Research On Security Grid Technology Based On The Theory Of Information Security Control

Grid represents an developed technology and basic establishment,it is another important advancement of science technology after Internet.The Grid which is based on Internet is being in face of security hidden troubles.Grid must not only applies the Internet security technologies which have exited,it but also has a lot of aspects for us to study and discuss because of it's specialties.The grid security architecture is described systemically in this paper.Through the analyze of the Globus's GSI and the grid security architecture based on OGSA,combining with the hierarchical protocols of the Internet and the hierarchical architecture of the grid ,a kind of the hierarchical grid security architecture is constructed and another improved grid security architecture is expounded. In this new architecture some disadvantages are solved,such as too strong coupling between the grid security architecture and grid architecture which is applied now,the function of the security components work independently and lack of the support of the transparent service,etc.The design traget is to provide the security function as a service to user.Based on the grid system's hierarchical character and generalizing the strongpoints and shortcomings of the grid security architecture models,we advanced an improved grid security model which enhances the grid system's security both from outside and inside environments.Based on the grid security model referred upon,combining the theoris of information system security and automatism,we advanced information security control principle and apply it to design an security grid model which has security-control strategies.This security grid model contains client and server parts.The server part takes charge of giving out the security strategies while the client part takes charge of controlling the operations of grid user legally. This security grid model ensures that the legal user can access grid resouces;grid users uses resouces based on their rights;through watching whether the ports and processes are legal,the security of the grid system has been improved both from outside and inside environments.The implement technology of the client part has been discussed in this paper.