1 / 5

Grid Security work in 2006

Grid Security work in 2006. Andrew McNab Grid Security Research Fellow University of Manchester. December 2005. Security Group had started GridPP2 and JISC funded work GridSite had been taken up by several HEP / Grid projects for managing web pages

teagan
Download Presentation

Grid Security work in 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Grid Security work in 2006 Andrew McNab Grid Security Research Fellow University of Manchester

  2. December 2005 • Security Group had started GridPP2 and JISC funded work • GridSite had been taken up by several HEP / Grid projects for managing web pages • GridSiteWiki in use by GridPP (New Scientist mention etc) • Big push was still to get GridSite into “programmatic” use. • GridSite web service hosting and delegation taken up by EGEE Workload Management • htcp bulk file transfers used by EGEE WMS • Had designed SiteCast file location system 21 December 2006 A.McNab – Grid Security

  3. GridSite • GridSite is our key piece of grid security technology • Adds support for grid security “objects” to Apache web server • Identity certificates and GSI proxies • VOMS attribute certificates for group membership • GACL policy language • Credentials from Shibboleth • Allows Apache to host Web Services for Grids. • Library functions can be reused in other services • including GridSite proxy delegation used by EGEE 21 December 2006 A.McNab – Grid Security

  4. “New for 2006” • EGEE File Transfer System has taken up GridSite delegation protocol and library for C/C++ components • SlashGrid resurrected and rewritten • provides an HTTP(S) network filesystem, with the option to use multicast to find replicas of files. • With Joseph, Shibboleth added to credentials framework • Distributed password-based authentication • NIST Level of Assurance added to policy language • Support for access control for 3rd party virtual “websites” • eg the Subversion version control system 21 December 2006 A.McNab – Grid Security

  5. Summary • Continue to support GridPP website and Wiki • Also used by other Grid websites, and NGS Wiki • Continue to track agreed changes in delegation protocol, VOMS attributes etc and update library in response • EGEE FTS has adopted GridSite components • WMS continues to use GridSite to host services • SlashGrid bulk file storage system produced and being finalised • Shibboleth support added to GridSite framework • for when JISC uses Shibboleth to replace ATHENS 21 December 2006 A.McNab – Grid Security

More Related