Www.eu-eela.org E-infrastructure shared between Europe and Latin America Certification Authorities in LA and links with TAGPMA Vanessa Hamar (ULA) / Jorge.

Slides:



Advertisements
Similar presentations
2 nd APGrid PMA F2F Meeting Osaka University Convention Center October 15 09: :20 # Participants: 26.
Advertisements

E-science grid facility for Europe and Latin America SA1 - Status Report Grid Infrastructure Activity Diego Carvalho (SA1 Activity Manager)
Grid Computing in Higher Education (Scott Rea) EDUCAUSE PKI Deployment Forum Madison, WI - April 15, 2008.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
Authentication Policy David Kelsey CCLRC/RAL 15 April 2004, Dublin
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Policy Issues for Identity Management (and other attributes) EGI Technical.
The EU Grid PMA David Kelsey CCLRC/RAL 16 April 2004, Dublin
Session 7a, 10 May 2007 IST-Africa 2007 Copyright 2007 EELA Project: IST
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Pilot Test-bed Operations and Support Work.
E-science grid facility for Europe and Latin America EELA-2 and beyond it Bernard M. Marechal CETA-CIEMAT & UFRJ (SPAIN & BRAZIL) 2 nd EELA-2.
4th EGEE Meeting, PISA October, 2005 E-Infraestructure shared between Europe and Latin America Jesús Casado, CIEMAT
13-May-03D.P.Kelsey, WP8 CA and VO organistion1 CA’s and Experiment (VO) Organisation WP8 Meeting EDG Barcelona, 13 May 2003 David Kelsey CCLRC/RAL, UK.
12-May-03D.P.Kelsey, SCG Online Authentication1 Online Authentication SCG Meeting EDG Barcelona, 12 May 2003 David Kelsey CCLRC/RAL, UK
Luis A. Trejo (ITESM) ICT Day Opportunities to participate in EU ICT research projects San José, 16 February 2010 Mexico participation.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Related Projects Dieter Kranzlmüller Deputy.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Grid projects in Europe Giuseppe Andronico.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The EELA Project Giuseppe Andronico INFN.
Results of the HPC in Europe Taskforce (HET) e-IRG Workshop Kimmo Koski CSC – The Finnish IT Center for Science April 19 th, 2007.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America EELA at an end EELA-2 before its onset Bernard.
CAOPS-IGTF Session An Update from the TAGPMA Vinod Rebello given by Scott Rea OGF 25, Catania, Italy March 2, 2009 The Americas Grid Policy Management.
DOE Grids New subordinate CP/CPS v2.3 New subordinate CP/CPS v2.3 New name DOEGrids.org New name DOEGrids.org Old name DOESciencegrid.org Old name DOESciencegrid.org.
The LHC Computing Grid – February 2008 The Worldwide LHC Computing Grid Dr Ian Bird LCG Project Leader 25 th April 2012.
TERENA TF-EMC2 Workshop David Groep,
Perfection in Automation
10-Jun-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) CERN, 10 June 2003 David Kelsey CCLRC/RAL, UK
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE – paving the way for a sustainable infrastructure.
INFSO-RI Enabling Grids for E-sciencE Plan until the end of the project and beyond, sustainability plans Dieter Kranzlmüller Deputy.
Bob Jones Technical Director CERN - August 2003 EGEE is proposed as a project to be funded by the European Union under contract IST
INFSO-RI Enabling Grids for E-sciencE Status of the Biomedical Applications in EELA Project (E-Infrastructures Shared Between Europe.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America 1 EELA: E-Infrastructure shared between Europe and Latin.
TAGPMA & the Bridge WG (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Activities and Applications Update - Chicago, IL.
Security Mechanisms The European DataGrid Project Team
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America EELA Infrastructure (WP2) Roberto Barbera.
The LHC Computing Grid – February 2008 The Challenges of LHC Computing Dr Ian Bird LCG Project Leader 6 th October 2009 Telecom 2009 Youth Forum.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Wrote by Jorge Gomes and presented by Bruno.
International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2.
Introduction to EELA Antonio Fuentes Tutorial Grid Madrid, May 2004.
E-science grid facility for Europe and Latin America Task TSA1.3 - Authentication Services and Policies Acheivements Jacques Alves da Silva.
FP6−2004−Infrastructures−6-SSA EUChinaGrid status report Giuseppe Andronico INFN Sez. Di Catania CERN – March 3° 2006.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGI Operations Tiziana Ferrari EGEE User.
EGI-InSPIRE Steven Newhouse Interim EGI.eu Director EGI-InSPIRE Project Director Technical Director EGEE-III 1GDB - December 2009.
NRENs, Grids and Integrated AAI In Search For the Utopian Solution Christos Kanellopoulos AUTH/GRNET October 17 th, 2005 skanct at physics.auth.gr 2nd.
2-Sep-02D.P.Kelsey, WP6 CA, Budapest1 WP6 CA report Budapest 2 Sep 2002 David Kelsey CLRC/RAL, UK
DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Thoughts on International e-Science Infrastructure Kevin Thompson U.S. National Science Foundation Office of Cyberinfrastructure iGrid2005 9/27/2005.
Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA
EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.
Dr. Isabel Campos Plasencia (IFCA-CSIC) Spanish NGI Coordinator ES-GRID The Spanish National Grid Initiative.
E-science grid facility for Europe and Latin America EELA-2: a seed for e-Science Bernard M. Marechal (EELA-2 Project Coordinator) CETA-CIEMAT.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The EELA Grid Infrastructure Roberto Barbera.
EGEE is a project funded by the European Union CA overview and requirements Ognjen Prnjat, Nikos Vogiatzis GRNET EGEE-SEE regional kick-off, April 7-8.
25-September-2005 Manjit Dosanjh Welcome to CERN International Workshop on African Research & Education Networking September ITU, UNU and CERN.
7-May-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Issues and Planning or Report from the Security Group CERN, 8 May 2003 David Kelsey CCLRC/RAL, UK.
E-science grid facility for Europe and Latin America CHAIN Proposal v0.1 EELA-2 compilation CERN e-Infrastructure projects Meeting ( )
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The Latin American Catch-all Grid Certification.
APGridPMA Update Eric Yen APGridPMA August, 2014.
The Americas Grid Policy Management Authority TAGPMA Update Derek Simmel 35 th EUGridPMA Meeting Amsterdam, Netherlands.
Trusted Organizations In the grid world one single CA usually covers a predefined geographic region or administrative domain: – Organization – Country.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security aspects (based on Romain Wartel’s.
A Study of Certification Authority Integration Model in a PKI Trust Federation on Distributed Infrastructures for Academic Research Eisaku SAKANE, Takeshi.
Update of APGridPMA Eric Yen 25 th EUGridPMA & IGTF All Hands Meeting KIT, Germany 7 May, 2012.
14 th EUGridPMA Meeting Update from TAGPMA Jim Basney Lisbon, Portugual October 6-8, 2008 The Americas Grid Policy Management Authority.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.
Grids & PKI: TAGPMA & Bridges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.
Ian Bird GDB Meeting CERN 9 September 2003
HellasGrid CA & euGridPMA
Long-term Grid Sustainability
Electrification business
Presentation transcript:

E-infrastructure shared between Europe and Latin America Certification Authorities in LA and links with TAGPMA Vanessa Hamar (ULA) / Jorge Gomes (LIP) / First Latin American EELA Workshop Mérida,

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 2 Pilot Testbed operation and support  EELA aims to establish a common interoperable Pilot Grid Testbed between existing resources in Latin America and Europe based on the EGEE middleware framework. The EELA Pilot Testbed supports dissemination activities and application exploitation.  EELA will start with a reduced set of sites that will be expanded as the project evolves.  However the range of users will include all partners and also new users not yet identified.  The grid authentication is the first major deployment issue.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 3 EELA will work closely with several international projects: –EGEE  Use of EGEE Middleware to set-up a pilot e-infrastructure interoperable with EGEE.  EELA will setup an LA ROC (Regional Operational Centre) following the EGEE model.  The EELA European partners already operate grid infrastructures integrated into EGEE –Close collaboration with other projects  ALICE/GEANT, EUCHINAGRID, EUMEDGRID, SEE-GRID, … EELA must be interoperable with these projects ! Relationships with other projects

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 4 Authentication Most grid infrastructures including the ones based on EGEE/LCG middleware use X.509 certificates for authentication. How does it work: –Each user, system or service must have a certificate that is used for authentication purposes –In order to ensure the identify of each subject (user, system or service) the certificate must be signed by a trusted authority that asserts that the certificate belongs to the subject –These are the so called certification authorities (CAs) that:  Accept certificate requests and verify the subject identity  Signing the successfully verified certificate requests  Revoke certificates when needed  Issue lists of revoked certificates –An X.509 authentication infrastructure is called a PKI (Public Key Infrastructure)

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 5 Authentication In the grid world one single CA usually covers a predefined geographic region or administrative domain: –Large organization –Country –A set of countries (scalability can be an issue) A common international trust domain for grid computing has been created to join the several existing certification authorities into a single authentication domain and thus enabling sharing of grid resources worldwide. The International Grid Trust Federation (IGTF) has been created to coordinate and manage this trust domain.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 6 IGTF The international scientific community is working to deploy computational Grids for the advancement of science and engineering. The promise of global computational Grids, requires policies and procedures that reliably identify Grid subscribers and resources. A number of regional and large PKIs have established Policy Management Authorities to manage their individual certification process. The goal of the IGTF will be to foster harmonization and synchronization of these various PMAs policies to allow for a global trust relationship to be established. Three PMAs have been created covering 3 world regions: –European Grid PMA (EUgridPMA) –Asia Pacific Grid PMA (APgridPMA) –The Americas Grid PMA (TAGPMA) The European Grid PMA was the first PMA to be established and was born from the DataGrid Certification Authorities Coordination Group (CACG) that was established by the DataGrid and CrossGrid projects.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 7 IGTF International Grid Trust Federation (Working to Establish Worldwide Trust for Grids) Asia Pacific PMA Americas PMA LIP CA Portugal CERN CA Switzerland CNRS Grid France CyGrid Cyprus CESNET Czech DutchGrid Netherlands GermanGrid Germany HellasGrid Greece GridIreland Ireland INFN CA Italy Belnet Belgium Grid-PK Pakistan SIGNET Slovenia EstonianGrid Estonia AustrianGrid Austria NIIF/HungarNet Hungary IHEP China BalticGrid Europe TR-Grid Turkey NorduGrid Nordic countries PolishGrid Poland Russian Datagrid Russia SlovakGrid Slovakia DataGrid-ES Spain UK e-Science United Kingdom BelnetGrid Belgium Grid-PK Pakistan FNAL Grid USA GridCanada Canada DOEGrids USA ArmeSFo Armenia IUCC Israel ASCCG Taiwan SeeGrid Europe RMKI Hungary SWITCH Switzerland DFN Germany RDIG Russia PKIrisGrid Spain DOEGrids USA GridCanada Canada FNAL USA AIST Japan APAC Australia ASGCC Taiwan SDG China IHEP China KISTI Korea Naregi Japan BMG Singapore CMSD India HKU Hong Kong NCHC Taiwan Osaka U. Japan USM Malaysia International Grid Trust Federation The list is always growing

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 8 EUgridPMA Is a body to establish requirements and best practices for grid identity providers to enable a common trust domain applicable to authentication of end-entities in inter-organisational access to distributed resources. As its main activity the EUGridPMA coordinates a Public Key Infrastructure (PKI) for use with Grid authentication middleware. The EUGridPMA itself does not provide identity assertions, but instead asserts that the certificates issued by the Accredited Authorities meet or exceed the relevant guidelines. Relying Parties

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 9 TAGPMA The Americas PMA (TAGPMA) is a regional PMA created to cover the Americas area from Canada to the tip of Chile. TAGPMA was created in 2005 and its membership and activities are just starting. The appearance of potential new CAs in LA supported by the EELA project have been welcomed by TAGPMA –they are providing the needed push to start the charter This is a situation also welcomed by the EUgridPMA that has already too many members Members of the TAGPMA which operate a classic PKI based Authentication service, must continue to operate the service under the Classic PKI Authentication Profile that is maintained by the EUGridPMA For more information see:

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 10 Accreditation For new CAs to be accepted as an IGTF PMA member they have to pass through a rigorous and extensive accreditation process. The CA policies and operations must be extensively documented in a CP/CPS document. The CP/CPSs are reviewed by the PMA members. The CA online repositories are checked by the PMA The CA managers must attend the PMA face-to-face meetings, present the CA and answer all questions from the other members including other CA managers and relying parties. The CA must implement all required changes. This is an iterative process that aims to establish trust.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 11 EELA Authentication Upon the start of EELA there were no Latin American CAs recognized by IGTF or any of its three PMAs. For EELA the deployment of a PKI in Latin America recognized by IGTF is fundamental for the deployment of the grid computing pilot testbed and for the project success. This PKI is a basic requirement for the successful dissemination and extension of the grid technologies into the LA countries. EELA is setting up a PKI authentication infrastructure: –Compatible with EGEE, LCG, and other EGEE/LCG based projects –Internationally accepted/recognized (IGTF) –That can remain operational beyond the end of the project:  as one of the project outcomes  allowing further future projects in LA and within each country  enabling LA scientific users to share and access resources at global level

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 12 EELA and CAs The IGTF is a recent development. When the EELA Technical Annex was written the IGTF didn’t yet existed The EELA strategy had to be adjusted –Short term (for the immediate needs):  Use the existing catchall CA from CNRS (France) This is a temporary solution By the end of the year EELA needs a better working solution –Medium term:  Contact IGTF trough EUgridPMA (where some of the project partners are CA representatives)  Ask for the help of the PMAs in the setup and accreditation of the CAs  Establish new CAs in LA: one per country where possible one catchall CA for the whole LA region using the classic CA profile  Obtain accreditation from the TAGPMA

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 13 Classic Profile What is it: –The CA signs and revokes certificates –These are long-term certificates (one year) –The CA has subordinate RAs that just perform the administrative task of checking the subject identity in different organizations or departments –The other possible profile is the SLCS where short lifetime certificates are issued based on other credentials such as kerberos tickets, but this is not yet recognized at the IGTF level. Advantages: –Is the most known CA profile –A lot of know-how and solutions do exist –Most of the CAs operating today use the classic profile –Is the easiest to support across administrative domains –The profile requirements are stable and controlled by EUgridPMA

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 14 Classic Profile A network of subordinated RAs is necessary to perform the identity verification of the subjects The RAs will be created at the level of the organizations or at the level of departments: –Operating at university or research centre wide level (more difficult) –Operating at the level of a department or group –The CA can also operate an RA but don’t forget that the physical presence of the subject is required for identity verification The RAs will be created only upon request, their creation should be user driven. CA RA Univ AUniv BUniv CUniv DUniv EUniv FUniv G

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 15 Classic profile How to obtain a certificate: The certificate is issued by the CA The certificate is used as a key to access the grid A certificate request is performed The user identify is confirmed by the RA

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 16 Why one CA per country –Long term scalability  Latin America is a huge geographic area  Many LA countries are quite large  The potential number of users and end entities is high –Long term sustainability  There is a cost associated with the operation of the CAs  A single large CA would raise the cost and funding issue  Easier to fund –Awareness of local details  Better knowledge of the local law  Better knowledge of the local academic environment –Better coordination and support  Nearest to the end users  Same language  Better understanding of the needs and difficulties –Flexibility  Easier to adapt to new local requirements –Robustness and security  Is a CA fails the implications will be limited to a single country NEEDED FOR LARGE DEPLOYMENT (this is the model recomended by EUgridPMA)

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 17 catchall CA A catchall CA is used to issue certificates to organizations in regions without a specific national CA when: –The national CAs are yet being deployed –There are difficulties to setup a national CA EELA is setting up a catchall CA for the Latin American region The CA will be operated by Universidade Federal Fluminense (UFF) in Brazil

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 18 Current CNRS RAs As a short term solution EELA is obtaining certificates for the LA partners from the French CNRS catchall CA Four RAs have been established: –UFF (Universidade Federal Fluminense)  Instituto de Computação (Vinod Rebello) –UFRJ (Universidade Federal do Rio de Janeiro)  Instituto de Física (Diego Carvalho) –UNAM (Universidad Nacional Autonoma de Mexico)  Instituto de Ciencias Nucleares (Lukas Nellen) –ULA ( Universidad de los Andes )  Centro Nacional de Cálculo Científico (Vanessa Hamar) More will be established as necessary The use of the CRNS catchall CA is a temporary measure with reduced scalability

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 19 EELA Candidate CAs Argentina –UNLP - Universidad Nacional de La Plata  Javier Diaz Brazil –UFF – Universidade Federal Fluminense  Vinod Rebello Chile –REUNA – Red Universitaria Nacional  Juan Carlos Martínez Peru –SENAMHI – Servicio Nacional de Meteorología e Hidrología del Perú  Richard Miguel México –UNAM – Universidad Nacional Autónoma de México  Juan Carlos Guel Venezuela –ULA – Universidad de los Andes  Vanessa Hamar

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 20 EELA Candidate CAs CAHosting organization Status ArgentinaUNLPCP/CPS reviewed by TAGPMA, CA infrastructure being deployed BrazilUFFCP/CPS reviewed by TAGPMA, CA infrastructure being deployed CatchallUFFCP/CPS reviewed by TAGPMA, CA infrastructure being deployed ChileREUNACP/CPS reviewed by TAGPMA, CA infrastructure being deployed MexicoUNAMCP/CPS reviewed by TAGPMA, CA infrastructure being deployed VenezuelaULACP/CPS internal review by EELA PeruSENHAMIWorking on the CP/CPS

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 21 Status EELA has been presented for the first time at the EUgridPMA meeting held in Vienna (Austria) in January: –The EELA project was very well received by both the EUgridPMA and TAGPMA members present at the meeting –The organization of the first TAGPMA face-to-face meeting was agreed to be held in Rio de Janeiro The deployment work started in January with the focus on the operation procedures and certification practices. EELA members started to participate in TAGPMA videoconferences. EELA was officially accepted as a TAGPMA member representing a major relying party In March the CP/CPSs of the CAs were submitted to the TAGPMA for review. In March the first TAGPMA face-to-face meeting was organized in Rio de Janeiro with the help of RNP: –During the meeting the EELA CAs being currently deployed were presented and their CP/CPSs discussed. –The CP/CPS were considered of very good quality.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 22 Status Most EELA CAs are now being actuality deployed which includes: –Customization and deployment of the CA management software –Setup of the required systems and services  CA repository  CA signing station Full TAGPMA accreditation should be obtained in the next face-to-face meeting to be held in Canada

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 23 Authorization The possession of a certificate does not gives the right of access to any grid resources by itself. The EELA grid authorization is based on the VO concept. VOs are basically groups of users that share common or similar interests and that which to share the same resources. Instead of authorizing users individually site access is allowed on a VO basis enabling better scalability. –The site manager does not need to add individual users –The site manager authorizes entire VOs –The site manager can refuse specific certificate subjects The management of a VO is a responsibility of the VO itself that designates a VO manager for that purpose. The VO manager is responsible for allowing or denying access to the VO based on the VO policies.

E-infrastructure shared between Europe and Latin America Segundo Taller Latino Americano de Computación Grid – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 24 Future and conclusions An international federation for authentication in grid computing is already in operation worldwide The EELA efforts will enable the creation of Latin American certification authorities recognized worldwide We would like to identify other potential end entities and relying parties interested in the usage of certificates for grid computing in Latin America to: –take further advantage of the authentication infrastructure being deployed –join the EELA grid infrastructure

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.