Yesterday, I came across some text from the folks at Illuminata discussing the future of grid computing. Diana and I talked about it some (she had heard about it before me), but I was having a hard time getting my arms around the concept. At first I thought it was this some new completely magical thing that was totally revolutionary in the computing world... until it dawned on me that we were really talking about SETI at Home.
Now I've used SETI at Home in my day, so I'm not a bigot when it comes to the grid concept. What really concerns me, however, is extent to which folks are (or are not) thinking about security in this new world. For example, if we accept SETI as the "grand-daddy" of grid systems, the amount of fraud, and spoofed results, and other general insecurity that has plagued the system since the early days should be an indicator of what's to come. Not to mention the fact that SETI at Home has security advantages that other grid applications won't have - with SETI, you're running one application (and one application only) - it's not dynamic, it doesn't change, it runs the same code today as it did yesterday. You're also using very well-defined pathways for data storage, for OS library usage, for interaction with the host system, etc. Depending on grid applications, this might not always be the case in other scenarios.
I was curious about this topic, so I checked out some of the security research going on in grid computing, such as the Security for Grid Services, the Security Architecture for Computational Grids, and the Managing Security in High-Performance Distributed Computing. There's been a lot of thought done here, but in my opinion, there's an elephant in the room: complexity. Complexity decreases security.
Every computing resource on the grid is now effectively running two general purpose operating systems instead of just one: the underlying OS and the grid application "substrate." The underlying framework can do almost anything an OS can do: accept incoming processing requests, authenticate users, delegate credentials, spawn new tasks, store data, etc. As security folks, not only do we have all the fun of defending the underlying OS from attack, but we have the new pain of defending the grid substrate. Not to mention the fact that these applications usually run on web services, which require an application platform that we have to secure.
Like an onion (or a parfait), these technologies build layer on layer; each new layer carries with it a whole new security paradigm. As such, the more layers we add, the more complex everything becomes. The more complexity, the harder it becomes to manage, to audit, and to secure. As of now, we already have a "complexity parfait" big enough to leave the most gluttonous of us begging to be excused; how many more layers do we need before somebody says "when"?
Posted by Ed at October 27, 2005 11:22 AM