Presentation is loading. Please wait.

Presentation is loading. Please wait.

SRM over SSL Paul Millar, on behalf of Alex Sim, Jean-Philippe Baud, Ricardo Rocha, Giuseppe LoPresti, Patrick Fuhrmann.

Published byCandace Hines Modified over 6 years ago

Similar presentations

Presentation on theme: "SRM over SSL Paul Millar, on behalf of Alex Sim, Jean-Philippe Baud, Ricardo Rocha, Giuseppe LoPresti, Patrick Fuhrmann."— Presentation transcript:

1 SRM over SSL Paul Millar, on behalf of Alex Sim, Jean-Philippe Baud, Ricardo Rocha, Giuseppe LoPresti, Patrick Fuhrmann.

2 V similar to SSLv3 but incompatible Clients can delegate Delegation
Setting the scene SRM for managing storage GSI V similar to SSLv3 but incompatible Clients can delegate Delegation Allows SRM server to act “on behalf of” end- users Creates key-pair on server EMI-TC Vilnius

3 Everything except srmPing.
Why delegate? 3rd party copy srmCopy Reserving bandwidth srmPrepareTo(Get|Put), srm(Get|Put)Done, srmCopy X.509 backed tape SrmBringOnline, srmPrepareTo(Get|Put), srm(Get|Put)Done, srmCopy Federated SRM Everything except srmPing. EMI-TC Vilnius

4 Why switch from GSI to SSL?
GSI is not a standard (SSLv3 is) Coupling delegation with transport negotiation is inflexible. It's not widely used outside of Grid Only libraries are coming from a single vendor: Globus Hard to add advanced features; e.g., no hardware acceleration. EMI-TC Vilnius

5 What to do about delegation?
If delegation isn't needed then SSLv3 works fine. Delegation requires extra functionality Solution is a “service” that allows delegation. (NB. we're not talking about a single, per-site shared service; rather, each service has a common extra API) EMI-TC Vilnius

6 Delegation Services Tech. SOAP Y N REST M Name C / Native Java / JVM
Supported Client Server Globus Credential Delegation Service SOAP Y N GridSite Delegation Service Globus New Delegation Service REST IVOA Delegation Service M EMI-TC Vilnius

7 Agreement on SRM-over-SSL Servers: Available in EMI-1 as prototype
Current status Agreement on SRM-over-SSL Servers: Available in EMI-1 as prototype No delegation support. Initially dCache, DPM in 2011Q4 Due to some refactoring, StoRM starting work in May. Clients: Prototype support in dCache clients EMI-TC Vilnius

8 Remain backwards compatible: Servers will run both GSI and SSL
Future plans Remain backwards compatible: Servers will run both GSI and SSL SSL support in all SRM servers software Move from prototype to production Add delegation support All clients to support SSL Everything ready for EMI-2 (April 2012) EMI-TC Vilnius

9 Thank you! EMI-TC Vilnius

Download ppt "SRM over SSL Paul Millar, on behalf of Alex Sim, Jean-Philippe Baud, Ricardo Rocha, Giuseppe LoPresti, Patrick Fuhrmann."

Similar presentations

Jens G Jensen CCLRC/RAL hepsysman 2005Storage Middleware SRM 2.1 issues hepsysman Oxford 5 Dec 2005.

Jens G Jensen CCLRC/RAL hepsysman 2005Storage Middleware SRM 2.1 issues hepsysman Oxford 5 Dec 2005.
DPM Name Server (DPNS) Namespace Authorization Location of physical files DPM Server Requests queuing and processing Space Management SRM Servers v1.1,

DPM Name Server (DPNS) Namespace Authorization Location of physical files DPM Server Requests queuing and processing Space Management SRM Servers v1.1,
10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.

10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.
16 th May 2006Alessandra Forti Storage Alessandra Forti Group seminar 16th May 2006.

16 th May 2006Alessandra Forti Storage Alessandra Forti Group seminar 16th May 2006.
Heads in the cloud? GSM-WG at OGF31, Taipei Jens Jensen, RAL.

Heads in the cloud? GSM-WG at OGF31, Taipei Jens Jensen, RAL.
A. Sim, CRD, L B N L 1 Oct. 23, 2008 BeStMan Extra Slides.

A. Sim, CRD, L B N L 1 Oct. 23, 2008 BeStMan Extra Slides.
The GridSite Security System Andrew McNab and Shiv Kaushal University of Manchester.

The GridSite Security System Andrew McNab and Shiv Kaushal University of Manchester.
A. Sim, CRD, L B N L 1 OSG Applications Workshop 6/1/2005 OSG SRM/DRM Readiness and Plan Alex Sim / Jorge Rodriguez Scientific Data Management Group Computational.

A. Sim, CRD, L B N L 1 OSG Applications Workshop 6/1/2005 OSG SRM/DRM Readiness and Plan Alex Sim / Jorge Rodriguez Scientific Data Management Group Computational.
Data Management The GSM-WG Perspective. Background SRM is the Storage Resource Manager A Control protocol for Mass Storage Systems Standard protocol:

Data Management The GSM-WG Perspective. Background SRM is the Storage Resource Manager A Control protocol for Mass Storage Systems Standard protocol:
D C a c h e Michael Ernst Patrick Fuhrmann Tigran Mkrtchyan d C a c h e M. Ernst, P. Fuhrmann, T. Mkrtchyan Chep 2003 Chep2003 UCSD, California.

D C a c h e Michael Ernst Patrick Fuhrmann Tigran Mkrtchyan d C a c h e M. Ernst, P. Fuhrmann, T. Mkrtchyan Chep 2003 Chep2003 UCSD, California.
PVSSProxy The first piece of the MACS procedure framework (ProShell) Angela Brett.

PVSSProxy The first piece of the MACS procedure framework (ProShell) Angela Brett.
Ryan Hemmy.  The ultimate goal is to create a single efficient and lightweight program that both unifies features of existing programs and offers unique.

Ryan Hemmy.  The ultimate goal is to create a single efficient and lightweight program that both unifies features of existing programs and offers unique.
Enabling Grids for E-sciencE Introduction Data Management Jan Just Keijser Nikhef Grid Tutorial, 13-14 November 2008.

Enabling Grids for E-sciencE Introduction Data Management Jan Just Keijser Nikhef Grid Tutorial, November 2008.
Grid Security in a production environment: 4 years of running www.gridpp.ac.uk Andrew McNab University of Manchester.

Grid Security in a production environment: 4 years of running Andrew McNab University of Manchester.
Owen SyngeTitle of TalkSlide 1 Storage Management Owen Synge – Developer, Packager, and first line support to System Administrators. Talks Scope –GridPP.

Owen SyngeTitle of TalkSlide 1 Storage Management Owen Synge – Developer, Packager, and first line support to System Administrators. Talks Scope –GridPP.
WLCG Grid Deployment Board, CERN 11 June 2008 Storage Update Flavia Donno CERN/IT.

WLCG Grid Deployment Board, CERN 11 June 2008 Storage Update Flavia Donno CERN/IT.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.

WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
Maarten Litmaath (CERN), GDB meeting, CERN, 2006/06/07 SRM v2.2 working group update Results of the May 22-23 workshop at FNAL https://srm.fnal.gov/twiki/bin/view/WorkshopsAndConferences/GridStorageInterfacesWorkshop.

Maarten Litmaath (CERN), GDB meeting, CERN, 2006/06/07 SRM v2.2 working group update Results of the May workshop at FNAL
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t DBCF GT DPM / LFC and FTS news Ricardo Rocha ( on behalf of the IT/GT/DMS.

Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT DPM / LFC and FTS news Ricardo Rocha ( on behalf of the IT/GT/DMS.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Introduction Data Management Ron Trompert SARA Grid Tutorial, 25-26 September 2007.

INFSO-RI Enabling Grids for E-sciencE Introduction Data Management Ron Trompert SARA Grid Tutorial, September 2007.

Similar presentations

Ads by Google