Download presentation
Presentation is loading. Please wait.
1
A Model for Grid User Management
Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab
2
Outline Motivation and System Requirements
GUMS (Grid User Management System) System Design and Framework Bigger Picture Current Status Future Work
3
GUMS: Scope & Limitations
Develop Model for Distributed User Registration Work With Existing VO Management Tools Including EDG VOMS Servers used in Grid2003 Help Define Requirements for New & Improved VO Tools Focus on Site Tools for User Management
4
User Registration Many Sites Require Pre-registration of Users
Sites Will Need to Serve Large Sets of Users Users Will Need Access to a Large Number of Sites Sites and VOs Will Need to Work Out User Registration Mechanisms Grid2003 and LCG are Developing Procedures
5
Registration Requirements
Site Requirements Collect Sufficient Information About User and Registration Chain Provide Information to Site in Secure, Trusted, Auditable Manner “Reasonably” Static User List Store History Information, Keep Up-to-Date User Information User Requirements Register Once Per Virtual Organization Registration Must Be “Reasonably” Local “Reasonable” and Static Number of Data Items VO Requirements Sites Must Have “Reasonably” Complete and Up-to-date User List Extensibility of Including More Information
6
Automated Registration
Software Tools – The Easy Part VO User Registry – N Column Database; Several Approaches: VOMS, VOMRS Site – User Database, Configurable Tool to Periodically Pull User Info From One or More VOs, Maintain History, Perform Local Account Mapping, Creating Grid-mapfile Trust Relationships – The Hard Part A VO Structure Needs to Be Created That Will Enforce Agreed Registration Requirements Every Site Must Be Able To Trust Every Registrar Protect User Privacy
7
Grid User Management System Architecture
VO User Registry DB Download User Info VOMS server Cron Job VOMS, VOMRS Regional Registration Authority? VOMS server User info importer New user Membership User left VO CRL Push Remote Local Registration Authority Account Creation And Mapping Cron Job Site User Info DB Grid-Mapfile Generation Module User info Banned User grid-mapfile Synchronize Update Mapping
8
Where Does GUMS Fit? VOMS EDG SAZ LRAS VOMRS Grid Cluster Local Center
Gatekeeper & callouts Local Center Registration Service
9
Where Does GUMS Fit? ? GUMS VOMRS VOMS EDG Local History LRAS SAZ
Grid Cluster Local History LRAS Local Center Registration Service Gatekeeper & callouts SAZ
10
Current Status The First Stage Development Is Completed
Ready to Download and Use Testing by VDT Testers Group Good Documentation Characteristics Tractable, Flexible Satisfy the User Registration Requirements GUMS Can Easily Support Large Numbers of Users to Access Multiple Grid Sites Easy Installation and Management User Base Is Still Small Enough for Traditional Registration Methods Which Can Be Used in Parallel With Distributed/automated Tools
11
Future Plan Integrate Into Larger VOX Scheme
Improve Usability and Security Having a Real User Management System Will Expose Issues/problems and Begin Building Trust Infrastructure Force Some Sites to Start Addressing Remote User Registration Issues Promote Tools and Recruit Users!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.