One of the most popular aspects of grid computing is the promised ability of getting computing power anywhere. As with electricity, you just plug in and use it, regardless of how or from where it is being delivered. This analogy works well to understand the ultimate goal of grid computing, but of course reality is much more complex. Many advances in interoperability and performance during recent years make grid technologies an alternative to cluster computing for certain distributed applications. Now is the time to focus our attention on other problems, such as security. This book studies many security issues, not only related to grids, but also to computer networks and operating systems, that may affect future development.

The book makes no assumptions about the reader’s background, although some general knowledge of network and grid technologies is essential. After a general introduction to grid computing in chapter 1, chapter 2 discusses the main security issues related to computer systems, such as confidentiality, authentication, and integrity schemes. Chapter 3 provides a comprehensive taxonomy of grid security issues, classifying them as architecture, infrastructure, and management-related issues, together with a description of the solutions available for them. Information security is covered in chapter 4, describing a security standard effort called grid security infrastructure (GSI). GSI and its features, such as authentication and delegation, are described concisely, using the security in Globus Toolkit 4.0 as a working example. Chapter 5 focuses on grid authorization systems, showing how resources can be accessed in terms of authorization and access control mechanisms. The main mechanisms are described, together with the different levels of authorization systems. Chapter 6 discusses service-level security, studying denial-of-service (DoS) attacks, their effects, and countermeasures. Host-level security is discussed in chapter 7, which studies how to protect the data in hosts dedicated to the grid from malicious code using, for example, sandboxing mechanisms such as virtual machines or level monitoring. Chapter 8 is dedicated to grid network security issues, covering the use of firewalls, virtual private networks (VPNs), and secure routing or multicasting, while chapter 9 focuses on the grid credential management systems. Finally, chapter 10 is devoted to the management of trust in the grid, and chapter 11 covers grid monitoring concepts and tools. The book ends with a working example based on the European data grid and a review of the most important issues related to grid security in the future. An appendix on Web services-related technology, an extensive bibliography of almost 300 references, and a short index conclude Chakrabarti’s excellent work.

The book is particularly well written and succeeds in introducing a complex topic to a heterogeneous audience, although some background in the field is required to take full advantage of it. In this sense, the taxonomy given in chapter 2 is fundamental to put in perspective the myriad of security-related grid technologies described in the chapters that follow. The book is extremely well edited, following Springer’s high standards. This book is a must-have for readers with some background in network protocols that want to understand the implications of grid security.