Guarding the grid

Computerworld - Deploying a grid infrastructure can help companies dramatically improve hardware utilization rates and boost computing power. But the massive resource aggregation and wider end-user access enabled by grids also have the potential to magnify security risks, implementers say.
As a result, companies that are implementing grid technologies need to pay special attention to issues such as user authentication, authorization and access control, as well as auditing and data integrity -- both when data is in storage and while it's in transit.
Ensuring that adequate measures are in place for responding to the effects of worms and viruses, which can be amplified in a grid setup, is also crucial in grid computing, IT managers say.
Most of the problems that users have to deal with in a grid environment are similar to the ones they face in nongrid environments, says John Hurley, senior manager for distributed software and systems integration at The Boeing Co.'s mathematics and computing technology group in Seattle. "But [they] take on much greater significance in a grid environment because of the fundamental premise of grids -- access, sharing and collaborative computing," he notes.
Grid computing creates the "potential for gateways into an environment" where none existed before, says Hurley.
More Power, More Risk
A grid installation harnesses the combined power of numerous servers and PCs to run applications and services as one large system. Grids have been used for years to run compute-intensive applications in academic and research organizations. The improved resource utilization and power delivered by grids have also begun to attract the attention of corporate America. A survey of 550 database professionals, released in January by Santa Cruz, Calif.-based Evans Data Corp., showed that one in five companies is planning to deploy grids during the next two years.
The potential severity of grid-related security problems depends largely on the context in which grids are being used, says Dane Skow, deputy computer security executive at the Fermi National Accelerator Laboratory in Batavia, Ill. "When you talk to people about grids, they have different scenarios in mind -- everything from clusters in the same room run by the same infrastructure team to global power-grid-like infrastructures," says Skow.
Research grids, for instance, typically provide access to users from multiple organizations and security domains. Fermi operates a grid for high-energy physics applications that's accessed by more than 5,000 users in some 80 organizations -- several of which are in Europe.
User access, authentication and authorization in such an environment can be a big challenge, given the fact that there's no