160 likes | 177 Views
Symphony is a Java-based framework designed for composing and manipulating grid applications efficiently. It allows for easy customization and execution of grid applications, providing a unified API independent of underlying middleware. The framework supports group collaboration, fine-grained privileges, and legacy applications, enhancing security mechanisms through proxy and attribute certificates. Future work includes refining security mechanisms, integrating with additional grid middleware, and improving the graphical user interface.
E N D
Symphony A Java-Based Composition and Manipulation Framework for Computational Grids Dennis Kafura Markus Lorch This work is supported by the Virginia Commonwealth Information Security Center (CISC)
Organization • Motivation • The Symphony Framework • Security Requirements • Security Architecture
Motivation • Different grid user categories- component developer- grid (meta) program composer/developer- end user • Existing grid middleware expose command-line interfaces and proprietary APIs and use scripts to define meta programs • Grid portals are build for specific applications (PSEs) and use specific grid middleware
Motivation (contd.) Need for a grid abstraction layer, that: • allows grid applications to be quickly composed, customized, executed and monitored • provides a unified API for grid portal and application developers, independent of the underlying grid middleware • provides for grid applications that run accross several grid middleware systems
The Symphony Framework • A component-based framework for creating, sharing, composing, and executing (elements of) grid applications • Components abstract local and remotely accessible data and software resources through customizable JavaBeans (programs, data files, and data streams) • Grid applications defined by linking components through data and control flow relationships • Beans are instantiated and customized (equipped with knowledge on the object this bean will be a surrogate for)
The Symphony Framework • Symphony beans can be customized and interconnected either interactively by a user or through programmatic means • Standard composition environment is Sun‘s BeanBox. A container supporting collaborative work (shared workspace) is Sieve • Symphony can currently incorporate Globus resources (using the Java COG Kit), Symphony resouces (RMI) and local resources into a single meta program
Security Requirements • Support for group collaboration- delegation of fine grained privileges - combination of privileges from sep. sources • Fine grained enforcement with support for legacy applications required • Support for multiple credentials • Low overhead setup mechanisms for ad-hoc collaborative groups • Support for short-term temporary users (without OS user accounts)
Proposed Security Mechanisms • Use proxy certificates as intended for authentication • Convey fine grained rights through attribute certificates to enable user collaboration • Interface grid middleware with POSIX OS extentions for portable enforcement of fine grained access policies
Symphony Security Summary • Can employ any combination of proxy certificates and attribute certificates • Enables ad-hoc group collaboration through user-to-user delegation • Based on widespread GSI, can incorporate CAS • Supports legacy applications even for fine-grained access policies
Current and Future Work • Refining and evaluation of our security mechanisms and integration in existing grid security architectures. • Support for additional grid middleware (Legion, Unicore) • Improvement of GUI and transformation into a three tier architecture
Conclusion • Evaluation version available athttp://symphony.cs.vt.edu Contact • Markus Lorch <mlorch@vt.edu> • Dennis Kafura <kafura@vt.edu>