1 / 11

A Model for Grid User Management

A Model for Grid User Management. Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab. Outline. Motivation and System Requirements GUMS (Grid User Management System) System Design and Framework Bigger Picture Current Status Future Work. GUMS: Scope & Limitations.

thomashector
Download Presentation

A Model for Grid User Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Model for Grid User Management Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab

  2. Outline • Motivation and System Requirements • GUMS (Grid User Management System) • System Design and Framework • Bigger Picture • Current Status • Future Work

  3. GUMS: Scope & Limitations • Develop Model for Distributed User Registration • Work With Existing VO Management Tools • Including EDG VOMS Servers used in Grid2003 • Help Define Requirements for New & Improved VO Tools • Focus on Site Tools for User Management

  4. User Registration • Many Sites Require Pre-registration of Users • Sites Will Need to Serve Large Sets of Users • Users Will Need Access to a Large Number of Sites • Sites and VOs Will Need to Work Out User Registration Mechanisms • Grid2003 and LCG are Developing Procedures

  5. Registration Requirements • Site Requirements • Collect Sufficient Information About User and Registration Chain • Provide Information to Site in Secure, Trusted, Auditable Manner • “Reasonably” Static User List • Store History Information, Keep Up-to-Date User Information • User Requirements • Register Once Per Virtual Organization • Registration Must Be “Reasonably” Local • “Reasonable” and Static Number of Data Items • VO Requirements • Sites Must Have “Reasonably” Complete and Up-to-date User List • Extensibility of Including More Information

  6. Automated Registration • Software Tools – The Easy Part • VO User Registry – N Column Database; Several Approaches: VOMS, VOMRS • Site – User Database, Configurable Tool to Periodically Pull User Info From One or More VOs, Maintain History, Perform Local Account Mapping, Creating Grid-mapfile • Trust Relationships – The Hard Part • A VO Structure Needs to Be Created That Will Enforce Agreed Registration Requirements • Every Site Must Be Able To Trust Every Registrar • Protect User Privacy

  7. VOMS server VO User Registry DB User info importer VOMS server Regional Registration Authority? Account Creation And Mapping Local Registration Authority Grid-Mapfile Generation Module User info Banned User Synchronize grid-mapfile Mapping Grid User Management System Architecture Download User Info Cron Job VOMS, VOMRS New user Membership User left VO CRL Push Remote Cron Job Site User Info DB Update

  8. VOMRS VOMS EDG Local Center Registration Service GridCluster LRAS Gatekeeper & callouts SAZ Where Does GUMS Fit?

  9. Local Center Registration Service Where Does GUMS Fit? VOMRS VOMS EDG GUMS GridCluster ? Local History LRAS Gatekeeper & callouts SAZ

  10. Current Status • The First Stage Development Is Completed • Ready to Download and Use • Testing by VDT Testers Group • Good Documentation • http://www.atlasgrid.bnl.gov/testbed/gums/ • Characteristics • Tractable, Flexible • Satisfy the User Registration Requirements • GUMS Can Easily Support Large Numbers of Users to Access Multiple Grid Sites • Easy Installation and Management • User Base Is Still Small Enough for Traditional Registration Methods Which Can Be Used in Parallel With Distributed/automated Tools

  11. Future Plan • Integrate Into Larger VOX Scheme • Improve Usability and Security • Having a Real User Management System Will Expose Issues/problems and Begin Building Trust Infrastructure • Force Some Sites to Start Addressing Remote User Registration Issues • Promote Tools and Recruit Users!

More Related