Cybersecurity is a growing concern, especially in open grids, where attack propagation is easy because of prevalent collaborations among thousands of users and hundreds of institutions. The collaboration rules that typically govern large science experiments as well as social networks of scientists span across the institutional security boundaries. A common concern is that the increased openness may allow malicious attackers to spread more readily around the grid. We consider how to optimally respond to attacks in open grid environments. To show how and why attacks spread more readily around the grid, we first discuss how collaborations manifest themselves in the grids and how this collaboration model affects the security risk model of grid participants. We present a new grid model and use optimization techniques to calculate the security risk associated with each grid participant. Given an attack scenario, our optimization model aims to minimize threat levels at unaffected participants while maximizing the uninterrupted scientific production (continuing collaborations). By manipulating some of the collaboration rules (e.g., suspending a collaboration or shutting down a site), the model finds optimal response scenarios to contain an attack scenario.
Preprint ANL/MCS-P1593-0309, Argonne National Laboratory, 03/2009