1. Why Web services should care about grid security Taavi Hupponen, CSC

2. Background  Web services enable efficient access to services that have traditionally been accesses through web pages  This puts more load on service providers  Grid middleware is being implemented with Web Services

3. Reason 1: Who is using my resources?  With increased resource usage, the service providers will get interested on who is using their resources  There will be need for identification, authentication, authorization and accounting  Not necessarily at individual level but at least in some level  This is stuff that is hard to get right  Grids have been dealing with these issues for quite a while

4. Reason 2: Grids can provide resources for your services  There is need for more resources, grids can provide them  If you are using grids as backend for your services, you end up identifying the users or yourself with the grid security mechanisms  Maybe you could avoid having two different mechanisms, by using grid stuff also for the Web service

5. Reason 3: Using grids through Web Services interface  Grid middleware is being implemented as Web Services  For example Globus Toolkit 4  This may enable use of grid features and services through Web Services interfaces  Web Services interface or not, grid security mechanisms will be there

6. Reason 4: Certificates  Grid users already have certificates  Imagine having different username and password for all those 3000+ Web Services seen in Taverna  Web services are used by programs  It is easier for programs to use certificates than usernames and passwords

7. Reason 5: You want to concentrate on functionality!