Planning: Hardening the rabbit Steve Fisher / RAL 5/3/2004 WP3.

Slides:



Advertisements
Similar presentations
EGEE is a project funded by the European Union under contract IST R-GMA status and plans Abdeslem DJAOUI / RAL GRIDPP10 meeting at CERN, 3.
Advertisements

21 Sep 2005LCG's R-GMA Applications R-GMA and LCG Steve Fisher & Antony Wilson.
GridPP9 – 5 February 2004 – Data Management DataGrid is a project funded by the European Union GridPP is funded by PPARC GridPP2: Data and Storage Management.
INFSO-RI Enabling Grids for E-sciencE Information and Monitoring Status and Plans GridPP18, Glasgow, Mar 2007.
WP3 WP3 17/9/2002 Steve Fisher / RAL. WP3 Steve Fisher 17/9/2002WP32 Summary Quality Current status 1.2 R-GMA in release 2.0 Recent Requirements Work.
29 June 2006 GridSite Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.
EGEE is a project funded by the European Union under contract IST R-GMA: Status and Plans Antony Wilson / RAL GridPP 12 - Brunel
Andrew McNab - Manchester HEP - 24 May 2001 WorkGroup H: Software Support Both middleware and application support Installation tools and expertise Communication.
Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester.
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
E-commerce Project Erik Zeitler Erik Zeitler2 Lab 2  Will be anounced and scheduled later  We will deploy Java Server Pages on a Tomcat server.
© 2005, Cornell University. Rapid Application Development using the Kuali Architecture (Struts, Spring and OJB) A Case Study Bryan Hutchinson
Computers & Employment By Andrew Attard and Stephen Calleja.
Performance Technology Dr. James J. Kirk Professor of HRD.
5 November 2001F Harris GridPP Edinburgh 1 WP8 status for validating Testbed1 and middleware F Harris(LHCb/Oxford)
DataGrid is a project funded by the European Commission under contract IST GridPP-2 Middleware 4 th -5 th Mar 2004 Information and Monitoring.
Thoughts on the ATF of the DataGrid 24 th –25 th May 2001 Steve Fisher / RAL.
Introduction on R-GMA Shi Jingyan Computing Center IHEP.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Information System (IS) Valeria Ardizzone.
INFSO-RI Enabling Grids for E-sciencE Logging and Bookkeeping and Job Provenance Services Ludek Matyska (CESNET) on behalf of the.
Capstone – Team C Project: Sisters Of The Road
LCG Middleware Testing in 2005 and Future Plans E.Slabospitskaya, IHEP, Russia CERN-Russia Joint Working Group on LHC Computing March, 6, 2006.
Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.
NoteSearch - Find what you’re looking for. Prototype Team B.
EGEE is a project funded by the European Union under contract IST Outstanding design issues Stephen Hicks 23/06/04
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks R-GMA Now With Added Authorization Steve.
Using JAS3 for LCD Analysis Tony Johnson 20 th May 2003.
13 May 2004EB/TB Middleware meeting Use of R-GMA in BOSS for CMS Peter Hobson & Henry Nebrensky Brunel University, UK Some slides stolen from various talks.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
Maarten Litmaath (CERN), GDB meeting, CERN, 2006/02/08 VOMS deployment Extent of VOMS usage in LCG-2 –Node types gLite 3.0 Issues Conclusions.
8-Jul-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) RAL, 8 July 2003 David Kelsey CCLRC/RAL, UK
WP3 Information and Monitoring Steve Fisher / RAL 23/9/2003.
Some Title from the Headrer and Footer, 19 April Overview Requirements Current Design Work in Progress.
WP3 R-GMA: Likely status New Years Eve Steve Fisher / RAL 24/2/2003.
GLite – An Outsider’s View Stephen Burke RAL. January 31 st 2005gLite overview Introduction A personal view of the current situation –Asked to be provocative!
WP3 Authorization and R-GMA Linda Cornwall WP3 workshop 2-4 April 2003.
EGEE is a project funded by the European Union under contract IST R-GMA: Production Services for Information and Monitoring in the Grid John.
CaGrid 2.0 Security Prototype 1. Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability.
INFSO-RI Enabling Grids for E-sciencE Information and Monitoring Status and Plans Plzeň, 10 July 2006 Steve Fisher/RAL.
Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005
WP3 RGMA Deployment Laurence Field / RAL Steve Fisher / RAL.
INFSO-RI Enabling Grids for E-sciencE
LCG Accounting John Gordon Grid Deployment Board 13 th January 2004.
Portal Update Plan Ashok Adiga (512)
VOMS: Status & Plans Vincenzo Ciaschini, Valerio Venturi MWSG Meeting, CERN, Feb
INFSO-RI Enabling Grids for E-sciencE ARDA Experiment Dashboard Ricardo Rocha (ARDA – CERN) on behalf of the Dashboard Team.
WP3 Information and Monitoring Rob Byrom / WP3
Handling Semantic Data for Software Projects Data Management CSE G674 – SW Engineering Project.
The impact of R-GMA (upon WP1 and WP4). EDG (Paris) 6 Mar James MagowanImpact of R-GMA Grid Monitoring Architecture (GMA) We use it not only for.
ATLAS Database Access Library Local Area LCG3D Meeting Fermilab, Batavia, USA October 21, 2004 Alexandre Vaniachine (ANL)
INFSO-RI Enabling Grids for E-sciencE Information System Valeria Ardizzone INFN EGEE NA4 Generic Applications Meeting Catania,
WP3 Security and R-GMA Linda Cornwall. WP3 UserVOMS service authr map pre-proc authr LCAS LCMAPS pre-proc LCAS Coarse-grained e.g. Spitfire WP2 service.
INFSO-RI Enabling Grids for E-sciencE R-GMA Gergely Sipos and Péter Kacsuk MTA SZTAKI Credit to Valeria Ardizzone.
Plans for D7.7 The Security Report on the Final Project Release Linda Cornwall, RAL.
INFSO-RI Enabling Grids for E-sciencE gLite Information System: R-GMA Tony Calanducci INFN Catania gLite tutorial at the EGEE User.
EGEE is a project funded by the European Union under contract IST R-GMA Security Stephen Hicks UK Cluster Security Middleware Security Group.
Final Fantasy ½: IOC Overview Team Q CSE 403 Winter ‘03 I’ve got something special for you.
WP3 Hello Steve Fisher / RAL 14/1/2004. WP3 Steve Fisher/RAL - 14/1/2004Hello2 Safety If fire alarm goes off – leave If klaxon sounds – close windows.
EGEE is a project funded by the European Union under contract IST The UK Cluster Steve Fisher / RAL JRA1 meeting at Cork, 19/ April
LCG Persistency Framework Project Boundary Conditions and Overall Schedule Torre Wenaus, BNL/CERN.
WP3 Relational Work Progress Report 11/5/2001 Steve Fisher / RAL.
EGEE is a project funded by the European Union under contract INFSO-RI DGAS Grid accounting L.Gaido on behalf of A.Guarise LCG Workshop November.
WP3 Security and R-GMA Linda Cornwall, RAL. WP3 Linda Cornwall, RAL - 02/09/2002Security and R-GMA,DataGrid Workshop, Budapest 2 Current Status Currently,
Gridpp37 – 31/08/2016 George Ryall David Meredith
EGEE Middleware Activities Overview
R-GMA Security Principles and Plans
Steve Fisher / RAL March 2002
R-GMA Security Stephen Hicks UK Cluster Security
Monitoring Java Applications with JAMon
Purge-it! USP's, pre-sales process & helping the customer to decide
Presentation transcript:

Planning: Hardening the rabbit Steve Fisher / RAL 5/3/2004 WP3

Steve Fisher/RAL - 5/3/2004EDG - EGEE2 ARDA impact Our plans as submitted to GridPP2 did not include ARDA There can be no doubt that ARDA will have a major impact –It already has Had expected to have the time to plan properly –Instead we will be struggling to increase quality and rush out a prototype Concern that EGEE > LCG2 It will provide us with quick feedback –Good We will do our best –Have not got a very clear plan yet

Steve Fisher/RAL - 5/3/2004EDG - EGEE3 Accommodating ARDA It is an opportunity for us to rethink the API –Done We need web services now –Prototypes of all services done At the same time we need to come up with a good overall design –Then mostly refactoring –And some new code Need to find out what to implement first –In consultation with ARDA folk

Steve Fisher/RAL - 5/3/2004EDG - EGEE4 ARDA prototype ARDA gives us an opportunity to rethink the API Though only a prototype – will it last? In case it does – we must do a good job of API definition New ARDA document to become public at lunchtime today –It is still very much a working document

Steve Fisher/RAL - 5/3/2004EDG - EGEE5 ARDA API Have already put effort into redesigning the API: –Defined in terms of Java interfaces and Factories Allows implementation to be replaced –e.g. swap between servlets and web service –We have taken the chance to clean up names E.g. Archiver SecondaryProducer –Have also eliminated superfluous calls From maintaining backwards compatibility –Included Authorization design

Steve Fisher/RAL - 5/3/2004EDG - EGEE6 PrimaryProducer HistoryLatest Transitory Like old StreamProducer but will also support one- off (“History”) queries No old counterpart Persistent Combines old ResilientStreamProducer with DataBaseProducer Like old LatestProducer but will also support continuous queries Minimum Retention Period is used uniformly The old cleanup predicate has gone All support continuous queries

Steve Fisher/RAL - 5/3/2004EDG - EGEE7 Security Authorization rules –local to a VO –Define actions certificate holder may carry out ability to publish information (via a Producer) query (via a Consumer) to discover what Producers exist TableAuthorisation object passed into the declareTable() call. –Holds a set of (VO, AuthzRuleSet) pairs AuthzRule (for Consumer) is a pair of (View, AllowedCredentials) –May become a triplet

Steve Fisher/RAL - 5/3/2004EDG - EGEE8 View If you match the allowed credentials you will have read access to the data defined in that view If credentials match two rules you will be able to see the union of the two views So if you issue a query to see data you are not allowed to see, you will just receive an empty set. View and AllowedCredentials are parameterised –Keywords, enclosed in “[ ]” replaced by their actual values: DN, VO, GROUP, ROLE and CAPABILITY

Steve Fisher/RAL - 5/3/2004EDG - EGEE9 Example CREATE Table Job (Jobid…, State…, Owner…, OwnersGroup…, Usage…, JobDesc…) To impose the constraints that a row of the table is available to the owner of the job, i.e. if the DN matches: –SELECT * from Job where Owner=‘[DN]’ DN=‘[DN]’ To allow the VO admin role to see all but the JobDesc field: –SELECT JobID, State, Owner, OwnersGroup, Usage from Job ROLE=‘Voadmin’;

Steve Fisher/RAL - 5/3/2004EDG - EGEE10 Project planning and tracking In EDG WP3 used MSProject with generated HTML and s Thinking of using one of the various tools based on httpd+php+mysql to allow all to follow progress –e.g. aceproject at: commercial but quite cheap –At least 3 good looking free products DotProject – PHProjekt – The Ultimate Team Organization Software (TUTOS) –