Microsoft is developing a security language for grids, designed to deal with some of the security issues raised by grids’ decentralized nature.
Grids are becoming widely used in enterprises, as well as for sharing computing resources among academic research institutions. However, there is no single, widely used approach to dealing with grid security.
Microsoft researcher Blair Dillaway outlined Microsoft’s approach in a talk called “A Unified Approach to Trust, Delegation, and Authorization in Large-scale Grids” at GridWorld in Washington. The company has developed a prototype of a grid-oriented security language called Security Policy Assertion Language, or SecPAL, according to a report in industry journal eWeek.
SecPAL is part of an ongoing Microsoft research project looking at access control for large-scale grids, according to the report. In a white paper, Dillaway described SecPAL as also designed “for expressing trust relationships, authorization policies, delegation policies, identity and attribute assertions, capability assertions, revocations and audit requirements,” the report said.
The prototype reportedly deals with multidomain grids and uses Microsoft technologies such as the Microsoft Windows Compute Cluster Server 2003, the .Net Framework, Windows Communication Foundation (formerly known as Indigo), the Active Directory directory service, and Kerberos and X.509-based identity management infrastructures.
Currently SecPAL is at the research stage, and there are no immediate plans to turn it into a product, Dillaway said.
SecPAL is designed to be more encompassing and usable than existing grid security technologies, such as XrML (Extensible Rights Markup Language), XACML (Extensible Access Control Markup Language) and SAML (Security Assertion Markup Language). The Globus Alliance, an academic organization, has also created a security architecture for grid computing.
Last month, the US Department of Energy’s Argonne National Laboratory released an open-source communications software toolkit, the Access Grid Toolkit, which uses industry standards such as SSL to handle security.
Grid technology once reserved for high-end research centers is making its way into more enterprises, though plenty of obstacles to wider adoption remain, according to panelists at GridWorld. Online auctioneer eBay, which exploits a massive computing grid to power its site, is one example of a successful implementation and was the topic of a Tuesday keynote at the conference.
Acknowledging that grids aren’t appropriate for every application a company runs, Ken King, vice president of grid computing with IBM, said the technology is becoming more mainstream. “To me mainstream means something is used in [a company’s] core data center for mission-critical applications, things that are core to revenue-generating aspects of business,” he said. “We are just starting to see aspects of grid move into that.”
But that point at which companies attempt to expand their use of grid computing is also where they often run into headaches, said another panelist. “Often grids just don’t get used to the degree promised, therefore they can’t achieve enterprise adoption” or the expected ROI, said Dan Hushon, chief technologist with EMC.
–Cara Garretson of Network World contributed to this report.