Malik Muhamamd Junaid Maximilian Berger Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria Oct, 13, 2009. Krakow,

Slides:

Advertisements

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Advertisements

Copyright © 2008 SAS Institute Inc. All rights reserved. SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks.

Presentation by Priyanka Sawarkar

Chapter 13 Review Questions

JTX Overview Overview of Job Tracking for ArcGIS (JTX)

Futures – Alpha Cloud Deployment and Application Management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

11 DICOM Image Communication in Globus-Based Medical Grids Michal Vossberg, Thomas Tolxdorff, Associate Member, IEEE, and Dagmar Krefting Ting-Wei, Chen.

Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

1 Introduction Introduction to database systems Database Management Systems (DBMS) Type of Databases Database Design Database Design Considerations.

Identity Management, what does it solve By Gautham Mudra.

Chapter 1 The Systems Development Environment Modern Systems Analysis and Design Sixth Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Understanding Active Directory

Chapter 1 The Systems Development Environment

Software Architecture April-10Confidential Proprietary Master Data Management mainly inspired from Enterprise Master Data Management – An SOA approach.

Extended Role Based Access Control – Based Design and Implementation for a Secure Data Warehouse Dr. Bhavani Thuraisingham Srinivasan Iyer.

IBM Research – Thomas J Watson Research Center | March 2006 © 2006 IBM Corporation Events and workflow – BPM Systems Event Application symposium Parallel.

Windows.Net Programming Series Preview. Course Schedule CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

SecureAware Building an Information Security Management System.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

1 Dr. Markus Hillenbrand, ICSY Lab, University of Kaiserslautern, Germany A Generic Database Web Service for the Venice Service Grid Michael Koch, Markus.

Database Architecture Introduction to Databases. The Nature of Data Un-structured Semi-structured Structured.

GMOD Chado: to a Model-View-Controller (MVC) architecture? Valentin GUIGNON ID, DAP, BIOS CIRAD Montpellier.

Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.

Maximilian Berger David Gstir Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria Oct, 13, Krakow, PL.

IPA Differences ProcessFlow / IPA Differences.

Extending Vista The PowerLinks WebServices SDK John Hallett Senior Product Manager WebCT, Inc

SOFTWARE DESIGN AND ARCHITECTURE LECTURE 07. Review Architectural Representation – Using UML – Using ADL.

8.1 Lawson Security Overview Del Dehn Product Manager.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

CYBERINFRASTRUCTURE FOR THE GEOSCIENCES Data Replication Service Sandeep Chandra GEON Systems Group San Diego Supercomputer Center.

An application architecture specifies the technologies to be used to implement one or more (and possibly all) information systems in terms of DATA, PROCESS,

Architectural Design Identifying system components and their interfaces.

Structured Documentation Management (Smart Documents for Open Data) Project.

Information Security - City College1 Access Control in Collaborative Systems Authors: Emis Simo David Naco.

Kuali Identity Management Overview. Why did we write KIM? Common Interface for Kuali Applications Provide a Fully-Functional Product A Single API for:

Web Services Presented By : Noam Ben Haim. Agenda Introduction What is a web service Basic Architecture Extended Architecture WS Stacks.

INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.

By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.

Extensible Access Control Framework for Cloud Applications KTH-SEECS Applied Information Security Lab SEECS NUST Implementation Perspective.

Overview of Privilege Project at Fermilab (compilation of multiple talks and documents written by various authors) Tanya Levshina.

EGEE User Forum Data Management session Development of gLite Web Service Based Security Components for the ATLAS Metadata Interface Thomas Doherty GridPP.

Cole David Ronnie Julio. Introduction Globus is A community of users and developers who collaborate on the use and development of open source software,

CSC480 Software Engineering Lecture 10 September 25, 2002.

NOVA A Networked Object-Based EnVironment for Analysis “Framework Components for Distributed Computing” Pavel Nevski, Sasha Vanyashin, Torre Wenaus US.

KIM: Kuali Abstraction Layer for Identities, Groups, Roles, and Permissions.

Internet Documentation and Integration of Metadata (IDIOM) Presented by Ahmet E. Topcu Advisor: Prof. Geoffrey C. Fox 1/14/2009.

CodeBreaker Decentralized, cooperative and flexible support for extreme programming software development Nelson Baloian Roberto Konow Francisco Claude.

AFS/OSD Project R.Belloni, L.Giammarino, A.Maslennikov, G.Palumbo, H.Reuter, R.Toebbicke.

The overview How the open market works. Players and Bodies  The main players are –The component supplier  Document  Binary –The authorized supplier.

Event-Based Model for Reconciling Digital Entities Ahmet Fatih Mustacoglu Ahmet E. Topcu Aurel Cami Geoffrey C. Fox Indiana University Computer Science.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Web Services. Web Service: Simple definition : “ Service Offered On the Web “ Technically : “ A Web Service is a programmable application component that.

CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

Database and Cloud Security

Databases and DBMSs Todd S. Bacastow January 2005.

SOFTWARE DESIGN AND ARCHITECTURE

A Canadian social services ministry increases worker productivity while improving outcomes for children and families Quality Improved outcomes for children.

Introduction to z/OS Security Lesson 4: There’s more to it than RACF

Data, Databases, and DBMSs

Princess Nourah bint Abdulrahman University

Architectural Design.

Chapter 6: Architectural Design

Fast-Track UiPath Developer Module 10: Sensitive Data Handling

Presentation transcript:

Malik Muhamamd Junaid Maximilian Berger Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria Oct, 13, Krakow, PL.

Outline Motivation Workflow Hosting Environment Secure Workflow Repository (SWFR) Architecture Components Security and Reliability Advancement Conclusion

Introduction Workflows are vital to Grid based applications. Increasing complexity of these applications is making the workflow design difficult, Leading to a need for: Workflow Sharing and Reuse Workflow security Workflow Version Management Workflow Modification History

ASKALON Workflow Storage Workflow Represented using AGWL based on XML Workflow storage is based on Filesystem Open access to all users Manual version history No Workflow Modification History No ownership record for workflows

Secure Workflow Repository(SWFR) SWFR is designed and implemented to address these issues: Features: Decentralized Service oriented implementation Secure Client Service communication for workflow transactions Extended Role Based Access Control Automated Version Control Comprehensive wokflow update history Complete Ownership information

Workflow Design Tool (client) Workflow Repository (Service) Architecture of the SWFR Event Handler Design Tool Repository Requests (Events) Repository Requests (Events) Authentication & Authorization Module Version Management Module Version Management Module Storage, Retrieval & Session Management Storage, Retrieval & Session Management Workflow Repository Session Manager

Permissions Security using Extended-RBAC Role based Access Control (RBAC) Opera tions objects Roles Users Role Hierarchy Permission Assignment Permission Assignment User Assignment Rights Delegation Extended Role based Access Control (E-RBAC) for Grid Workflows

Security using Extended-RBAC Request Handler Repository Access Authorization (E-RBAC) Authentication (RBAC) Session Authentication Decryption Layered Security Architecture: Request Handle performs Decryption of the incoming request based on the session information User Authentication based on Session and credential information Authorization check based on Roles and Exceptional rights Information Retrieval from the Repository Encryption using session information

Schema Diagram for the SWFR has change chg_type chg_id 1* has revision rev_nr time_st rev_Id * owner workflow name xmlid state 1 * has Wf_info Time_st count full_rev wf_inf_id has 1 * 1 * User u_id u_name name cred 1* u_perm rights * is_in ** Group gid Gp_name gp_perm rights * *

Automatic Version Management Version Management Module: Keeps track of the Existing Workflows in the Repository Applies Version Increment to the Updated workflows Automatic Minor updates for the workflow modifications User directed explicit major version updates

Conclusion SWFR Provides a better solution for workflow management It can be easily integrated into larger systems. Secure communication makes it safe for SOA Decentralized database makes it fast and efficient Layered Extended Role based access provides multi level of security. Fine grained access control is possible because of exceptional rights delegation Automatic version management helps in tracking changes and finding updated version easily.