Dear Colleagues, The Daonity team of tc-rg has done a first version of the system working on the TPM chip of Infineon and HP platforms, to be demo shown on Thursday 1:45-3:15. To help grasping what to be shown, attached is an accompanying paper for it. Any comments would be gratefully received. Best wishes, Wenbo Mao Title: Daonity - Grid Security with Behavior Conformity from Trusted Computing Author: The Daonity Team A Research Group in Global Grid Forum Led by HP Labs China and participated by Huazhong University of Science and Technology, Wuhan University and Oxford University Abstract: A central security requirement for Grid computing, or more generally federated computing, can be referred to as behavior conformity. This is a strong assurance for the system that a remote principal (user, computing platform or instrument) will be acting in conformity with the rules defined by the policies of the federated computing. However, as will be analyzed and discussed in this paper, Grid security practice at present, e.g., Grid Security Infrastructure (GSI) for a standard Grid middleware Globus Toolkit, has little means for this requirement to be met and consequently falls short of satisfactory solutions to a number of Grid computing problems. Trusted Computing (TC) technology developed by Trusted Computing Group (TCG) forms an important industrial initiative for improving computer security by means of a hardware supported security architecture. For a federated computing system, the TC technology can not only improve security in a conventional sense (such as stronger protection on cryptographic key material), but also allow conformed behavior of principal(s) in a remote environment to be measured by the rest of the confederation. We consider that the TC technology can provide practical and readily available solutions to meeting behavior conformity requirements needed by Grid computing. In the main part of this paper we report Daonity system. This is a TC-technology enabled Grid security system which we have designed for improving GSI. We shall see a number of TC innovations applicable to GSI. These include: (i) security suitable for constructing a dynamic virtual organization of an unbounded resource supply, (ii) construction of property based virtual organization with conformed quality of services, (iii) supporting sharing of security resource, and (iv) stronger protection of the Grid authorization mechanism.