International audienceNowadays, cluster architecture is widely deployed, paving the path for grid computing. Sharing such high concentration of valuable resources requires special dedicated security mechanisms at various levels. Current solutions for autonomous systems are too intrusive to be deployed in a cluster. In order to develop new solutions adapted to the architecture, we consider a coupled approach for performing efficient anomalies and misuse detections in HPC environment. It relies on an instrumented node, and results in periodical sampling of applications, allowing the generation of specific security policies that can be used to perform further monitoring. This paper also deals with performance concerns and an approach is proposed in order to keep a tow overhead
Security Management is becoming a critical aspect for large scale distributed systems. In this paper, we propose a global architecture, based on an original meta-policy approach for access control and intrusion detection, allowing to guarantee global security properties. In contrast with classical meta-policy based systems, by applying verification techniques on the meta-policy, our solution guarantees global security properties while supporting local updates of the security policy. It is thus a powerful solution that provides strong fault tolerance since the control is carried out in a complete decentralized manner. By using a meta-policy, the system can verify the respect of global security properties after meta or local modifications of the policy. Thanks to test components, our system is also able to evaluate and configure in real-time each of its functionalities while tracking self corruption by malicious hackers. Our architecture is a cooperative multi agent-based system, making it possible to activate a functionality independently from some others. It is divided into several levels, each one contributing to the automation of the security management.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.