Privacy protection of grid service in distributed architectures
advertisement
Privacy protection of grid service in distributed architectures Jiaying Shi Department of Computer Science University of Windsor Windsor, ON, N9B 3P4 Canada shiv@uwindsor.ca Abstract Grid computing has extended the web application in a large scale for a request-response interaction between service providers and service consumers. Yet, the wide acceptance of the grid technology has created pressure to add some features that were not part of its original design, such as security, privacy, and quality-of-service support [4]. In this paper, we try to emerge a different approach in protecting privacy during the grid service in distributed architectures. Keywords Grid computing, privacy, onion routing, distributed system 1. Introduction The advent of Internet with its immense usage around the world has lead computing shift from traditional mainframe based computing and subsequent personal computing to distributed computing and grid computing. Aggregation of large number of powerful nodes can achieve a huge computing power by collaborating with each other. And this same versatility makes it rather easy to compromise data privacy in grid applications [4]. The aim of our study on performance and privacy in the distributed architecture is to find out a better solution to achieve good computing power while maintain good privacy for the users. In distributed architectures, to achieve a better performance, we should not only take the request-response time between providers and consumers into consideration, but also the local process time. To reduce the response time, the recent trend of modern web system is towards highly distributed intermediate architectures that exploit server nodes located close to the clients to replicate contents and services, as can be observed in recent literature [2]. Besides the cost, most adaptation services are based on information concerning the user, the so called user profile, which may include sensitive information, such as geographic location, navigation history and personal preferences. Privacy issues related to the management of user profiles are extremely critical in the case of a system consisting of geographically distributed servers, due to the difficulty in guaranteeing a high level of security for immense distributed nodes [2]. In this paper, we try to explore the performance of using onion routing in the distributed architecture through comparison with using recent encryption method. The remaining of this paper is organized as follows. Section 2 discusses some related works. Section 3 describes distributed-core architecture, while section 4 describes the onion routing. Section 5 briefly describes AES. Section 6 explains our own approach. Finally, section 7 contains some concluding remarks and future works. 2. Related works Traditional well-known identity management and access control technologies, e.g. X.509 certificates, Secure Sockets Layer (SSL) communication protocol etc. The earlier work [7] used dynamic user credential management by using dynamic token generation for the communicating session. That scheme makes the grid environment more security and less hack-proneness. The dynamic token generated forms parts of the private key and user id of the client provides the public key in terms of PKI (Public Key Infrastructure) [7]. There was another work using encryption or signing a portion of a XML document so that same XML can float through multiple service providers with different sections locked for view by a particular server. The particular server can unlock only his designated portion. Then the XML content floats to next server in the chain. Finally, it comes back with all the reply, keeping confidentiality and privacy of the individual service providers. 3. Distributed architecture After doing some research on other’s works, we realize the importance of providing privacy in the user profile management. The information contained in the user file can be divided into two parts: personal, the information considered to be confidential and impersonal, information can be made public. So how to protect the confidential information safe is what we considered. We need to build architecture to put this problem in. The architecture we used called distributed-core architecture which is assumed by Claudia in their paper [2]. They divided the server nodes into edge and core nodes. For edge level, they are considered located close to network edge. For core level, they are placed in strategic positions and well connected. The goal is to achieve high user-perceived performance. One hand, the distributed nodes will allow parallel adaptation involved in a client request, the other hand the edge nodes will allow to move service close to the clients. Figure 1. Distributed-core architecture Figure 1 describes how the service of a client request goes in the distributed-core architecture. (Step 1) The client sends a request to edge node, it extracts the user ID and applies the hash function H(x)1 to identify the authoritative core node that owns the user 1 The user profiles are mapped on the core nodes through a hash function H(x), that receives a (unique) user ID and returns a core node identifier k = H(ID), where k ∈ [1, . . . , n], and n is the number of core nodes. profile. (Step 2) The request is forwarded to the authoritative node. (Steps 3 and 4) fetches the content from the provider server (and, if required, carries out content adaptation (step (5) - numbers within brackets are optional steps). Then, the authoritative core node extracts the embedded Web resources. On the basis of this list and of the user profile information, the authoritative core node decides how to distribute the adaptation of the embedded resources among the core nodes of the architecture, including itself, and the edge node contacted by the client (step 6). [2] (Step 7& 8) The information about the resources distribution is sent back to the edge node and then to the client. In this way, the edge node knows which nodes are responsible for the adaptation of the different embedded resources and is able to forward to the appropriate node the subsequent requests coming from the client [2]. This will reduce the request-response time greatly. 4. Onion routing Routing onions are data structures used to create paths through which many messages can be transmitted. To create an onion, the router at the head of a transmission selects a number of onion routers at random and generates a message for each one, providing it with symmetric keys for decrypting messages, and instructing it which router will be next in the path. Each of these messages, and the messages intended for subsequent routers, is encrypted with the corresponding router's public key. This provides a layered structure, in which it is necessary to decrypt all outer layers of the onion in order to reach an inner layer [6]. Figure 2. Onion routing path Figure 2 describes how the onion routing works. The client initializes communication and make request send to application proxy and onion proxy gives the order to choose random router to form a random route, which is based on the encryption algorithm. Once the path has been specified, it remains active. The sender can transmit equal-length messages encrypted with the symmetric keys specified in the onion, and they will be delivered along the path. As the message leaves each router, it peels off a layer using the router's symmetric key, and thus is not recognizable as the same message. The last router peels off the last layer and sends the message to the intended recipient [4]. Onion routing also includes a technique allowing recipients to send responses back to the sender, without compromising the identity of either party. To initiate a two-way conversation, a sender generates both an onion and a reply onion. The reply onion is transmitted to the recipient, who then uses it to initiate the return path. Because the reply onion is multiply-encrypted, it provides little information that might compromise the sender — an attacker must either break the public-key encryption, or alternatively compromise all of the routers in the return path [4]. Since traffic analysis also is a serious menace to agent-based applications. In order to protect the communications between the agents against the traffic analysis attacks like communication pattern attack, timing attack, etc. The primary goal of onion routing is to provide strongly anonymous communications in real time over a public network with reasonable cost and efficiency. A secondary goal is to provide anonymity to the sender and receiver, so that the receiver may receive messages but be unable to identify the sender, even though the receiver may be able to reply to those messages [4]. 5. AES AES (Advanced Encryption Standard) has been analyzed extensively and is now used widely worldwide. As of 2006, AES is one of the most popular algorithms used in symmetric key cryptography [8]. AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits. We decided to use 128 bit as the key size, as the longer the key size, the longer time consumed in computation. AES has four rounds like: 1. SubBytes — a non-linear substitution step where each byte is replaced with another according to a lookup table. 2. ShiftRows — a transposition step where each row of the state is shifted cyclically a certain number of steps. 3. MixColumns — a mixing operation which operates on the columns of the state, combining the four bytes in each column. 4. AddRoundKey — each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule [8]. 6. Our approach After we learnt about the distributed architecture, and onion routing network, we now can put our idea into implementation. As we all talked about the server nodes on how to unleash better performance, now we are aiming to discuss the client nodes. We know the client nodes may be distributed in a large scale of geographical area. Using the characteristic of onion routing, we pick up a onion node in the network, initialize the communication and pass it to an onion proxy agent which will then choose several random onion agents to form a random route. Each agent in the route will encrypt data using a AES and send to the next node. Unlike making socket connection directly to the target, that is why each onion router can only identify the previous and net hops in a route. In the anonymous connection, data passes along without worrying about being tracked. 7.1 Conclusions The goal of this paper is to produce an analysis of the onion routing applied with AES, one of the symmetric key cryptographies. Although we can not totally sure the new method we applied whether it will achieve a better performance which would be seen after the detailed experiment, we still can find out the new method we used to protect the privacy of users did much better compared to the traditional methods which we mentioned in the related works. It is more secure and provides more confidential things for users. And in our paper, we just use onion routing for client nodes which is part of distributed system. We need to investigate whether it is feasible to extend it to sever nodes. 7.2 Future works There are also many other kinds of mathematical algorithms include the symmetric key cryptography like AES, IDEA, 3-DES we can put them into experiments of onion routing and later compare the robustness from the degree which can be broken in shortest time, then pick up the best symmetric key cryptography using in onion routing. And also the onion routing got its own weakness like it did not provide much to defend the timing analysis. To make sure onion routing to be a safer one, we should make improvement on the onion routers and path formation methods. And it involves immense mathematic algorithms and cryptographies, may be it’s not our capability to do, and we need to wait until other’s work. References [1] Jana, D. Chaudhuri, A. Datta, A. Bhaumik, B.B. Privacy Protection of Grid Services in a Collaborative SOA Environment, TENCON 2005 2005 IEEE Region 10 Nov. 2005 Page(s):1 – 6 [2] Canali, C.; Colajanni, M.; Lancellotti, R. Distributed Architectures for High Performance and Privacy-Aware Content Generation and Delivery, Automated Production of Cross Media Content for Multi-Channel Distribution, 2006. AXMEDIS '06. Second International Conference on Dec. 2006 Page(s):11 – 18 [3] Porras, P.A. Privacy-Enabled Global Threat Monitoring, Security & Privacy Magazine, IEEE Volume 4, Issue 6, Nov.-Dec. 2006 Page(s):60 – 63 [4] Yu, Jiong; Cao, Yuanda; Lin, Yonggang; Tan, Li. Research on Security Architecture and Privacy Policy of Grid Computing System, Semantics, Knowledge and Grid, 2005. SKG '05. First International Conference on Nov. 2005 Page(s):3 [5] Smith, M.; Engel, M.; Friese, T.; Freisleben, B.; Koenig, G.A.; Yurcik, W. Security issues in on-demand grid and cluster computing, Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops, 2006. Volume 2, 2006 Page(s):14 pp. [6] Onion routing, from Wikipedia 2007, http://en.wikipedia.org/wiki/Onion_routing [7] Jana D., Chaudhuri A., Datta A., Bhaumik B B. Dynamic User Credential Management in Grid Environment, IEEE International Region 10 Conference, Proceedings of the IEEE TENCON 2005, Nov.21-24, 2005. [8] AES, Advanced Encryption Standard, from Wikipedia 2007, http://en.wikipedia.org/wiki/Advanced_Enc ryption_Standard [9] Figure 2. From Internet 2007, http://ntrg.cs.tcd.ie/undergrad/4ba2.05/grou p10/OnionRouting.png
