Ivanytsia O.V.
National mining university, Ukraine
Problems of confidence in computing
Information and communication technologies, along with society's drive
for collaboration in the modern world, make "collaborative computing'' and
its applications possible and even necessary. Trust in such an environment will
eventually determine its success and popularity due to people's desire for
privacy, integrity and reliability. Today's Internet and existing networks are
not trust-oriented in design and might be compromised by many untrustworthy
factors, such as hackers, viruses, spam, faults, and system failures. Compared
to the two-part interaction model (i.e. the client-server service model),
collaborative computing environments are group-oriented. Involve a large number
of users and shared resources, and are complex, dynamic, distributed, and
heterogeneous. These factors offer a good environment for hostile elements to
lurk. Besides the previously mentioned untrustworthy factors, collaborative
computing environments suffer from dangerous attacks by malicious internal
members. Those problems restrain full utilization of the computer systems in
collaborative computing. The trusted and secure collaborative computing is one
of the objectives for the next generation of the Internet, which is trustworthy
and security-oriented.
This article summarizes the authors' and
other researchers' efforts to develop such a trusted environment that possesses
high security and reliability for the collaborative computing. The important
modules composing the trusted and secure computing environment are elaborated,
including secure group communication. The monograph also discusses security and
reliability in grid computing. One typical collaborative computing application
is medical practice and healthcare research based on medical information
systems.
Information and
communication technologies, along with society's drive for collaboration in the
modern world, make collaborative computing and its applications possible and
necessary. Typical collaborative computing applications include, but are not
limited to multi-party military actions, teleconferencing, medicine,
interactive and collaborative decision making, grid-computing, information
distribution, and pay per view services. Trust in such an environment can
eventually determine its success and popularity due to the corporate and humans
desire for confidentiality and integrity of their personal and/or shared
information. The current Internet is not security-oriented by design. Security patches
and more powerful computing/storage resources available to hackers may result
in more security vulnerabilities. Compared to the two-party interaction model
(such as the client-server service model), collaborative computing environments
are group-oriented, involve a large number of entities and shared resources,
are complex, dynamic, distributed, and heterogeneous and may possibly even
include hostile elements. Systems experience failures due to internal falls and
external attacks from hostile entities. In addition, there is the problem of
insider threats, by which attacks are from malicious parties inside the
organizations or members of collaborative computing groups. Consequently,
building a trusted collaborative computing environment is very difficult and
requires a long term persevering endeavor.
The theme of trusted
collaborative computing is to make collaborative computing environments and
applications highly secure and dependable and be able to not only protect
systems against components failures but also defend against external attacks,
even the attacks from internal malicious users. Trusted collaborative computing
will be able to not only migrate traditional collaborative computing
applications from untrustworthy environments to a secure and reliable platform,
but also provide security guarantee/services for new emerging collaborative
computing applications. From the technical point of view, trusted collaborative
computing would encompass both security and reliability and seek the seamless
integration of advanced security and reliability technologies.
Trusted collaborative
computing environments are characterized by collaborative tasks which require
multiple entities to work together and share their resources. The first key
issue in this environment is that multiple participating entities must
communicate securely among one another. IP multicast provides efficient
transmission of messages to a group of users; however, the open nature of IP
multicast makes it unable to provide strong confidentiality. Secure
group-oriented communication is the first fundamental function for trusted
collaborative computing. Another key requirement is related to resource sharing
and data exchange. Thus selective group-oriented communication is the first
fundamental function for trusted collaborative computing. Access to shared
resources/data must be finely controlled: otherwise attackers and malicious
users can access resources to which they are not entitled to access, abuse,
tamper, and even damage the resources. Thus selective data sharing, at
different granularity levels and along with access control, becomes another
fundamental function. These two classes of fundamental functions should be
sufficiently flexible in supporting various possible forms of interactive access
relations between the parties and the resources in the system. Consequently, we
can identify four fundamental security requirements for trusted collaborative
computing: secure group communication.
As is well known, key
management is the most important yet difficult issue in such context. How to
generate, distribute, update, and revoke keys in large and dynamic environments
is an important challenge.
Intrusion is a very
serious security problem in computing and communication systems. Intruding
attacks, such as Denial of Services (DoS) are easily launched but very
difficult to defend. Such attacks
exist in collaborative computing environments without doubt, moreover, they are
more serious in collaborative computing environments because the attacks can be
launched by internal malicious users and/or the collusion among internal users
and/or external attackers. Knowing intrusion attacks and becoming familiar with
intrusion detection and defense technologies are crucial for designing and
implementing trusted collaborative computing environments. Reliability is a
coherent requirement and feature of trusted collaborative computing. A fault or
failure from any part/component of trusted collaborative computing environments
would degrade the performance of the systems and affect multiple party
collaboration and interaction: furthermore, it may have serious consequences.
For example, it could be potentially disastrous if a patient's records fail to
be loaded due to system failures and they are unavailable in the event of a
life-threatening emergency. Grid computing is a recently developed technology
for complex systems with large-scale resource sharing, wide-area communication,
and multi-institutional collaboration. It could become a potential platform
hosting trusted collaborative computing framework and applications. The medical
information system is a typical collaborative computing application in which
physicians, nurses, professors, researchers, health insurance personnel, etc.
share patient information (including text, images, multimedia data) and
collaboratively conduct critical tasks via the networked system. On one hand,
people would be willing to step into the medical information system age only
when their privacy and integrity can be protected and guaranteed within medical
information system systems. On the other hand, only secure and reliable medical
information system systems would provide safe and solid medical and health care
services to people.
References:
1.
K. Srinathan.
Progress in Cryptology. – “Computer Science / Security and Cryptology”, 2007.
-426 p.:img.
2.
Jeff Shapiro. Collaborative
Computing: Multimedia Across the Network. – “Yale University Press”,
2006. -302 p.:img.
3.
Philip Miller. LAN Technologies
Explained. – “Springer”, 2007. 1379 p.:img.