This workshop provides a forum to discuss and exchange research results regarding security, trust and privacy issues in distributed collaborative Grid environments. Grid computing enables large-scale sharing of widely distributed resources and coordinated collaboration for problem-solving between groups of partners (scientific or commercial community). Heterogeneous resources geographically distributed belong to different security domains with different access control and security policies to access them. Researchers and developers are concerned with possible security issues and implication of wide-spread collaboration because it is conducted on the basis of interactions and information exchange between heterogeneous environments with different security issues.

With Grid technologies playing an increasingly important role in new distributed computing deployments, there are increasing risks that the privacy and integrity of users’ information might be compromised. Then, trust and privacy becomes a fundamental issue; since information exchange in the form of interactions between heterogeneous environments is handled on behalf of the owners, these owners should know:
• who holds their sensitive information,
• who can access it and for what purpose and,
• how this information is handled (in order to avoid unauthorized changes or unauthorized transfers) via the Grid infrastructure middleware.
In light of these developments, a thorough analysis of threats to security, trust and privacy in Grid environments and their causes will be reviewed. Issues with respect to the degree of privacy loss, the release of constraints in terms of protection, and how they might be assessed will be addressed. The workshop also examines and compares new and different approaches, along with their technical solutions and practical designs in Grids. In addition, the workshop will attempt to examine the degree to which legal and organizational compliance for privacy in Grid can or should be achieved.
The workshop invites submissions from academia and industry presenting novel research on all theoretical and practical aspects of security, trust and privacy issues related to Grid environments. We encourage submissions from other communities such as law and business to present their perspectives on technological issues.

The main topics of interest include but are not limited to:

Authors are invited to submit original papers not previously published nor submitted in parallel to any other publication for conference, workshop or journal. Authors are invited to submit original papers of 8 pages maximum. Papers should be double column text and follow the IEEE manuscript guidelines provided by CCGrid2008 web site (http://ccgrid2008.ens-lyon.fr). Submission implies the willingness of at least one of the authors to register and present the paper.

Authors must register and submit their paper through the paper submission system located at: http://www.easychair.org/STPG2008/

Accepted papers will be published with the CCGRID2008 conference proceedings. Best papers will be selected for a special issue of the International Journal of Grid and High Performance Computing (IJGHPC). The publication will be on the second quarter of 2009 ( For additional information regarding the publisher, please visit http://www.igi-global.com.

The special issue will be edited by:

Editor-in-Chief: Emmanuel Udoh

Co-Editor: Frank Wang

 

Wolfgang Hommel. Using Policy-based Management for Privacy-Enhancing Data Access and Usage Control in Grid Environments link to presentation

Massimiliano Pala, Scott Rea, Shreyas Cholia and Sean Smith. Extending PKI Interoperability in Computational Grids link to presentation

Shreyas Cholia and R. Jefferson Porter. Publication and Protection of Site Sensitive Information in a Grid Infrastructure link to presentation

Guido van 't Noordende, Matthijs Koot and Silvia Olabarriaga. Privacy and Trust for Grid-based Medical Applications link to presentation

Hong Wang, Hiroyuki Takizawa and Hiroaki Kobayashi. A Performance Study of Secure Data Mining on the Cell Processor link to presentation

 

Invited Talk

Title: Modular Authorisation for Grids

Speaker: David W. Chadwick, Information Systems Security, Computing Laboratory, University of Kent, Canterbury, UK. link to presentation

Abstract:
This talk will describe the different functional components that go together to provide an authorization infrastructure for Grids. These include: Policy Enforcement Points, Policy Information Points, Policy Decision Points, Obligations Services, Credential Validation Services and Credential Issuing Services (or Attribute Authorities). By defining clean interfaces between these functional components, they may be connected together in various configurations to provide both the push and pull models for credential validation, with consequently differing amounts of work for the application to perform, and differing security properties (such as least or maximal privileges). Different credential formats can be supported as well as different protocols for interconnecting the components together. The talk will introduce the OGF OGSA Authz protocol profiles that are currently being specified to allow the components to be distributed around the grid, and the results of some early interworking tests that have been performed between different research groups.
Having a modular authorization infrastructure, such as the one being proposed here, allows the plug and play of similar functional components from different suppliers, that may contain appreciably different features e.g. enhanced performance, different credential formats, different policy rules, etc. It also leads to other benefits, such as the inclusion of significantly enhanced functional components that use the same interfaces, but contain additional authorization features, such as coordinated decision making or delegation of authority, without affecting either the grid applications or the other components of the authorization infrastructure.

Information about registration is provided at the CCGRID2008 web site at: http://ccgrid2008.ens-lyon.fr

 

Information about travel and accommodation is provided at the CCGRID2008 web site at: http://ccgrid2008.ens-lyon.fr

Workshop Organizers

Noria Foukia, Information Science Department, University of Otago, New Zealand

contact: nfoukia@infoscience.otago.ac.nz

Heinz-Gerd Hegering, Leibniz Computing Centre, Garching, Germany

Helmut Reiser, Leibniz Computing Centre, Garching, Germany