Skip to Main content Skip to Navigation
Theses

Protecting grid computing networks from cross-domain attacks using security alert sharing mechanisms and classification of administrative domains in security levels

Abstract : In recent years security is becoming a challenge in grid computing networks. Anti-virus softwares, firewalls and intrusion detection systems are not enough to prevent sophisticated attacks fabricated by multiple users. Grid computing networks are often composed of different administrative domains owned by different organizations. Each domain can have its own security policy and may not want to share its security data with less protected networks. It is therefore more complex to ensure the security of such networks and to protect them from cross-domain attacks. The main difficulty is to deal with the distinguish nature of grid infrastructure, that are: multi-sites networks, multi-administrative domains, dynamic collaboration between nodes and sites, high number of nodes to manage, no clear view of the external networks and exchange of security information among different administrative domains. To handle the above mentioned issues, I am proposing a Security Event Manager (SEM) called Grid Security Operation Center (GSOC). GSOC can assist IT security managers in giving a view of the security of the whole grid network without compromising confidentiality of security data. To do so, GSOC provides a security evaluation of each administrative domain (AD) depending on the number of security alerts reported. There are three security levels defined as level 1 is the most secure, level 2 is the more secure and level 3 is the least secure. This classification helps to identify the ADs that are under attacks or the ADs that are at high risk of being attacked in future. A two step time based correlation mechanism is proposed which reduces the security alerts and continue detecting attacks under intense distributed attacks. A parametric security alerts sharing scheme has been introduced. Security alerts can be shared at any time between the members of the grid computing network. This alert sharing informs the participating members to see the ongoing attacks on the other premises of the ADs without interfering in the security policy. This security alert sharing concept has been discussed in past but never implemented. GSOC is the first state of the art implementation of this idea. This alert sharing helps in blocking the propagation of cross-domain networks in grid computing networks.
Document type :
Theses
Complete list of metadatas

Cited literature [56 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01622254
Contributor : Abes Star :  Contact
Submitted on : Tuesday, October 24, 2017 - 11:32:44 AM
Last modification on : Thursday, November 12, 2020 - 9:42:15 AM
Long-term archiving on: : Thursday, January 25, 2018 - 1:01:25 PM

File

These_A_SYED_Raheel-Hassan_201...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01622254, version 1

Citation

Raheel Hassan Syed. Protecting grid computing networks from cross-domain attacks using security alert sharing mechanisms and classification of administrative domains in security levels. Cryptography and Security [cs.CR]. Université de Franche-Comté, 2012. English. ⟨NNT : 2012BESA2038⟩. ⟨tel-01622254⟩

Share

Metrics

Record views

354

Files downloads

182