140 likes | 153 Views
CNIC Grid/SDG CA Updates 2 nd APGrid PMA meeting, October 15, 2006. Morrise Xu (morrise@cnic.ac.cn) NTARL, CNIC, China. Outline. Introduction to CNIC Grid CA Current status of CNIC Grid CA Introduction to SDG CA Current status of SDG CA CA software Suite Upgrades Application
E N D
CNIC Grid/SDG CA Updates2nd APGrid PMA meeting, October 15, 2006 Morrise Xu (morrise@cnic.ac.cn) NTARL, CNIC, China
Outline • Introduction to CNIC Grid CA • Current status of CNIC Grid CA • Introduction to SDG CA • Current status of SDG CA • CA software Suite • Upgrades • Application • EUChinaGrid
SDG CA • Scientific Data Grid (SDG) • Scientific Data Grid (SDG) is an application grid based on scientific data resources sharing and collaboration. • SDG CA • the SDG security infrastructure • The subordinate CA of CNIC Grid CA • SDG CA Repository • http://ca.sdg.grid.cn/ • CP/CPS • Introduction • Manual • SDG CA Certificate • 10 years validity --- 2006-2-27 ~ 2016-2-27 • Type of certificates • Person Certificate: E=morrise@cnic.ac.cn,CN=Morrise Xu,DC=SDG,DC=Grid,DC=CN • Host Certificate: CN=sdg6800.sdg.ac.cn, DC=SDG,DC=Grid,DC=CN • Service Certificate: CN=DAS/sdg6800.sdg.ac.cn, DC=SDG, DC=Grid, DC=CN
CNIC Grid CA • CNIC is an institute of CAS • CNIC Grid CA • The security infrastructure of CNIC Grid • Root CA • CNIC Grid CA Repository • http://ca.grid.cn/ • CP/CPS • Introduction • Manual • CA Certificate • 20 years validity --- 2006-2-27 ~ 2026-2-27 • Only issues sub-CA certificate and CA servers and operators certificates • Subordinate CA: CN=Scientific Data Grid CA,DC=SDG,DC=Grid,DC=CN • Person Certificate: E=morrise@cnic.ac.cn,CN=Morrise Xu,DC=Grid,DC=CN • Host Certificate: CN=ca.grid.cn,DC=Grid,DC=CN
Current status of SDG CA • Number of issued certificates • Subscribers • SDG members • 45 institutes of CAS • CNIC staff • SDG PMA
Current status of CNIC Grid CA • Number of issued certificates • 2 certificates • 2 valid certificates • 1 host certificate • 1 subordinate certificate • Subscribers • SDG root CA • CNIC Grid CA operators • CNIC Grid CA servers
CA Software Suite • SDG CA V3.1 • Base on the OpenCA V0.9.2.5 • Repository: http://ca.sdg.grid.cn • Certificate Utility V2.0 • i18n
Upgrades • CNIC Grid CA lifetime • Extend 10 years to 20 years • Re-signed the CNIC Grid CA Certificate • Certificate Extension • Scissor out the subjectAltName and issuerAltName • Re-signed the CNIC Grid/SDG CA Certificate
Applications • Scientific Data Grid project • Scientific Database • EUChinaGrid Project
EUChinaGrid • Target • To foster the creation of a intercontinental eScience community • Training people • Supporting existing and new applications • To support interoperable infrastructure for grid operations between Europe and China
Partners - EUChinaGrid • Beihang University, Beijing (China) • CNIC/CAS, Beijing (China) • IHEP/CAS, Beijing (China) • Peking University, Beijing (China) • GRnet (Greece) • Consortium GARR (Italy) • INFN (Italy) • Jagiellonian University in Krakow (Poland) • CERN (Switzerland)
Objectives - EUChinaGrid • Contribute to the creation of an human network promoting international collaboration • Disseminate European experience in China and confront with Chinese experience • Support interoperability of EGEE with the corresponding infrastructure in China, fronting the multi-protocol (IPv4/IPv6) network infrastructure • Use existing network infrastructure and foster its development • Foster interoperability of solutions across different disciplines to achieve broader scale uptake of Grid technology • Harmonize European, and Chinese eScience user and infrastructure requirements in terms of resources needed, Grid services, and application software. Provide recommendations for adapting the present best practices and tools (Virtual Organizations, Certification Authority, Policies, etc.).
Depolyed in EUChinaGrid • Host certificate • LCG2 Testbed @ CNIC • User certificate • CNIC LCG staff