links to the Internet, by its nature any system seeking to defend the TECC Grid must be distributed. 3. It is intelligently layered. Thus, we will have agents at each layer of the system. In particular, an agent at the (i+1)-st layer consists of several agents from the i-th layer and so on. 4.It will exploit self-similarity. The TECC Grid system can be considered a functionally homogeneous self-similar system with unlimited number of layers and agents on each layer, which can be described by a matrix. The agents execute similar processes but they have different algorithms to be executed on different layers of the system. We want our security system to use this architectural feature for its own architecture. Our Grid security system will provide confidentiality, integrity, availability and procedural monitoring of information resources. It can be shown that confidentiality, integrity, availability and procedural monitoringare a sufficient base upon which to synthesize every feature of information security.For example, confidentiality is the basis for implementing such functional features asidentification, authentication, unauthorized access, electronic signature, etc. Integrity allows regulating the following characteristics of an information security subsystem: integrity, safety, tolerance, fault-tolerance, redundancy, etc. Procedural monitoring allows synthesizing warrantability, accountability, delivery, audit, observability and other characteristics.