Microsoft Building Security Language for Grids

SecPAL, Microsoft's Security Policy Assertion Language, is a research effort aimed at helping to make grid computing more secure.

WASHINGTON—Microsoft is working on delivering a new language that will help to make grid environments more secure by providing decentralized authorization policies, among other features, said a Microsoft researcher.

Blair Dillaway, a Microsoft researcher and member of the incubation team working on the technology, said Microsoft is working on a new security language known as the Security Policy Assertion Language, or SecPAL. Dillaway discussed the project at the GridWorld conference here on Sept. 12.

Dillaway said the development of large-scale, decentralized distributed computing environments has caused the need for fine-grained control over trust relationships and delegated access rights.

SecPAL comes out of an ongoing Microsoft research project investigating access control solutions for large-scale grid computing environments, he said.

Dillaway said SecPAL is a result of both security research and practical experience Microsoft gained in developing an end-to-end prototype system.

The prototype emulates a multidomain grid environment, and uses existing Microsoft products, including the Microsoft Windows Compute Cluster Server 2003, the .Net Framework, Windows Communication Foundation (formerly code-named Indigo), the Active Directory directory service, and Kerberos- and X.509-based identity management infrastructures, Dillaway said. The prototype also incorporates several industry standards, such as XML and Web services protocols for interoperability, he said.

/zimages/3/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

Dillaway said the complexity of large-scale grid environments makes it difficult to describe all of the entities and relationships required to provide access control in systems. Thus the need for a new declarative language for expressing security policies, Microsoft said.

Moreover, in a white paper on the technology, Dillaway said that in addition to SecPAL being the core technology underlying Microsofts approach to grid access control, it also is a mechanism "for expressing trust relationships, authorization policies, delegation policies, identity and attribute assertions, capability assertions, revocations and audit requirements." In addition, SecPAL improves security assurance by reducing the need for semantic translation and reconciliation between disparate security technologies, he said.

For instance, in a typical access control scenario on a grid, a grid user needs to be able to delegate a subset of the access rights to a grid job the user would like to run while not allowing access to the users other resources, Dillaway said. SecPAL enables this and also makes the access delegation short-lived, he said.

Gregory Fee, also a Microsoft researcher and member of the SecPAL incubation team, demonstrated the technologys capabilities during a hands-on demo at the GridWorld conference.

Fee demonstrated that SecPAL describes explicit trust relationships; expresses security token issuance policies; provides security tokens that contain identities, attributes and delegation policies; and expresses resource authorization and delegation policies.

/zimages/3/28571.gifAppistry launches a grid program for startups. Click here to read more.

Dillaway said that although there are existing approaches to access control and security in a grid environment, they are not as efficient as SecPAL and are not widely used.

Other approaches include XrML (Extensible Rights Markup Language), which is an XML-based language aimed at specifying licenses for Digital Rights Management; and XACML (Extensible Access Control Markup Language), which is an XML-based language for describing access control policies. Also, SAML (Security Assertion Markup Language) defines XML formats for exchanging user identities and other information, while the Globus security architecture for grid computing defines a security policy for dealing with multiple trust domains.

However, Dillaway said he believes SecPAL is better than these and other, similar technologies for helping to secure access control in grid environments because it is more usable and efficient than any other language-based solution.

In the future, Dillaway said, Microsoft is planning to expand its prototype and take SecPAL into new areas, such as automated access delegation generation; a revocation infrastructure, other forms of delegation, including job management rights and constrained trust management; and policies for the installation and execution of mobile code.

"We have a fairly comprehensive solution to grid security," Dillaway said. However, he identified SecPAL as a research effort.

"This is research work, not a Microsoft product," he said. "It is something we think is very promising… One of the reasons were here is wed like to have more people look at it and think about it."

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.