User:Moviquity/GridTrust

GRIDTRUST (Trust and Security for Next Generation Grids)
GridTrust (Trust and Security for Next Generation Grids) is a R&D european project oriented to facilitate new solutions which improve trust and security over actual Grid Technologies. GridTrust is a project under framework program six of the European commission with 033817 contract number started in June of 2006 and finished in May of 2009. Built over widespread used Grid standards and technologies, GridTrust aims to offer new mechanism which extend a complement actual Grid World. Through a set of business cases evaluation. GridTrust ensures required orientation of those mechanisms to a real environment.

GridTrust is supported on an experienced consortium with a balanced representation of business and research oriented organizations. Such balance allows the project to obtain high valuable results into both universes. GridTrust project is shaped by a very significant representation of the main research organizations in the area of Grid and security: Centre d’Excellence en Technologies de l’Information et de la Communication, Science and Technology Facilities Council, Istituto di Informatica e Telematica - Consiglio Nazionale delle Ricerche, Vrije Universiteit Amsterdam complemented by an important representation of innovative service big companies and SMEs: DeAgostini, Interplay, Hewlett-Packard European Innovation Centre and Moviquity.

Project results aim to be a new step and evolution bringing closer entrepreneurial and scientific environments using Grid technology benefits.

Security, trust, and risk management remain the fundamental obstacles to widespread deployment of Next Generation Grids in industry. The EU research project GridTrust is developing the tools and methods to manage Grid security, trust, and risk, and they will unlock a wide range of possibilities for Grid technology to the business community and demonstrate exciting scenarios where the technology can be put to use. Thanks of being funded by European commission this project has been able to tackle such innovative and ambitious objectives.

In place of traditional, rigid models, GridTrust employs dynamic authorization models for dynamic VOs and a vertical approach to deal with security. Grid end-users and service providers form dynamic Virtual Organizations to collaborate and complete business transactions, assessing and managing security, trust, and risk become essential. End-users must be able to select providers based upon secure and trustworthy information including prices and reputation credentials.

Providers demand secure resources necessary to optimize their service offers. Ultimately, users and providers negotiate a Service Level Agreement (SLA) to define all aspects of the business relationship. However, both parties remain hesitant to adopt SLAs due to the real business risk of SLA violation. In addition to secure and trustworthy resources, users and providers need risk assessment methods to ease negotiation and set penalties.

GridTrust key contribution to the Grid Community is a framework consisting of:

In the picture bellow it is possible to see the GridTrust areas of impact:
 * 1) a methodology and an interactive execution environment that will help Grid service requestors and providers to express and reason about trust, security and privacy properties for different kinds of Virtual Organisation (VO) topologies, taking into account aspects such as self-organisation, self-management, self-adaptation and evolvability;
 * 2) a reference Grid Security Architecture, including an autonomic policy management for fine grained usage control of Grid resources;
 * 3) an open source reference implementation of trust and security management systems, validated by scenarios in the business domain.



GridTrust provides new security services at the GRID middleware layer:

The Virtual Breeding Environment Manager consist on an environment supports the creation of Virtual Organization (VOs). A VBE is based on a collaboration agreement between participating entities, and provides a common infrastructure, common rules, common services and a base level of trust that are the pre-requisites for rapidly forming ad-hoc VOs to respond to specific business opportunities.

The Virtual Organization Manager service coordinates all the other security services and it's the single point of access for users and service providers participating to the VO. The VOM is the point of contact for all information and maintenance matters related to that VO. Also, other services query about the Certification Authority of a specific VO, for example. The Secure Resource Broker service takes in input from the VOM a list of requested services, needed by the VO Owner to form its VO, with the associated security requirements the selected services must satisfy and returns to the VOM the list of providers (or reference to providers) that offer the requested service and at the same time satisfy all the specified security requirements.

Trust and Reputation Service keep track of the past behavior of owners and users of VO and transform such behavior in trust and reputation credentials that can be considered by users, service providers and the GSF service when taking decisions.

The C-UCON Service deployed on the service provider implement the Usage Control Model. It provides the following functionality:


 * Take in input the global VO policy, the local resource policies and the user profile to produce the equivalent policy state machines.


 * The service is responsible for the local evaluation of policies and for their enforcement at run-time.

At the high level, GridTrust project provides a visual tool named Requirements Refinement Tool which is built on the Eclipse framework to define the meta-model of virtual organizations or the Graphical Modeling Framework to represent graphically the VO requirements.It is composed by a set of plug-ins using by example the Eclipse Modeling Framework. The requirements are created to reason on virtual organization and security policies. Finally at the entrepreneurial level, GridTrust works over two different approaches which are benefited of GridTrust added value. These demos try to go deeper into the analysis of two application scenarios: Generic Supply Chain and Distributed Knowledge Management.

Interesting Links
Official GridTrust web page:

Developers GridTrust Official Site:

Demo Videos:

Brochure:

Partners:
Italian National Research Council (CNR,

Vrije Universiteit Amsterdam

Interplay Software S.r.l

HP

Istituto Geografico De Agostini S.p.A. DeA,

MOVIQUITY

The Council for the Central Laboratory of the Research Councils [CCLRC, http://www.cclrc.ac.uk/]

CETIC