160 likes | 170 Views
Symphony A Java-Based Composition and Manipulation Framework for Computational Grids. Dennis Kafura Markus Lorch. This work is supported by the Virginia Commonwealth Information Security Center (CISC). Organization. Motivation The Symphony Framework Security Requirements
E N D
Symphony A Java-Based Composition and Manipulation Framework for Computational Grids Dennis Kafura Markus Lorch This work is supported by the Virginia Commonwealth Information Security Center (CISC)
Organization • Motivation • The Symphony Framework • Security Requirements • Security Architecture
Motivation • Different grid user categories- component developer- grid (meta) program composer/developer- end user • Existing grid middleware expose command-line interfaces and proprietary APIs and use scripts to define meta programs • Grid portals are build for specific applications (PSEs) and use specific grid middleware
Motivation (contd.) Need for a grid abstraction layer, that: • allows grid applications to be quickly composed, customized, executed and monitored • provides a unified API for grid portal and application developers, independent of the underlying grid middleware • provides for grid applications that run accross several grid middleware systems
The Symphony Framework • A component-based framework for creating, sharing, composing, and executing (elements of) grid applications • Components abstract local and remotely accessible data and software resources through customizable JavaBeans (programs, data files, and data streams) • Grid applications defined by linking components through data and control flow relationships • Beans are instantiated and customized (equipped with knowledge on the object this bean will be a surrogate for)
The Symphony Framework • Symphony beans can be customized and interconnected either interactively by a user or through programmatic means • Standard composition environment is Sun‘s BeanBox. A container supporting collaborative work (shared workspace) is Sieve • Symphony can currently incorporate Globus resources (using the Java COG Kit), Symphony resouces (RMI) and local resources into a single meta program
Security Requirements • Support for group collaboration- delegation of fine grained privileges - combination of privileges from sep. sources • Fine grained enforcement with support for legacy applications required • Support for multiple credentials • Low overhead setup mechanisms for ad-hoc collaborative groups • Support for short-term temporary users (without OS user accounts)
Proposed Security Mechanisms • Use proxy certificates as intended for authentication • Convey fine grained rights through attribute certificates to enable user collaboration • Interface grid middleware with POSIX OS extentions for portable enforcement of fine grained access policies
Symphony Security Summary • Can employ any combination of proxy certificates and attribute certificates • Enables ad-hoc group collaboration through user-to-user delegation • Based on widespread GSI, can incorporate CAS • Supports legacy applications even for fine-grained access policies
Current and Future Work • Refining and evaluation of our security mechanisms and integration in existing grid security architectures. • Support for additional grid middleware (Legion, Unicore) • Improvement of GUI and transformation into a three tier architecture
Conclusion • Evaluation version available athttp://symphony.cs.vt.edu Contact • Markus Lorch <mlorch@vt.edu> • Dennis Kafura <kafura@vt.edu>