|
ИСТИНА |
Войти в систему Регистрация |
Интеллектуальная Система Тематического Исследования НАукометрических данных |
||
Development of new security infrastructure design principles for distributed computing systems based on open protocolsстатья
Дата последнего поиска статьи во внешних источниках: 6 января 2019 г.
- Авторы: Dubenskaya Yu Yu, Kryukov A.P., Demichev A.P.
- Журнал: CEUR Workshop Proceedings
- Том: 1787
- Год издания: 2017
- Издательство: M. Jeusfeld c/o Redaktion Sun SITE, Informatik V, RWTH Aachen
- Местоположение издательства: Aachen, Germany
- Первая страница: 507
- Последняя страница: 511
- Аннотация: The report presents our current work on design and development of security infrastructure of modern kind that is intended for different types of distributed computing systems (DCS). The main goal of the proposed approach is to provide users and administrators with transparent, intuitive and yet secure interface to the computational resources. The key points of the proposed approach to security infrastructure development are listed as follows: All the connections in the DCS must be secured with SSL/TLS protocol. Initial user authentication is performed using a pair of login and password with the use of multifactor authentication where necessary. After successful login a user obtains a special session key with a limited validity period for further password-free work. Every single computational request is protected by the individual hash which is not limited in time. These hashes are registered by the special authentication and authorization service, and states of the hashes are tracked on real time. The service also provides online requests authorization for delegation of user rights to the other services in the DCS. A prototype of the proposed security infrastructure was deployed on a testbed. It includes an authentication and authorization service, an execution service, a storage management service, and a user interface. Various tests have shown that the proposed algorithm and architecture are competitive in terms of functionality, usability, and performance. The results can be used in the grid systems, cloud structures, large data processing systems (Big Data), as well as for the organization of remote access via the Internet to supercomputers and computer clusters.Keywords: security infrastructure, distributed computing systems, authorization, authorization
- Добавил в систему: Дубенская Юлия Юрьевна