SAS: A system for security assessment in grid environment

Grid computing provides integrated high-end compute resources across administrative domains. More and more grid infrastructures are being used for mission-critical scientific and engineering applications. Ensuring security and safety of grid environment is a key challenge faced by grid community. First step towards grid security is to be aware of vulnerabilities and weaknesses in the entire grid. In this paper, we address this particular aspect wherein we firstly present a system called Security Assessment System (SAS) that is being used in the Indian Grid Computing Initiative GARUDA. This system is built with capabilities of carrying out periodic assessment of the entire grid resources and providing security assessment of each entity such as hosts, applications. Secondly, we present the architecture and internals of SAS where we have seamlessly integrated our solution in a framework by interfacing it with widely used Globus grid middleware. Finally, we present our results based on live deployments in the Indian Grid environment.