The GridTrust Project

6th Framework Programme

The GridTrust Project

6th Framework Programme

GridTrust is a new FP6 European research project coordinated by CETIC. The overall objective of the GridTrust project is to develop the technology to manage trust and security for the Next Generation Grids (NGG). We propose to have a vertical approach tackling issues of Trust, Security and Privacy (TSP) from the requirement level down to the application, middleware and foundation levels. Our emphasis is on models and tools to assist in reasoning about trust and security properties along the NGG architecture.

Project Background

GridTrust consortium involves a large panel of industrial partner (HP European Innovation Center), end users (De Agostini), SMEs (Moviquity, Interplay) and European research groups covering the areas of requirement engineering, Grid technology and security among others (CETIC, CCLRC, CNR, VUA). Moviquity, HP and Interplay are providing important test cases to validate the GridTrust framework, including innovative applications such as “inter-enterprise knowledge management” and “distributed authoring”. Moviquity and De Agostini are committed to implementation and exploitation of the results of the project
middleware and foundation levels. Our emphasis is on models and tools to assist in reasoning about trust and security properties along the NGG architecture.
The main output of GridTrust is a framework consisting of:

  1. a methodology and an interactive execution environment that will help Grid service requestors and providers to express and reason about trust, security and privacy properties for different kinds of Virtual Organisation (VO) topologies, taking into account aspects such as self-organisation, self-management, self-adaptation and evolvability;
  2. a reference Grid Security Architecture, including an autonomic policy management for fine grained usage control of Grid resources; and
  3. an open source reference implementation of trust and security management systems, validated by scenarios in the business domain.
    The resulting tools will be of a generic nature and will be validated on innovative applications from different application sectors. The tools will not be specific to the applications considered in the GridTrust project. The tools will be compliant with the Open Grid Services Architecture (OGSA).

Added Value for Businesses

The results of the project will allow companies to set up and operate virtual organisations that are secure and trusted. The approach will provide tools to design security and trust requirements into the virtual organisation. Virtual organisations will allow companies to provide and to access Grid resources to achieve common goals. Virtual organisation are also valuable in the larger context of Service Oriented Architectures to set up "virtual" markets.

Added Value for CETIC

The project will allow CETIC to apply software engineering and requirements engineering techniques to the specification of Grid applications. More specifically we will work on methods and tools to derive security and trust policies. The different case studies will allow CETIC to experiment with innovative Grid applications, and the applications of security and trust policies.